Dobrý den, eset několikrát denně hlási vir
předem děkuji
---
Logfile of random's system information tool 1.09 (written by random/random)
Run by Staňouš at 2011-12-11 14:24:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (22%) free of 10 GB
Total RAM: 511 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:09, on 11.12.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
D:\Instalave od18.11.2011\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Cyberlink\Shared files\brs.exe
D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Staňouš\Plocha\RSIT.exe
C:\Program Files\trend micro\Staňouš.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={4F ... 110972B9A4}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={4F ... 110972B9A4}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Instalave od18.11.2011\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AudioDeck] C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [RemoteControl10] "D:\Instalave od18.11.2011\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [RemoteControl11] D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O17 - HKLM\System\CCS\Services\Tcpip\..\{B745FC88-D69F-476F-8D4D-93C6CA3F3A0B}: NameServer = 10.0.0.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: CLHNServiceForPowerDVD - Unknown owner - D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
O23 - Service: CyberLink PowerDVD 11.0 Monitor Service - CyberLink - D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
O23 - Service: CyberLink PowerDVD 11.0 Service - CyberLink - D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
--
End of file - 8727 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\WGASetup.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://www.etypestart.com/s/?src=addrba ... x86-SP3&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files\Mozilla Firefox\plugins\
nppdf32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Documents and Settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}
{EEE6C361-6118-11DC-9C72-001320C79847}
C:\Documents and Settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\searchplugins\
icqplugin.xml
SweetIM Search.xml
sweetim.xml
yahoo-zugo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2011-08-24 1299248]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - D:\Instalave od18.11.2011\Easy-WebPrint\Toolband.dll [2004-04-16 405504]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"AudioDeck"=C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2007-08-09 528384]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SweetIM"=C:\Program Files\SweetIM\Messenger\SweetIM.exe [2011-08-01 114992]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Easy-PrintToolBox"=C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-14 409600]
"RemoteControl10"=D:\Instalave od18.11.2011\PowerDVD10\PDVD10Serv.exe [2010-02-03 87336]
"BDRegion"=C:\Program Files\Cyberlink\Shared files\brs.exe [2010-03-13 75048]
"RemoteControl11"=D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe [2011-09-14 230696]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-10-07 1461080]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-09-12 17351304]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-12-23 143360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Documents and Settings\Staňouš\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\Stahování\staženo\SweetImSetup.exe"="D:\Stahování\staženo\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Documents and Settings\Staňouš\Local Settings\Temp\SweetIMReinstall\SweetImSetup.exe"="C:\Documents and Settings\Staňouš\Local Settings\Temp\SweetIMReinstall\SweetImSetup.exe:*:Enabled:SweetIM Installer"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe"="D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"
"D:\Instalave od18.11.2011\PowerDVD11\PowerDVD11.exe"="D:\Instalave od18.11.2011\PowerDVD11\PowerDVD11.exe:*:Enabled:CyberLink PowerDVD 11.0"
"D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe"="D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe:*:Enabled:CyberLink PowerDVD 11.0 RC Service"
"D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"="D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe:*:Enabled:CyberLink Media Server"
"C:\Program Files\TNod User & Password Finder\TNODUP.exe"="C:\Program Files\TNod User & Password Finder\TNODUP.exe:*:Enabled:TNod User & Password Finder"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"D:\Instalave od18.11.2011\Winamp\winamp.exe"="D:\Instalave od18.11.2011\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Disabled:Plugin Container for Firefox"
"D:\Instalave od18.11.2011\PowerDVD10\NavFilter\CLHelper.exe"="D:\Instalave od18.11.2011\PowerDVD10\NavFilter\CLHelper.exe:*:Enabled:CyberLink Player Helper"
"D:\Instalave od18.11.2011\4\ConvertXtoDvd.exe"="D:\Instalave od18.11.2011\4\ConvertXtoDvd.exe:*:Enabled:ConvertXToDVD transcoder"
"D:\Instalave od18.11.2011\PowerDVD10\PowerDVD Cox\PowerDVDCox10.exe"="D:\Instalave od18.11.2011\PowerDVD10\PowerDVD Cox\PowerDVDCox10.exe:*:Enabled:CyberLink PowerDVD Embedded Main Program"
"D:\Instalave od18.11.2011\Total KOmandr\totalcmd\TOTALCMD.EXE"="D:\Instalave od18.11.2011\Total KOmandr\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Documents and Settings\Staňouš\Local Settings\Temp\install_reader10_cz_mssa_aih.exe"="C:\Documents and Settings\Staňouš\Local Settings\Temp\install_reader10_cz_mssa_aih.exe:*:Enabled:Adobe Reader Installer"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:Windows® installer"
"C:\Program Files\McAfee Security Scan\2.0.181\mcuicnt.exe"="C:\Program Files\McAfee Security Scan\2.0.181\mcuicnt.exe:*:Disabled:McAfee HTML UI Container"
"C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe"="C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe:*:Enabled:Adobe Reader "
"D:\Instalave od18.11.2011\PowerDVD10\PowerDVD10.exe"="D:\Instalave od18.11.2011\PowerDVD10\PowerDVD10.exe:*:Enabled:PowerDVD 10.0"
"D:\Instalave od18.11.2011\StrongDC++\StrongDC.exe"="D:\Instalave od18.11.2011\StrongDC++\StrongDC.exe:*:Disabled:StrongDC++"
"C:\Documents and Settings\Staňouš\Plocha\RSIT.exe"="C:\Documents and Settings\Staňouš\Plocha\RSIT.exe:*:Enabled:RSIT"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe"="D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7"
"D:\Instalave od18.11.2011\PowerDVD11\PowerDVD11.exe"="D:\Instalave od18.11.2011\PowerDVD11\PowerDVD11.exe:*:Enabled:CyberLink PowerDVD 11.0"
"D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe"="D:\Instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe:*:Enabled:CyberLink PowerDVD 11.0 RC Service"
"D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe"="D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe:*:Enabled:CyberLink Media Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
======List of files/folders created in the last 1 month======
2011-12-11 14:24:12 ----D---- C:\Program Files\trend micro
2011-12-11 14:24:10 ----D---- C:\rsit
2011-12-07 00:00:16 ----D---- C:\Program Files\Common Files\Adobe
2011-12-07 00:00:16 ----D---- C:\Program Files\Adobe
2011-12-06 23:59:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-12-06 23:58:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-12-06 23:58:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee Security Scan
2011-12-06 23:58:50 ----D---- C:\Program Files\McAfee Security Scan
2011-12-01 13:04:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\vsosdk
2011-11-30 19:20:58 ----A---- C:\WINDOWS\system32\MRT.exe
2011-11-30 12:21:58 ----A---- C:\WINDOWS\NeroDigital.ini
2011-11-29 17:12:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-11-29 17:12:32 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-11-29 17:11:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-11-27 19:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-11-27 19:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-11-27 19:02:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-11-27 19:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-11-27 19:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-11-27 19:02:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-11-27 19:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-11-27 19:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-11-27 19:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-11-27 19:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-11-27 19:01:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-11-27 19:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2011-11-27 19:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-11-27 19:00:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-11-27 19:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-11-27 19:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-11-27 19:00:08 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-11-27 18:59:54 ----D---- C:\WINDOWS\system32\kb
2011-11-27 18:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-11-27 18:58:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-11-27 18:58:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-11-27 18:58:10 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-11-27 18:58:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-11-27 18:57:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-11-27 18:56:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-11-27 18:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-11-27 18:56:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-11-27 18:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-11-27 18:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-11-27 18:55:52 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-11-27 18:55:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-11-27 18:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-11-27 18:54:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-11-27 18:54:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-11-27 18:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-11-27 18:53:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-11-27 18:53:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-11-27 18:53:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-11-27 18:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-11-27 18:53:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-11-27 18:53:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-11-27 18:53:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-11-27 18:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-27 18:52:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-11-27 18:52:30 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-11-27 18:52:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-11-27 18:51:49 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-11-27 18:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-11-27 18:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-11-27 18:50:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-11-27 18:50:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-11-27 18:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-11-27 18:50:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-11-27 18:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-11-27 18:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-11-27 18:49:28 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-11-27 18:49:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-11-27 18:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-11-27 18:49:01 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-11-27 18:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-11-27 18:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-11-27 18:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-11-27 18:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-11-27 18:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-11-27 18:47:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-11-27 18:47:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-11-27 18:47:21 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-11-27 18:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-11-27 18:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-11-27 18:46:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-11-27 18:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-11-27 18:46:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-11-27 18:45:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-11-27 18:45:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-11-27 18:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-11-27 18:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-11-27 18:44:22 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2011-11-27 18:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-11-27 18:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-11-27 18:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-11-27 18:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-11-27 18:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-11-27 18:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-11-27 18:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-11-27 18:42:39 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-11-27 18:41:57 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-11-27 18:41:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-11-27 18:41:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2586448$
2011-11-27 18:41:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-11-27 18:40:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-11-27 18:40:05 ----D---- C:\WINDOWS\SxsCaPendDel
2011-11-27 18:39:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-11-27 18:39:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-11-27 18:39:22 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-11-27 18:39:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-11-27 18:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2011-11-27 18:39:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-11-27 18:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-11-27 18:38:05 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-11-27 18:38:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-11-27 18:37:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-11-27 18:37:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-11-27 18:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-11-27 18:37:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-11-27 18:37:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-11-25 09:31:32 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2011-11-25 08:47:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-11-24 19:55:15 ----SHD---- C:\WINDOWS\assembly
2011-11-24 19:24:17 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\DAEMON Tools Lite
2011-11-24 19:24:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-11-24 14:35:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2011-11-23 15:39:10 ----D---- C:\Program Files\Cyberlink
2011-11-23 15:38:59 ----D---- C:\Program Files\Common Files\CyberLink
2011-11-23 15:37:26 ----A---- C:\WINDOWS\system32\msxml3a.dll
2011-11-23 15:25:02 ----A---- C:\WINDOWS\system32\drivers\pcouffin.sys
2011-11-23 15:25:02 ----A---- C:\Documents and Settings\Staňouš\Data aplikací\pcouffin.sys
2011-11-23 15:25:02 ----A---- C:\Documents and Settings\Staňouš\Data aplikací\inst.exe
2011-11-23 15:23:16 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Vso
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\wvc1dmod.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\sipr3260.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\Pncrt.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\drv43260.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\drv33260.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\drv23260.dll
2011-11-23 15:22:51 ----A---- C:\WINDOWS\system32\cook3260.dll
2011-11-23 15:22:49 ----D---- C:\Program Files\VSO
2011-11-21 17:27:36 ----D---- C:\Program Files\ICQ6Toolbar
2011-11-21 17:27:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-11-21 17:27:13 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\ICQ
2011-11-21 17:13:28 ----A---- C:\WINDOWS\BJPSUNST.EXE
2011-11-21 17:12:30 ----A---- C:\WINDOWS\system32\msvcr71.dll
2011-11-21 17:12:30 ----A---- C:\WINDOWS\system32\msvcp71.dll
2011-11-21 17:12:29 ----A---- C:\WINDOWS\system32\MFC71.dll
2011-11-21 17:12:05 ----A---- C:\WINDOWS\OpPrintServer.INI
2011-11-21 17:10:34 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-11-21 17:08:05 ----A---- C:\WINDOWS\system32\CNMVS61.DLL
2011-11-21 17:08:01 ----A---- C:\WINDOWS\system32\CNMLM61.DLL
2011-11-21 17:07:28 ----RA---- C:\WINDOWS\system32\CNMCP61.exe
2011-11-21 17:06:59 ----HD---- C:\BJPrinter
2011-11-21 17:05:14 ----D---- C:\Program Files\Canon
2011-11-21 16:48:27 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Ahead
2011-11-21 16:44:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2011-11-21 16:12:13 ----D---- C:\WINDOWS\system32\appmgmt
2011-11-21 15:59:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\LightScribe
2011-11-21 15:49:45 ----D---- C:\Program Files\Common Files\LightScribe
2011-11-21 15:45:58 ----D---- C:\Program Files\Common Files\Ahead
2011-11-21 15:45:04 ----D---- C:\WINDOWS\RegisteredPackages
2011-11-21 15:41:52 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-11-21 15:41:51 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-11-20 20:03:37 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Skype
2011-11-20 20:03:24 ----RD---- C:\Program Files\Skype
2011-11-20 20:03:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-11-20 13:43:55 ----D---- C:\Program Files\SweetIM
2011-11-20 13:43:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\SweetIM
2011-11-20 11:25:37 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Media Player Classic
2011-11-20 10:22:22 ----A---- C:\WINDOWS\system32\unrar.dll
2011-11-20 10:22:13 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2011-11-20 10:22:13 ----A---- C:\WINDOWS\system32\xvidcore.dll
2011-11-20 10:22:12 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2011-11-19 01:01:50 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\eType
2011-11-18 23:08:07 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\CyberLink
2011-11-18 23:04:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDVD
2011-11-18 23:04:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2011-11-18 22:59:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Temp
2011-11-18 22:59:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\install_clap
2011-11-18 21:41:23 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-11-18 21:41:22 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-11-18 21:41:15 ----D---- C:\WINDOWS\Logs
2011-11-18 21:40:47 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Winamp
2011-11-18 20:06:58 ----A---- C:\WINDOWS\UC.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\RAR.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\PKZIP.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\LHA.PIF
2011-11-18 20:06:58 ----A---- C:\WINDOWS\ARJ.PIF
2011-11-18 19:22:51 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-11-18 18:18:52 ----A---- C:\WINDOWS\system32\muweb.dll
2011-11-18 18:18:52 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-11-18 18:06:55 ----A---- C:\WINDOWS\system32\drivers\viaagp1.sys
2011-11-18 18:06:38 ----A---- C:\WINDOWS\IsUninst.exe
2011-11-18 18:06:18 ----HD---- C:\Program Files\InstallShield Installation Information
2011-11-18 18:06:08 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-11-18 18:06:05 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-11-18 18:06:02 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-11-18 18:06:00 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-11-18 18:05:58 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-11-18 18:05:56 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-11-18 18:05:54 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-11-18 18:05:53 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-11-18 18:05:50 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-11-18 18:05:48 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-11-18 18:05:45 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-11-18 18:05:39 ----RA---- C:\WINDOWS\system32\drivers\vinyl97.sys
2011-11-18 18:05:38 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-11-18 18:05:38 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-11-18 18:05:37 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-11-18 18:05:21 ----N---- C:\WINDOWS\system32\difxapi.dll
2011-11-18 18:05:21 ----D---- C:\Program Files\VIA
2011-11-18 17:45:10 ----A---- C:\WINDOWS\system32\msonpmon.dll
2011-11-18 17:42:47 ----D---- C:\Program Files\Microsoft Works
2011-11-18 17:42:27 ----D---- C:\Program Files\MSBuild
2011-11-18 17:41:59 ----D---- C:\Program Files\Microsoft Visual Studio
2011-11-18 17:41:58 ----D---- C:\Program Files\Common Files\DESIGNER
2011-11-18 17:38:40 ----D---- C:\WINDOWS\system32\PreInstall
2011-11-18 17:38:38 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-11-18 17:38:38 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-18 17:38:20 ----D---- C:\WINDOWS\SHELLNEW
2011-11-18 17:38:07 ----D---- C:\Program Files\Microsoft Office
2011-11-18 17:38:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-11-18 17:37:28 ----RHD---- C:\MSOCache
2011-11-18 17:36:14 ----A---- C:\WINDOWS\system32\wups2.dll
2011-11-18 17:36:12 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-11-18 17:30:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Office Genuine Advantage
2011-11-18 17:30:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-11-18 17:27:53 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Macromedia
2011-11-18 17:27:53 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Adobe
2011-11-18 17:26:52 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\ESET
2011-11-18 17:25:41 ----D---- C:\Program Files\ESET
2011-11-18 17:23:13 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\vlc
2011-11-18 17:20:43 ----SHD---- C:\RECYCLER
2011-11-18 17:19:28 ----D---- C:\WINDOWS\nview
2011-11-18 17:19:28 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-11-18 17:19:18 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-11-18 17:19:16 ----D---- C:\Program Files\Common Files\InstallShield
2011-11-18 17:19:12 ----D---- C:\Program Files\NVIDIA
2011-11-18 17:18:08 ----D---- C:\WINDOWS\Prefetch
2011-11-18 17:15:45 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\WinRAR
2011-11-18 17:15:17 ----D---- C:\Program Files\WinRAR
2011-11-18 17:13:12 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Mozilla
2011-11-18 17:13:01 ----D---- C:\Program Files\Mozilla Firefox
2011-11-18 17:12:47 ----N---- C:\WINDOWS\system32\msxml6r.dll
2011-11-18 17:12:47 ----N---- C:\WINDOWS\system32\msxml6.dll
2011-11-18 17:12:36 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-11-18 17:12:36 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-11-18 17:12:36 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-11-18 17:12:36 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-11-18 17:12:33 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-11-18 17:12:33 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-11-18 17:12:33 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-11-18 17:12:33 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-11-18 17:12:33 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\credssp.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\azroles.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-11-18 17:12:32 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-11-18 17:12:31 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-11-18 17:12:30 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-11-18 17:12:29 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\napstat.exe
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mssha.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-11-18 17:12:28 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-11-18 17:12:27 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2011-11-18 17:12:27 ----N---- C:\WINDOWS\system32\onex.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\slserv.exe
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\slgen.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\setupn.exe
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\qutil.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-11-18 17:12:26 ----N---- C:\WINDOWS\system32\qagent.dll
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-11-18 17:12:24 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-11-18 17:12:23 ----N---- C:\WINDOWS\system32\wmphoto.dll
2011-11-18 17:12:23 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-11-18 17:12:22 ----N---- C:\WINDOWS\system32\xmllite.dll
2011-11-18 17:12:21 ----N---- C:\WINDOWS\slrundll.exe
2011-11-18 17:12:21 ----D---- C:\WINDOWS\system32\cs-cz
2011-11-18 17:12:20 ----D---- C:\WINDOWS\system32\cs
2011-11-18 17:12:20 ----D---- C:\WINDOWS\l2schemas
2011-11-18 17:12:19 ----D---- C:\WINDOWS\system32\bits
2011-11-18 17:11:37 ----D---- C:\Program Files\VideoLAN
2011-11-18 17:10:55 ----D---- C:\Program Files\CCleaner
2011-11-18 17:09:42 ----D---- C:\WINDOWS\ServicePackFiles
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-11-18 17:07:43 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-11-18 17:07:43 ----D---- C:\WINDOWS\network diagnostic
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-11-18 17:07:42 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-11-18 17:07:41 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-11-18 17:07:40 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-11-18 17:07:39 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-11-18 17:06:30 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-11-18 17:06:25 ----A---- C:\WINDOWS\002496_.tmp
2011-11-18 17:06:14 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-11-18 17:06:06 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-11-18 17:04:13 ----A---- C:\WINDOWS\system32\h323log.txt
2011-11-18 17:04:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-11-18 17:02:37 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-11-18 17:02:06 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-11-18 17:01:45 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-11-18 17:01:44 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-11-18 17:01:39 ----A---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-11-18 17:01:19 ----A---- C:\WINDOWS\system32\drivers\fetnd5.sys
2011-11-18 17:01:17 ----A---- C:\WINDOWS\system32\usbui.dll
2011-11-18 17:00:12 ----SHD---- C:\WINDOWS\Installer
2011-11-18 17:00:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-11-18 17:00:11 ----D---- C:\Program Files\Common Files\ODBC
2011-11-18 17:00:11 ----A---- C:\WINDOWS\ODBCINST.INI
2011-11-18 17:00:08 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-11-18 17:00:07 ----RD---- C:\Program Files
2011-11-18 17:00:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-11-18 17:00:07 ----D---- C:\Program Files\Common Files
2011-11-18 17:00:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-11-18 17:00:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-11-18 17:00:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-11-18 17:00:03 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-11-18 17:00:03 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-11-18 17:00:03 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-11-18 17:00:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-11-18 17:00:01 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-11-18 17:00:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-11-18 16:59:59 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-11-18 16:59:59 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-11-18 16:59:59 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-11-18 16:59:59 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-11-18 16:59:59 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-11-18 16:59:56 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-11-18 16:59:55 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-11-18 16:59:55 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-11-18 16:59:55 ----A---- C:\WINDOWS\system32\irclass.dll
2011-11-18 16:59:55 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-11-18 16:59:54 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-11-18 16:59:54 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-11-18 16:59:54 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-11-18 16:59:52 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-11-18 16:59:52 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-11-18 16:59:52 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-11-18 16:59:52 ----A---- C:\WINDOWS\system32\batt.dll
2011-11-18 16:59:51 ----A---- C:\WINDOWS\system32\storprop.dll
2011-11-18 16:59:51 ----A---- C:\WINDOWS\notepad.exe
2011-11-18 16:59:43 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-11-18 16:59:39 ----RA---- C:\WINDOWS\SET8.tmp
2011-11-18 16:59:37 ----RA---- C:\WINDOWS\SET4.tmp
2011-11-18 16:59:36 ----RA---- C:\WINDOWS\SET3.tmp
2011-11-18 16:59:30 ----D---- C:\WINDOWS\system32\CatRoot2
2011-11-18 16:59:30 ----D---- C:\WINDOWS\system32\CatRoot
2011-11-18 16:59:25 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-11-18 16:59:07 ----D---- C:\Documents and Settings
2011-11-18 16:59:06 ----SHD---- C:\System Volume Information
2011-11-18 16:59:06 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2011-11-18 16:58:23 ----SH---- C:\boot.ini
2011-11-18 16:55:32 ----D---- C:\Program Files\Lavalys
2011-11-18 16:52:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-18 16:52:54 ----RSD---- C:\WINDOWS\Fonts
2011-11-18 16:52:54 ----RD---- C:\WINDOWS\Web
2011-11-18 16:52:54 ----HD---- C:\WINDOWS\inf
2011-11-18 16:52:54 ----D---- C:\WINDOWS\WinSxS
2011-11-18 16:52:54 ----D---- C:\WINDOWS\twain_32
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Temp
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\wins
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\wbem
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\usmt
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\spool
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\ShellExt
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\Setup
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\ras
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\oobe
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\npp
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\mui
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\inetsrv
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\IME
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\icsxml
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\ias
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\export
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\drivers\etc
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\drivers
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\dhcp
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\config
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\3com_dmi
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\3076
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\2052
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1054
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1042
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1041
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1037
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1033
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1031
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1029
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1028
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32\1025
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system32
2011-11-18 16:52:54 ----D---- C:\WINDOWS\system
2011-11-18 16:52:54 ----D---- C:\WINDOWS\security
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Resources
2011-11-18 16:52:54 ----D---- C:\WINDOWS\repair
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Provisioning
2011-11-18 16:52:54 ----D---- C:\WINDOWS\pchealth
2011-11-18 16:52:54 ----D---- C:\WINDOWS\PeerNet
2011-11-18 16:52:54 ----D---- C:\WINDOWS\mui
2011-11-18 16:52:54 ----D---- C:\WINDOWS\msapps
2011-11-18 16:52:54 ----D---- C:\WINDOWS\msagent
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Media
2011-11-18 16:52:54 ----D---- C:\WINDOWS\java
2011-11-18 16:52:54 ----D---- C:\WINDOWS\ime
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Help
2011-11-18 16:52:54 ----D---- C:\WINDOWS\ehome
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Driver Cache
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Debug
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Cursors
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Connection Wizard
2011-11-18 16:52:54 ----D---- C:\WINDOWS\Config
2011-11-18 16:52:54 ----D---- C:\WINDOWS\AppPatch
2011-11-18 16:52:54 ----D---- C:\WINDOWS\addins
2011-11-18 16:52:54 ----D---- C:\WINDOWS
2011-11-18 16:52:54 ----ASHDC---- C:\WINDOWS\$NtUninstallKB31976$
2011-11-18 16:52:54 ----ASH---- C:\pagefile.sys
2011-11-18 16:31:47 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys
2011-11-18 16:25:14 ----D---- C:\Documents and Settings\Staňouš\Data aplikací\Identities
2011-11-18 16:25:13 ----HD---- C:\Program Files\Uninstall Information
2011-11-18 16:25:08 ----SD---- C:\Documents and Settings\Staňouš\Data aplikací\Microsoft
2011-11-18 16:25:08 ----ASH---- C:\Documents and Settings\Staňouš\Data aplikací\desktop.ini
2011-11-18 16:25:06 ----ASH---- C:\hiberfil.sys
2011-11-18 16:22:24 ----D---- C:\WINDOWS\SoftwareDistribution
2011-11-18 16:21:16 ----SD---- C:\WINDOWS\system32\Microsoft
2011-11-18 16:21:16 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-11-18 16:18:05 ----AS---- C:\WINDOWS\bootstat.dat
2011-11-18 16:15:43 ----D---- C:\WINDOWS\system32\xircom
2011-11-18 16:15:43 ----D---- C:\Program Files\xerox
2011-11-18 16:15:43 ----D---- C:\Program Files\microsoft frontpage
2011-11-18 16:15:22 ----RASH---- C:\MSDOS.SYS
2011-11-18 16:15:22 ----RASH---- C:\IO.SYS
2011-11-18 16:15:22 ----A---- C:\WINDOWS\control.ini
2011-11-18 16:15:22 ----A---- C:\CONFIG.SYS
2011-11-18 16:15:22 ----A---- C:\AUTOEXEC.BAT
2011-11-18 16:15:03 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-11-18 16:14:08 ----RD---- C:\WINDOWS\Offline Web Pages
2011-11-18 16:14:07 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-11-18 16:13:57 ----HD---- C:\Program Files\WindowsUpdate
2011-11-18 16:13:53 ----D---- C:\Program Files\Online Services
2011-11-18 16:13:38 ----D---- C:\WINDOWS\system32\DirectX
2011-11-18 16:13:23 ----A---- C:\WINDOWS\system32\atrace.dll
2011-11-18 16:13:21 ----A---- C:\WINDOWS\system32\desktop.ini
2011-11-18 16:13:21 ----A---- C:\WINDOWS\desktop.ini
2011-11-18 16:13:16 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-11-18 16:13:15 ----A---- C:\WINDOWS\system32\acctres.dll
2011-11-18 16:13:14 ----D---- C:\Program Files\Common Files\Services
2011-11-18 16:13:12 ----SD---- C:\WINDOWS\Tasks
2011-11-18 16:13:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-11-18 16:13:11 ----D---- C:\Program Files\Common Files\MSSoap
2011-11-18 16:12:55 ----D---- C:\WINDOWS\system32\Macromed
2011-11-18 16:12:55 ----D---- C:\WINDOWS\srchasst
2011-11-18 16:12:53 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wups.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-11-18 16:12:52 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-11-18 16:12:51 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-11-18 16:12:49 ----D---- C:\Program Files\Movie Maker
2011-11-18 16:12:46 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-11-18 16:12:46 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-11-18 16:12:46 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-11-18 16:12:46 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-11-18 16:12:44 ----A---- C:\WINDOWS\system32\fltmc.exe
2011-11-18 16:12:44 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-11-18 16:12:44 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2011-11-18 16:12:43 ----D---- C:\WINDOWS\system32\Restore
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\srclient.dll
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\ils.dll
2011-11-18 16:12:43 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-11-18 16:12:42 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-11-18 16:12:42 ----A---- C:\WINDOWS\system32\msconf.dll
2011-11-18 16:12:42 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-11-18 16:12:42 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-11-18 16:12:40 ----D---- C:\Program Files\NetMeeting
2011-11-18 16:12:40 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-11-18 16:12:40 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-11-18 16:12:40 ----A---- C:\WINDOWS\system32\inetres.dll
2011-11-18 16:12:39 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-11-18 16:12:38 ----D---- C:\Program Files\Outlook Express
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\mstask.dll
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\isign32.dll
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-11-18 16:12:38 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-11-18 16:12:33 ----D---- C:\Program Files\Common Files\System
2011-11-18 16:12:30 ----D---- C:\Program Files\Internet Explorer
2011-11-18 16:11:30 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-11-18 16:11:22 ----D---- C:\Program Files\ComPlus Applications
2011-11-18 16:11:20 ----A---- C:\WINDOWS\vbaddin.ini
2011-11-18 16:11:20 ----A---- C:\WINDOWS\vb.ini
2011-11-18 16:11:15 ----D---- C:\WINDOWS\Registration
2011-11-18 16:11:08 ----D---- C:\Program Files\Windows Media Player
2011-11-18 16:11:03 ----D---- C:\Program Files\Messenger
2011-11-18 16:11:00 ----D---- C:\Program Files\MSN Gaming Zone
2011-11-18 16:11:00 ----A---- C:\WINDOWS\system32\write.exe
2011-11-18 16:10:53 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-11-18 16:10:52 ----A---- C:\WINDOWS\system32\winchat.exe
2011-11-18 16:10:52 ----A---- C:\WINDOWS\system32\hticons.dll
2011-11-18 16:10:52 ----A---- C:\WINDOWS\system32\avwav.dll
2011-11-18 16:10:52 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-11-18 16:10:52 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-11-18 16:10:47 ----A---- C:\WINDOWS\system32\getuname.dll
2011-11-18 16:10:46 ----A---- C:\WINDOWS\system32\winmine.exe
2011-11-18 16:10:46 ----A---- C:\WINDOWS\system32\sol.exe
2011-11-18 16:10:46 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-11-18 16:10:46 ----A---- C:\WINDOWS\system32\charmap.exe
2011-11-18 16:10:46 ----A---- C:\WINDOWS\system32\calc.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\tskill.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\tscon.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\shadow.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\reset.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\regini.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\msg.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\logoff.exe
2011-11-18 16:10:45 ----A---- C:\WINDOWS\system32\freecell.exe
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-11-18 16:10:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-11-18 16:10:43 ----A---- C:\WINDOWS\system32\stclient.dll
2011-11-18 16:10:43 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-11-18 16:10:43 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-11-18 16:10:39 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-11-18 16:10:26 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-11-18 16:10:26 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-11-18 16:10:26 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-11-18 16:10:25 ----D---- C:\Program Files\Windows NT
2011-11-18 16:10:25 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-11-18 16:10:25 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-11-18 16:08:27 ----A---- C:\WINDOWS\system32\spider.exe
2011-11-18 16:08:27 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-11-18 16:08:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-11-18 16:08:26 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-11-18 16:08:25 ----D---- C:\WINDOWS\system32\MsDtc
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-11-18 16:08:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-11-18 16:08:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-11-18 16:08:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-11-18 16:08:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-11-18 16:08:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-11-18 16:08:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-11-18 16:08:23 ----D---- C:\WINDOWS\system32\Com
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\comuid.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\colbact.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-11-18 16:08:23 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-11-18 16:08:18 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-11-18 16:08:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-11-18 16:08:18 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-11-18 16:08:17 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-11-18 16:05:17 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-11-18 16:05:17 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
======List of files/folders modified in the last 1 month======
2011-11-19 18:48:13 ----A---- C:\WINDOWS\win.ini
2011-11-18 17:00:06 ----A---- C:\WINDOWS\system.ini
2011-11-18 16:14:51 ----ASH---- C:\WINDOWS\fonts\desktop.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-10-07 35168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/23 15:39:09]; \??\D:\Instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl []
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 ntk_PowerDVD;ntk_PowerDVD; \??\D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys []
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2011-11-23 47360]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2007-06-27 207488]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/24 12:02:38]; \??\D:\Instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD; D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-09-14 77824]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service; D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-09-27 69632]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service; D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [2011-09-27 286720]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-10-07 472280]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159744]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-10-07 20680]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu logu
Zdravim a pekny den preji 
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit
Predpokladam, ze ten NOD32 mate legalni = zakoupena licence 
Kde ESET hlasi havet
Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit Predpokladam, ze ten NOD32 mate legalni = zakoupena licence Kde ESET hlasi havet "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
nod32 je trial verze
tady log z nod32
11.12.2011 18:22:34 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 17:05:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP68\A0016673.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11.12.2011 17:04:20 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP68\A0016674.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11.12.2011 9:51:52 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 8:13:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
11.12.2011 8:12:51 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
11.12.2011 8:12:31 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 8:11:27 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys a variant of Win32/Patched.NBE trojan unable to clean
11.12.2011 8:10:30 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
11.12.2011 8:10:19 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
10.12.2011 21:32:45 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016636.sys a variant of Win32/Patched.NBE trojan NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 21:32:14 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016637.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 20:11:00 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016616.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 20:10:59 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016615.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 19:11:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016597.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 19:09:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016598.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 18:18:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016570.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 17:38:39 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016571.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 14:09:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016500.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 14:05:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016501.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 13:07:19 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
10.12.2011 11:36:31 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016482.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 11:31:41 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016483.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 11:10:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016464.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 10:28:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016465.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 9:21:09 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 22:57:32 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 18:30:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016446.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 18:14:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016447.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 17:18:58 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016412.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 17:14:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016413.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 15:15:08 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
9.12.2011 15:14:32 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
9.12.2011 15:13:18 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys a variant of Win32/Patched.NBE trojan unable to clean
9.12.2011 15:12:39 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 15:10:33 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
9.12.2011 15:10:26 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
8.12.2011 12:20:43 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 11:51:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 10:00:29 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 9:58:05 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
8.12.2011 9:58:03 Startup scanner file Operating memory » winlogon.exe(696) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
8.12.2011 8:39:13 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
8.12.2011 8:04:54 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 19:43:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
7.12.2011 19:43:11 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
7.12.2011 17:48:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016301.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 17:45:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016302.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:52:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016287.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:51:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016288.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:26:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016270.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:25:05 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016271.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:47:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016250.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:47:20 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016233.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:44:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016251.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:07:34 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016234.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 13:17:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016216.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 13:00:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016217.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 12:41:35 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016198.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 12:32:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016199.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 9:43:27 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
7.12.2011 9:41:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
7.12.2011 9:41:11 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
6.12.2011 23:40:15 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016181.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 23:28:46 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016182.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 21:27:54 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 20:31:02 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
6.12.2011 18:59:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
6.12.2011 18:54:59 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
6.12.2011 18:54:56 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
6.12.2011 16:34:34 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 15:54:50 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 13:20:41 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 12:02:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016160.sys a variant of Win32/Patched.NBE trojan NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 11:58:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016161.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 11:45:43 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 6:36:45 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 6:34:29 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
6.12.2011 6:34:26 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
5.12.2011 20:55:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016142.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 20:43:38 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016143.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 19:53:32 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016123.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 19:49:17 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016124.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 18:42:46 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
5.12.2011 18:41:23 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
5.12.2011 18:41:20 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
5.12.2011 17:06:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
5.12.2011 14:03:41 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
5.12.2011 12:31:57 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016019.sys a variant of Win32/Patched.NBE trojan deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 8:04:12 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016020.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 6:23:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\plugin-container.exe.
5.12.2011 6:19:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
5.12.2011 6:19:11 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
4.12.2011 20:09:48 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016002.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 20:09:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016003.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 18:25:58 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0015985.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 18:13:02 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0015986.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 16:12:08 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
4.12.2011 16:10:54 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
4.12.2011 16:10:51 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
4.12.2011 14:42:15 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
4.12.2011 13:40:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
4.12.2011 8:14:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015897.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 8:14:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015883.sys a variant of Win32/Patched.NBE trojan deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 7:21:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015898.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 6:57:40 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015884.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 6:21:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:45:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015864.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:32:42 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015865.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:00:56 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe.
3.12.2011 22:58:58 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
3.12.2011 22:58:52 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
3.12.2011 16:51:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015847.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 16:25:52 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015848.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 14:24:56 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
3.12.2011 12:04:28 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
3.12.2011 12:03:55 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
3.12.2011 12:03:37 Startup scanner file Operating memory » winlogon.exe(700) probably a variant of Win32/Kryptik.JDI trojan unable to clean
2.12.2011 21:33:46 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:59:45 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:10:52 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:08:45 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
2.12.2011 20:08:36 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
2.12.2011 18:31:26 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 16:46:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 13:16:21 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 10:29:40 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
2.12.2011 10:29:37 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
2.12.2011 5:01:10 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\svchost.exe.
2.12.2011 1:01:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 22:01:42 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 20:46:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 20:01:12 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 18:31:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 15:35:25 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 10:05:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\svchost.exe.
1.12.2011 8:50:25 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 2:50:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Skype\Phone\Skype.exe.
1.12.2011 2:05:12 Real-time file system protection file C:\WINDOWS\system32\drivers\ipsec.sys Win32/Sirefef.DQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Program Files\Skype\Phone\Skype.exe.
1.12.2011 1:00:20 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
30.11.2011 23:14:07 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 20:33:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:23:11 Real-time file system protection file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\MRT.exe.
30.11.2011 19:18:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:18:06 Real-time file system protection file C:\WINDOWS\system32\KB905474\wgasetup.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:15:50 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
30.11.2011 19:15:44 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
30.11.2011 19:13:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
30.11.2011 19:13:12 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
30.11.2011 19:11:43 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
29.11.2011 21:39:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014344.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 20:18:15 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014343.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 18:53:05 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014245.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 18:32:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:50:30 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014244.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 17:32:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:12:57 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
29.11.2011 17:12:28 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
29.11.2011 17:11:46 Real-time file system protection file C:\WINDOWS\SoftwareDistribution\Download\b25ef7557108e78d3a4c9a42381f7bf1\update\update.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\SoftwareDistribution\Download\b25ef7557108e78d3a4c9a42381f7bf1\update\update.exe.
29.11.2011 17:11:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:10:23 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
29.11.2011 17:09:38 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
29.11.2011 17:09:30 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
29.11.2011 0:40:46 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013258.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 23:40:53 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013257.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 23:40:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 22:41:59 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013239.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 21:41:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013238.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 20:40:45 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013213.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 20:40:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\wuauclt.exe.
28.11.2011 20:26:40 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013212.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 17:39:55 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013140.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 17:25:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 17:19:30 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
28.11.2011 17:19:25 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
28.11.2011 17:08:17 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
28.11.2011 16:26:07 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013139.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 15:40:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 15:38:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
28.11.2011 15:37:57 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
27.11.2011 22:09:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013137.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 21:11:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013133.new Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 20:32:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013119.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 20:32:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013102.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 19:22:39 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013101.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 19:07:59 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 18:34:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 18:19:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 14:19:36 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
27.11.2011 14:19:34 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
27.11.2011 14:19:01 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
27.11.2011 13:46:10 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013089.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 12:44:52 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013088.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 11:19:07 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 11:17:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
27.11.2011 11:16:56 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
26.11.2011 23:32:19 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
26.11.2011 23:11:31 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012744.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 22:09:26 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012681.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 21:14:49 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012680.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 20:38:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012676.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 19:51:27 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 19:08:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 18:40:40 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 18:34:40 Real-time file system protection file C:\RECYCLER\S-1-5-21-1220945662-115176313-682003330-1003\Dc65.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: D:\Instalave od18.11.2011\Total KOmandr\totalcmd\TOTALCMD.EXE.
26.11.2011 17:42:42 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0012602.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 17:03:53 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0011603.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 15:41:29 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0011602.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 15:23:22 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 10:51:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 10:50:23 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
26.11.2011 10:50:21 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
26.11.2011 10:49:23 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
26.11.2011 8:52:14 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe.
26.11.2011 8:49:50 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
26.11.2011 8:49:47 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
25.11.2011 20:18:37 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011315.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 16:28:02 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011314.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 15:02:34 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011313.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 13:50:25 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP44\A0011529.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 13:03:02 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP44\A0011528.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 11:49:19 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011322.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 10:49:19 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011321.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 9:49:29 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
25.11.2011 9:49:23 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
25.11.2011 9:48:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011320.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 9:46:42 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
tady log z nod32
11.12.2011 18:22:34 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 17:05:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP68\A0016673.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11.12.2011 17:04:20 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP68\A0016674.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
11.12.2011 9:51:52 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 8:13:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
11.12.2011 8:12:51 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
11.12.2011 8:12:31 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
11.12.2011 8:11:27 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys a variant of Win32/Patched.NBE trojan unable to clean
11.12.2011 8:10:30 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
11.12.2011 8:10:19 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
10.12.2011 21:32:45 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016636.sys a variant of Win32/Patched.NBE trojan NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 21:32:14 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016637.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 20:11:00 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016616.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 20:10:59 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016615.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 19:11:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016597.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 19:09:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP67\A0016598.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 18:18:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016570.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 17:38:39 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016571.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 14:09:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016500.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 14:05:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016501.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 13:07:19 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
10.12.2011 11:36:31 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016482.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 11:31:41 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016483.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 11:10:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016464.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 10:28:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016465.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
10.12.2011 9:21:09 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 22:57:32 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 18:30:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016446.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 18:14:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016447.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 17:18:58 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016412.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 17:14:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP66\A0016413.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
9.12.2011 15:15:08 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
9.12.2011 15:14:32 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
9.12.2011 15:13:18 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys a variant of Win32/Patched.NBE trojan unable to clean
9.12.2011 15:12:39 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
9.12.2011 15:10:33 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
9.12.2011 15:10:26 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
8.12.2011 12:20:43 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 11:51:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 10:00:29 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
8.12.2011 9:58:05 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
8.12.2011 9:58:03 Startup scanner file Operating memory » winlogon.exe(696) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
8.12.2011 8:39:13 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
8.12.2011 8:04:54 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 19:43:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
7.12.2011 19:43:11 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
7.12.2011 17:48:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016301.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 17:45:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016302.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:52:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016287.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:51:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016288.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:26:36 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016270.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 16:25:05 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016271.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:47:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016250.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:47:20 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016233.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:44:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016251.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 14:07:34 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016234.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 13:17:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016216.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 13:00:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016217.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 12:41:35 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016198.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 12:32:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016199.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
7.12.2011 9:43:27 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
7.12.2011 9:41:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
7.12.2011 9:41:11 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean STANOUS\Staňouš
6.12.2011 23:40:15 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016181.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 23:28:46 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP63\A0016182.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 21:27:54 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 20:31:02 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
6.12.2011 18:59:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
6.12.2011 18:54:59 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
6.12.2011 18:54:56 Startup scanner file Operating memory » winlogon.exe(692) a variant of Win32/Sirefef.DV trojan unable to clean
6.12.2011 16:34:34 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 15:54:50 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 13:20:41 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 12:02:23 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016160.sys a variant of Win32/Patched.NBE trojan NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 11:58:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016161.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 11:45:43 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
6.12.2011 6:36:45 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
6.12.2011 6:34:29 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
6.12.2011 6:34:26 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
5.12.2011 20:55:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016142.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 20:43:38 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016143.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 19:53:32 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016123.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 19:49:17 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP62\A0016124.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 18:42:46 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
5.12.2011 18:41:23 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
5.12.2011 18:41:20 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
5.12.2011 17:06:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
5.12.2011 14:03:41 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
5.12.2011 12:31:57 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016019.sys a variant of Win32/Patched.NBE trojan deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 8:04:12 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016020.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
5.12.2011 6:23:35 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\plugin-container.exe.
5.12.2011 6:19:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
5.12.2011 6:19:11 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
4.12.2011 20:09:48 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016002.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 20:09:13 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0016003.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 18:25:58 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0015985.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 18:13:02 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP61\A0015986.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 16:12:08 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
4.12.2011 16:10:54 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
4.12.2011 16:10:51 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
4.12.2011 14:42:15 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
4.12.2011 13:40:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
4.12.2011 8:14:54 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015897.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 8:14:51 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015883.sys a variant of Win32/Patched.NBE trojan deleted NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 7:21:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015898.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 6:57:40 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015884.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
4.12.2011 6:21:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:45:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015864.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:32:42 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015865.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 23:00:56 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\ICQ7.7\ICQ.exe.
3.12.2011 22:58:58 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
3.12.2011 22:58:52 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
3.12.2011 16:51:22 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015847.sys a variant of Win32/Patched.NBE trojan deleted - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 16:25:52 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP60\A0015848.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
3.12.2011 14:24:56 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
3.12.2011 12:04:28 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
3.12.2011 12:03:55 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
3.12.2011 12:03:37 Startup scanner file Operating memory » winlogon.exe(700) probably a variant of Win32/Kryptik.JDI trojan unable to clean
2.12.2011 21:33:46 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:59:45 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:10:52 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 20:08:45 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
2.12.2011 20:08:36 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
2.12.2011 18:31:26 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 16:46:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 13:16:21 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
2.12.2011 10:29:40 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
2.12.2011 10:29:37 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
2.12.2011 5:01:10 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\svchost.exe.
2.12.2011 1:01:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 22:01:42 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 20:46:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 20:01:12 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 18:31:11 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 15:35:25 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 10:05:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\svchost.exe.
1.12.2011 8:50:25 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
1.12.2011 2:50:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Skype\Phone\Skype.exe.
1.12.2011 2:05:12 Real-time file system protection file C:\WINDOWS\system32\drivers\ipsec.sys Win32/Sirefef.DQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\Program Files\Skype\Phone\Skype.exe.
1.12.2011 1:00:20 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
30.11.2011 23:14:07 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 20:33:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:23:11 Real-time file system protection file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\system32\MRT.exe.
30.11.2011 19:18:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:18:06 Real-time file system protection file C:\WINDOWS\system32\KB905474\wgasetup.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
30.11.2011 19:15:50 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
30.11.2011 19:15:44 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
30.11.2011 19:13:16 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
30.11.2011 19:13:12 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
30.11.2011 19:11:43 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
29.11.2011 21:39:09 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014344.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 20:18:15 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014343.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 18:53:05 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014245.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 18:32:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:50:30 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP52\A0014244.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
29.11.2011 17:32:00 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:12:57 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
29.11.2011 17:12:28 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
29.11.2011 17:11:46 Real-time file system protection file C:\WINDOWS\SoftwareDistribution\Download\b25ef7557108e78d3a4c9a42381f7bf1\update\update.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\SoftwareDistribution\Download\b25ef7557108e78d3a4c9a42381f7bf1\update\update.exe.
29.11.2011 17:11:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
29.11.2011 17:10:23 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
29.11.2011 17:09:38 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
29.11.2011 17:09:30 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
29.11.2011 0:40:46 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013258.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 23:40:53 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013257.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 23:40:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 22:41:59 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013239.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 21:41:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013238.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 20:40:45 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013213.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 20:40:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\WINDOWS\system32\wuauclt.exe.
28.11.2011 20:26:40 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013212.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 17:39:55 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013140.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 17:25:04 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 17:19:30 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
28.11.2011 17:19:25 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean
28.11.2011 17:08:17 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
28.11.2011 16:26:07 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013139.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
28.11.2011 15:40:06 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
28.11.2011 15:38:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
28.11.2011 15:37:57 Startup scanner file Operating memory » winlogon.exe(696) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
27.11.2011 22:09:50 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013137.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 21:11:44 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013133.new Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 20:32:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP51\A0013119.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 20:32:11 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013102.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 19:22:39 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013101.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 19:07:59 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 18:34:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 18:19:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 14:19:36 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
27.11.2011 14:19:34 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
27.11.2011 14:19:01 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
27.11.2011 13:46:10 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013089.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 12:44:52 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP50\A0013088.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
27.11.2011 11:19:07 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
27.11.2011 11:17:01 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
27.11.2011 11:16:56 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
26.11.2011 23:32:19 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Mozilla Firefox\firefox.exe.
26.11.2011 23:11:31 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012744.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 22:09:26 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012681.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 21:14:49 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012680.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 20:38:56 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP49\A0012676.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 19:51:27 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 19:08:44 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 18:40:40 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 18:34:40 Real-time file system protection file C:\RECYCLER\S-1-5-21-1220945662-115176313-682003330-1003\Dc65.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: D:\Instalave od18.11.2011\Total KOmandr\totalcmd\TOTALCMD.EXE.
26.11.2011 17:42:42 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0012602.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 17:03:53 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0011603.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 15:41:29 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP48\A0011602.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
26.11.2011 15:23:22 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 10:51:23 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: D:\Instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe.
26.11.2011 10:50:23 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
26.11.2011 10:50:21 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
26.11.2011 10:49:23 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
26.11.2011 8:52:14 Real-time file system protection file C:\WINDOWS\system32\wuauclt.exe Win32/Patched.HN trojan cleaned - quarantined NT AUTHORITY\SYSTEM Event occurred on a new file created by the application: C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe.
26.11.2011 8:49:50 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart) STANOUS\Staňouš
26.11.2011 8:49:47 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean STANOUS\Staňouš
25.11.2011 20:18:37 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011315.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 16:28:02 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011314.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 15:02:34 Real-time file system protection file D:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011313.exe a variant of Win32/Keygen.BT application cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 13:50:25 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP44\A0011529.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 13:03:02 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP44\A0011528.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 11:49:19 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011322.sys Win32/Sirefef.DQ trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred during an attempt to access the file by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 10:49:19 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011321.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 9:49:29 Startup scanner file Operating memory » C:\WINDOWS\assembly\GAC_MSIL\Desktop.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting (after the next restart)
25.11.2011 9:49:23 Startup scanner file Operating memory » winlogon.exe(692) probably a variant of Win32/Kryptik.JDI trojan unable to clean
25.11.2011 9:48:18 Real-time file system protection file C:\System Volume Information\_restore{ABB15D23-1038-4AD9-AFDC-9BC629570AF5}\RP42\A0011320.ini a variant of Win32/Sirefef.CH trojan cleaned by deleting - quarantined NT AUTHORITY\SYSTEM Event occurred on a file modified by the application: C:\WINDOWS\System32\svchost.exe.
25.11.2011 9:46:42 Startup scanner file C:\WINDOWS\system32\DRIVERS\ipsec.sys Win32/Sirefef.DQ trojan unable to clean
Re: prosím o kontrolu logu
a tady je info.txt
info.txt logfile of random's system information tool 1.09 2011-12-11 14:25:14
======Uninstall list======
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->D:\Instalave od18.11.2011\Nero 7\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2586448)-->"C:\WINDOWS\$NtUninstallKB2586448$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0405.dll"
Canon Utilities Easy-PhotoPrint-->D:\Instalave od18.11.2011\Easy-PhotoPrint\uninst.exe D:\Instalave od18.11.2011\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"D:\Instalave od18.11.2011\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD4-->"D:\Instalave od18.11.2011\4\unins000.exe"
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 11-->"C:\Program Files\InstallShield Installation Information\{F232C87C-6E92-4775-8210-DFE90B7777D9}\setup.exe" /z-uninstall
CyberLink PowerDVD 11-->"C:\Program Files\InstallShield Installation Information\{F232C87C-6E92-4775-8210-DFE90B7777D9}\setup.exe" /z-uninstall
DVD Shrink 3.2-->"D:\Instalave od18.11.2011\DVD Shrink\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"D:\Instalave od18.11.2011\Easy-WebPrint\Uninst.isu"
ESET NOD32 Antivirus-->MsiExec.exe /I{C10D6AB8-05BB-422D-AAE3-36D6E0381487}
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
ICQ7.7-->"C:\Program Files\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
K-Lite Mega Codec Pack 7.9.0-->"D:\Instalave od18.11.2011\K-Lite Codec Pack\unins000.exe"
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 8.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641029}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553074)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5729F1AE-5895-468F-9165-BAD161C9E982}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2553073)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {65EA4836-B5A3-4C1D-8883-0C35E471003A}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SweetIM for Messenger 3.6-->MsiExec.exe /X{A81A974F-8A22-43E6-9243-5198FF758DA1}
SweetIM Toolbar for Internet Explorer 4.2-->MsiExec.exe /X{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Total Commander (Remove or Repair)-->D:\Instalave od18.11.2011\Total KOmandr\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Update for Outlook 2007 Junk Email Filter (KB2596560)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2964DDE1-4925-4DF1-AF2C-0A36B3442228}
VIA Platforma Ovladače zařízení-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"D:\Instalave od18.11.2011\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: STANOUS
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Zastaveno
Record Number: 3818
Source Name: Service Control Manager
Time Written: 20111203231529.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.
Record Number: 3817
Source Name: Service Control Manager
Time Written: 20111203231529.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: STANOUS
Event Code: 64001
Message: Došlo k pokusu o nahrazení chráněného systémového souboru c:\windows\system32\wuauclt.exe.
Z důvodu zachování stability systému byl soubor obnoven na původní verzi.
Verze nesprávného souboru je 7.4.7600.226, verze systémového souboru je 7.4.7600.226.
Record Number: 3816
Source Name: Windows File Protection
Time Written: 20111203230103.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 3815
Source Name: Tcpip
Time Written: 20111203230046.000000+060
Event Type: Upozornění
User:
Computer Name: STANOUS
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno
Record Number: 3814
Source Name: Service Control Manager
Time Written: 20111203225834.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 433
Source Name: Application Error
Time Written: 20111126194215.000000+060
Event Type: Chyba
User:
Computer Name: STANOUS
Event Code: 4097
Message: Aplikace C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe vygenerovala aplikační chybu.
K chybě došlo dne 26. 11. 2011 v 19:42:14,734
Vygenerovaná výjimka: c0000005 na adrese 004698F8 (NMIndexStoreSvr)
Record Number: 432
Source Name: DrWatson
Time Written: 20111126194214.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 431
Source Name: Application Error
Time Written: 20111126194212.000000+060
Event Type: Chyba
User:
Computer Name: STANOUS
Event Code: 4097
Message: Aplikace C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe vygenerovala aplikační chybu.
K chybě došlo dne 26. 11. 2011 v 19:42:10,953
Vygenerovaná výjimka: c0000005 na adrese 004698F8 (NMIndexStoreSvr)
Record Number: 430
Source Name: DrWatson
Time Written: 20111126194211.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 429
Source Name: Application Error
Time Written: 20111126194200.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.09 2011-12-11 14:25:14
======Uninstall list======
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->D:\Instalave od18.11.2011\Nero 7\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11e_Plugin.exe -maintain plugin
Adobe Reader X (10.1.1) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AA1000000001}
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2586448)-->"C:\WINDOWS\$NtUninstallKB2586448$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE}
Canon PIXMA iP3000-->C:\WINDOWS\system32\CNMCP61.exe "-PRINTERNAMECanon PIXMA iP3000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP3000 Installer\Inst2\cnmi0405.dll"
Canon Utilities Easy-PhotoPrint-->D:\Instalave od18.11.2011\Easy-PhotoPrint\uninst.exe D:\Instalave od18.11.2011\Easy-PhotoPrint\uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CD-LabelPrint-->"D:\Instalave od18.11.2011\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application
ConvertXtoDVD4-->"D:\Instalave od18.11.2011\4\unins000.exe"
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 10-->"C:\Program Files\InstallShield Installation Information\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe" /z-uninstall
CyberLink PowerDVD 11-->"C:\Program Files\InstallShield Installation Information\{F232C87C-6E92-4775-8210-DFE90B7777D9}\setup.exe" /z-uninstall
CyberLink PowerDVD 11-->"C:\Program Files\InstallShield Installation Information\{F232C87C-6E92-4775-8210-DFE90B7777D9}\setup.exe" /z-uninstall
DVD Shrink 3.2-->"D:\Instalave od18.11.2011\DVD Shrink\unins000.exe"
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"D:\Instalave od18.11.2011\Easy-WebPrint\Uninst.isu"
ESET NOD32 Antivirus-->MsiExec.exe /I{C10D6AB8-05BB-422D-AAE3-36D6E0381487}
EVEREST Ultimate Edition v5.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
ICQ7.7-->"C:\Program Files\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
K-Lite Mega Codec Pack 7.9.0-->"D:\Instalave od18.11.2011\K-Lite Codec Pack\unins000.exe"
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mozilla Firefox 8.0 (x86 cs)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Essentials-->MsiExec.exe /X{B28B351F-1232-46EA-85EF-B8EA91641029}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2553074)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5729F1AE-5895-468F-9165-BAD161C9E982}
Security Update for 2007 Microsoft Office System (KB2553089)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
Security Update for 2007 Microsoft Office System (KB2553090)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {643C12A2-AF9A-4712-B8BE-3B7650AFE00A}
Security Update for 2007 Microsoft Office System (KB2584063)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2553073)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {65EA4836-B5A3-4C1D-8883-0C35E471003A}
Security Update for Microsoft Office Groove 2007 (KB2552997)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A1CBF7D-4704-40BC-B31C-AA761884A3E4}
Security Update for Microsoft Office InfoPath 2007 (KB2510061)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5D930261-AA5B-48D1-931F-425C9D767490}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Skype™ 5.5-->MsiExec.exe /X{AA59DDE4-B672-4621-A016-4C248204957A}
SweetIM for Messenger 3.6-->MsiExec.exe /X{A81A974F-8A22-43E6-9243-5198FF758DA1}
SweetIM Toolbar for Internet Explorer 4.2-->MsiExec.exe /X{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}
Total Commander (Remove or Repair)-->D:\Instalave od18.11.2011\Total KOmandr\totalcmd\tcuninst.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 System (KB2539530)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2583910)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
Update for Outlook 2007 Junk Email Filter (KB2596560)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2964DDE1-4925-4DF1-AF2C-0A36B3442228}
VIA Platforma Ovladače zařízení-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{20D4A895-748C-4D88-871C-FDB1695B0169}
VLC media player 1.1.11-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp-->"D:\Instalave od18.11.2011\Winamp\UninstWA.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
======Security center information======
AV: ESET NOD32 Antivirus 3.0
======System event log======
Computer Name: STANOUS
Event Code: 7036
Message: Stav služby Sledování umístění v síti (NLA) byl změněn na: Zastaveno
Record Number: 3818
Source Name: Service Control Manager
Time Written: 20111203231529.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Sledování umístění v síti (NLA) úspěšně odeslán.
Record Number: 3817
Source Name: Service Control Manager
Time Written: 20111203231529.000000+060
Event Type: Informace
User: NT AUTHORITY\SYSTEM
Computer Name: STANOUS
Event Code: 64001
Message: Došlo k pokusu o nahrazení chráněného systémového souboru c:\windows\system32\wuauclt.exe.
Z důvodu zachování stability systému byl soubor obnoven na původní verzi.
Verze nesprávného souboru je 7.4.7600.226, verze systémového souboru je 7.4.7600.226.
Record Number: 3816
Source Name: Windows File Protection
Time Written: 20111203230103.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 4226
Message: Došlo k překročení limitu možného počtu souběžných připojení protokolem TCP.
Record Number: 3815
Source Name: Tcpip
Time Written: 20111203230046.000000+060
Event Type: Upozornění
User:
Computer Name: STANOUS
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Zastaveno
Record Number: 3814
Source Name: Service Control Manager
Time Written: 20111203225834.000000+060
Event Type: Informace
User:
=====Application event log=====
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 433
Source Name: Application Error
Time Written: 20111126194215.000000+060
Event Type: Chyba
User:
Computer Name: STANOUS
Event Code: 4097
Message: Aplikace C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe vygenerovala aplikační chybu.
K chybě došlo dne 26. 11. 2011 v 19:42:14,734
Vygenerovaná výjimka: c0000005 na adrese 004698F8 (NMIndexStoreSvr)
Record Number: 432
Source Name: DrWatson
Time Written: 20111126194214.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 431
Source Name: Application Error
Time Written: 20111126194212.000000+060
Event Type: Chyba
User:
Computer Name: STANOUS
Event Code: 4097
Message: Aplikace C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe vygenerovala aplikační chybu.
K chybě došlo dne 26. 11. 2011 v 19:42:10,953
Vygenerovaná výjimka: c0000005 na adrese 004698F8 (NMIndexStoreSvr)
Record Number: 430
Source Name: DrWatson
Time Written: 20111126194211.000000+060
Event Type: Informace
User:
Computer Name: STANOUS
Event Code: 1000
Message: Chybující aplikace nmindexstoresvr.exe, verze 1.5.13.0, chybující modul nmindexstoresvr.exe, verze 1.5.13.0, adresa chyby 0x000698f8.
Record Number: 429
Source Name: Application Error
Time Written: 20111126194200.000000+060
Event Type: Chyba
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION"=0a00
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
-----------------EOF-----------------
Re: prosím o kontrolu logu
A jak dlouho\po kolikate tu trial verzi pouzivate 
Nebo proc jste si stahl verzi 3 kdyz uz je davno vydana verze 5
Nebo je to tak ze pekne nainstalujete trial, po mesici odinstalujete a znovu nainstalujete trial
Nebo proc jste si stahl verzi 3 kdyz uz je davno vydana verze 5 Nebo je to tak ze pekne nainstalujete trial, po mesici odinstalujete a znovu nainstalujete trial
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
ne, je to takhle, neni to muj pc, na tom pc je nedavno preinstalovany win xp, ja jsem tam instaloval trial verzi ess, kdyz se tam zacali ukazovat ty viry tak majitel pc tam nainstaloval stary nod32 protoze byl na nej zvykly a myslel ze se tim neco vyresi... tak protoRe: prosím o kontrolu logu
Stary antivir je na prd, pro bezneho uzivatele staci v pohode free reseni, takze jsem pro to, abychom po ukonceni leceni tam dali free reseni zabezpeceni v podobe Avastu, Aviry ci MSE. Jelikoz cracknout AV je jako zamknout byt a nechat otevrene okna, nehlede na porusovani autorskeho zakona a pachani trestneho cinu. Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
mockrat dekuji za ochotu
k pc budu mit pristup az pristi vikend, potom se ozvu s vysledkem, dekuji
k pc budu mit pristup az pristi vikend, potom se ozvu s vysledkem, dekuji
Re: prosím o kontrolu logu
Ok, pak sem tedy hodte log
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
dobry den, tak se ozyvam s logem:)
ComboFix 11-12-16.01 - Staňouš 16.12.2011 17:56:25.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.273 [GMT 1:00]
Spuštěný z: c:\documents and settings\Sta˛ouÜ\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB31976$
c:\windows\$NtUninstallKB31976$\1194009925
c:\windows\$NtUninstallKB31976$\583246292\@
c:\windows\$NtUninstallKB31976$\583246292\L\hoawvlnd
c:\windows\$NtUninstallKB31976$\583246292\loader.tlb
c:\windows\$NtUninstallKB31976$\583246292\U\@00000001
c:\windows\$NtUninstallKB31976$\583246292\U\@000000c0
c:\windows\$NtUninstallKB31976$\583246292\U\@000000cb
c:\windows\$NtUninstallKB31976$\583246292\U\@000000cf
c:\windows\$NtUninstallKB31976$\583246292\U\@80000000
c:\windows\$NtUninstallKB31976$\583246292\U\@800000c0
c:\windows\$NtUninstallKB31976$\583246292\U\@800000cb
c:\windows\$NtUninstallKB31976$\583246292\U\@800000cf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\
c:\windows\system32\c_52964.nls
.
Nakažená kopie c:\windows\system32\drivers\ipsec.sys byla nalezena a vyléčena.
Obnovena kopie z - The cat found it
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-16 do 2011-12-16 )))))))))))))))))))))))))))))))
.
.
2011-12-13 14:43 . 2011-12-13 14:43 -------- d-----w- C:\Terasoft
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- C:\rsit
2011-11-21 16:06 . 2011-11-21 16:06 -------- d-----w- C:\BJPrinter
2011-11-18 16:37 . 2011-11-18 16:37 -------- d-----r- C:\MSOCache
2011-11-18 16:00 . 2011-12-14 17:01 -------- d-----r- C:\Program Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2004-08-17 13:44 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 20:36 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2004-08-17 13:49 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2011-11-01 20:36 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:34 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-17 13:49 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2004-08-17 13:45 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2011-09-26 10:41 613376 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-05 07:07 . 2011-11-18 16:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"RemoteControl10"="d:\instalave od18.11.2011\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"RemoteControl11"="d:\instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe" [2011-09-14 230696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\Staňouš\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Instalave od18.11.2011\\ICQ7.7\\ICQ.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PowerDVD11.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PDVD11Serv.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\Common\\MediaServer\\CLMSServerForPDVD11.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"d:\\Instalave od18.11.2011\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\NavFilter\\CLHelper.exe"=
"d:\\Instalave od18.11.2011\\4\\ConvertXtoDvd.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD Cox\\PowerDVDCox10.exe"=
"d:\\Instalave od18.11.2011\\Total KOmandr\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\McAfee Security Scan\\2.0.181\\mcuicnt.exe"=
"c:\\Program Files\\Adobe\\Reader 10.0\\Reader\\AcroRd32.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD10.exe"=
"c:\\Documents and Settings\\Staňouš\\Plocha\\RSIT.exe"=
"d:\\Stahování\\staženo\\jxpiinstall.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 35168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/23 15:39];d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl [13.3.2010 12:58 87536]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [24.11.2011 12:01 77824]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [24.11.2011 12:01 69632]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [24.11.2011 12:01 286720]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 ntk_PowerDVD;ntk_PowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [24.11.2011 12:01 71664]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [23.11.2011 15:25 47360]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/24 12:02];\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl --> d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4}
mStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\instalave od18.11.2011\ICQ7.7\ICQ.exe
TCP: Interfaces\{B745FC88-D69F-476F-8D4D-93C6CA3F3A0B}: NameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.etypestart.com/s/?src=addrbar&provi ... x86-SP3&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-WgaLogon - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-16 18:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-16 18:08:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-16 17:08
.
Před spuštěním: 1 388 765 184
Po spuštění: 1 647 136 768
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - A3EFC6EB60BDC35DE1A4BD3B0B56554B
ComboFix 11-12-16.01 - Staňouš 16.12.2011 17:56:25.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.273 [GMT 1:00]
Spuštěný z: c:\documents and settings\Sta˛ouÜ\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB31976$
c:\windows\$NtUninstallKB31976$\1194009925
c:\windows\$NtUninstallKB31976$\583246292\@
c:\windows\$NtUninstallKB31976$\583246292\L\hoawvlnd
c:\windows\$NtUninstallKB31976$\583246292\loader.tlb
c:\windows\$NtUninstallKB31976$\583246292\U\@00000001
c:\windows\$NtUninstallKB31976$\583246292\U\@000000c0
c:\windows\$NtUninstallKB31976$\583246292\U\@000000cb
c:\windows\$NtUninstallKB31976$\583246292\U\@000000cf
c:\windows\$NtUninstallKB31976$\583246292\U\@80000000
c:\windows\$NtUninstallKB31976$\583246292\U\@800000c0
c:\windows\$NtUninstallKB31976$\583246292\U\@800000cb
c:\windows\$NtUninstallKB31976$\583246292\U\@800000cf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\
c:\windows\system32\c_52964.nls
.
Nakažená kopie c:\windows\system32\drivers\ipsec.sys byla nalezena a vyléčena.
Obnovena kopie z - The cat found it
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-16 do 2011-12-16 )))))))))))))))))))))))))))))))
.
.
2011-12-13 14:43 . 2011-12-13 14:43 -------- d-----w- C:\Terasoft
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- C:\rsit
2011-11-21 16:06 . 2011-11-21 16:06 -------- d-----w- C:\BJPrinter
2011-11-18 16:37 . 2011-11-18 16:37 -------- d-----r- C:\MSOCache
2011-11-18 16:00 . 2011-12-14 17:01 -------- d-----r- C:\Program Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2004-08-17 13:44 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-01 20:36 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2004-08-17 13:49 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2011-11-01 20:36 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:34 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-17 13:49 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2004-08-17 13:45 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2011-09-26 10:41 613376 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-05 07:07 . 2011-11-18 16:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2011-08-24 130864]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2011-08-24 16:21 1299248 ----a-r- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2011-08-24 1299248]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"RemoteControl10"="d:\instalave od18.11.2011\PowerDVD10\PDVD10Serv.exe" [2010-02-02 87336]
"BDRegion"="c:\program files\Cyberlink\Shared files\brs.exe" [2010-03-13 75048]
"RemoteControl11"="d:\instalave od18.11.2011\PowerDVD11\PDVD11Serv.exe" [2011-09-14 230696]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\Staňouš\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Instalave od18.11.2011\\ICQ7.7\\ICQ.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PowerDVD11.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PDVD11Serv.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\Common\\MediaServer\\CLMSServerForPDVD11.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"d:\\Instalave od18.11.2011\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\NavFilter\\CLHelper.exe"=
"d:\\Instalave od18.11.2011\\4\\ConvertXtoDvd.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD Cox\\PowerDVDCox10.exe"=
"d:\\Instalave od18.11.2011\\Total KOmandr\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\McAfee Security Scan\\2.0.181\\mcuicnt.exe"=
"c:\\Program Files\\Adobe\\Reader 10.0\\Reader\\AcroRd32.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD10.exe"=
"c:\\Documents and Settings\\Staňouš\\Plocha\\RSIT.exe"=
"d:\\Stahování\\staženo\\jxpiinstall.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 35168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/23 15:39];d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl [13.3.2010 12:58 87536]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [24.11.2011 12:01 77824]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [24.11.2011 12:01 69632]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [24.11.2011 12:01 286720]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 ntk_PowerDVD;ntk_PowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [24.11.2011 12:01 71664]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [23.11.2011 15:25 47360]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/24 12:02];\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl --> d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4}
mStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4}
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Print.html
IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\instalave od18.11.2011\ICQ7.7\ICQ.exe
TCP: Interfaces\{B745FC88-D69F-476F-8D4D-93C6CA3F3A0B}: NameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://www.etypestart.com/s/?src=addrbar&provi ... x86-SP3&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-WgaLogon - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-16 18:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
"OOBETimer"=hex:ff,d5,71,d6,8b,6a,8d,6f,d5,33,93,fd
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-16 18:08:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-16 17:08
.
Před spuštěním: 1 388 765 184
Po spuštění: 1 647 136 768
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - A3EFC6EB60BDC35DE1A4BD3B0B56554B
Re: prosím o kontrolu logu
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
- Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
- Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
- Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
- Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
- Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
zdravim, log z tdsskiller :
11:42:24.0250 8644 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
11:42:24.0328 8644 ============================================================
11:42:24.0328 8644 Current date / time: 2011/12/18 11:42:24.0328
11:42:24.0328 8644 SystemInfo:
11:42:24.0328 8644
11:42:24.0328 8644 OS Version: 5.1.2600 ServicePack: 3.0
11:42:24.0328 8644 Product type: Workstation
11:42:24.0328 8644 ComputerName: STANOUS
11:42:24.0328 8644 UserName: Staňouš
11:42:24.0328 8644 Windows directory: C:\WINDOWS
11:42:24.0328 8644 System windows directory: C:\WINDOWS
11:42:24.0328 8644 Processor architecture: Intel x86
11:42:24.0328 8644 Number of processors: 1
11:42:24.0328 8644 Page size: 0x1000
11:42:24.0328 8644 Boot type: Normal boot
11:42:24.0328 8644 ============================================================
11:42:25.0312 8644 Initialize success
11:42:26.0015 9080 ============================================================
11:42:26.0015 9080 Scan started
11:42:26.0015 9080 Mode: Manual;
11:42:26.0015 9080 ============================================================
11:42:26.0671 9080 Abiosdsk - ok
11:42:26.0703 9080 abp480n5 - ok
11:42:26.0765 9080 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:42:26.0765 9080 ACPI - ok
11:42:26.0812 9080 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:42:26.0812 9080 ACPIEC - ok
11:42:26.0843 9080 adpu160m - ok
11:42:26.0875 9080 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:42:26.0875 9080 aec - ok
11:42:26.0906 9080 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:42:26.0906 9080 AFD - ok
11:42:26.0953 9080 Aha154x - ok
11:42:26.0984 9080 aic78u2 - ok
11:42:27.0015 9080 aic78xx - ok
11:42:27.0093 9080 AliIde - ok
11:42:27.0140 9080 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
11:42:27.0140 9080 AmdK7 - ok
11:42:27.0171 9080 amsint - ok
11:42:27.0218 9080 asc - ok
11:42:27.0250 9080 asc3350p - ok
11:42:27.0281 9080 asc3550 - ok
11:42:27.0343 9080 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:42:27.0343 9080 AsyncMac - ok
11:42:27.0375 9080 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:42:27.0375 9080 atapi - ok
11:42:27.0406 9080 Atdisk - ok
11:42:27.0468 9080 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:42:27.0468 9080 Atmarpc - ok
11:42:27.0515 9080 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:42:27.0515 9080 audstub - ok
11:42:27.0578 9080 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:42:27.0578 9080 Beep - ok
11:42:27.0640 9080 catchme - ok
11:42:27.0671 9080 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:42:27.0687 9080 cbidf2k - ok
11:42:27.0718 9080 cd20xrnt - ok
11:42:27.0765 9080 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:42:27.0765 9080 Cdaudio - ok
11:42:27.0796 9080 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:42:27.0796 9080 Cdfs - ok
11:42:27.0843 9080 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:42:27.0843 9080 Cdrom - ok
11:42:27.0875 9080 Changer - ok
11:42:27.0953 9080 CmdIde - ok
11:42:28.0031 9080 Cpqarray - ok
11:42:28.0093 9080 dac2w2k - ok
11:42:28.0140 9080 dac960nt - ok
11:42:28.0203 9080 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:42:28.0203 9080 Disk - ok
11:42:28.0328 9080 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:42:28.0328 9080 dmboot - ok
11:42:28.0390 9080 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:42:28.0390 9080 dmio - ok
11:42:28.0421 9080 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:42:28.0421 9080 dmload - ok
11:42:28.0500 9080 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:42:28.0500 9080 DMusic - ok
11:42:28.0546 9080 dpti2o - ok
11:42:28.0593 9080 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:42:28.0593 9080 drmkaud - ok
11:42:28.0640 9080 eamon (a777d095402b31b0aafe7f19c89fb3a1) C:\WINDOWS\system32\DRIVERS\eamon.sys
11:42:28.0640 9080 eamon - ok
11:42:28.0687 9080 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) C:\WINDOWS\system32\DRIVERS\easdrv.sys
11:42:28.0687 9080 easdrv - ok
11:42:28.0734 9080 epfwtdir (bb2e195088af3f6091ef9f8e42f0581f) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
11:42:28.0734 9080 epfwtdir - ok
11:42:28.0828 9080 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:42:28.0828 9080 Fastfat - ok
11:42:28.0875 9080 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:42:28.0875 9080 Fdc - ok
11:42:28.0921 9080 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
11:42:28.0921 9080 FETNDIS - ok
11:42:28.0953 9080 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:42:28.0953 9080 Fips - ok
11:42:28.0984 9080 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:42:28.0984 9080 Flpydisk - ok
11:42:29.0031 9080 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:42:29.0046 9080 FltMgr - ok
11:42:29.0093 9080 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:42:29.0093 9080 Fs_Rec - ok
11:42:29.0125 9080 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:42:29.0125 9080 Ftdisk - ok
11:42:29.0156 9080 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:42:29.0156 9080 Gpc - ok
11:42:29.0218 9080 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:42:29.0218 9080 hidusb - ok
11:42:29.0265 9080 hpn - ok
11:42:29.0328 9080 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:42:29.0328 9080 HTTP - ok
11:42:29.0375 9080 i2omgmt - ok
11:42:29.0390 9080 i2omp - ok
11:42:29.0437 9080 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:42:29.0437 9080 i8042prt - ok
11:42:29.0453 9080 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:42:29.0468 9080 Imapi - ok
11:42:29.0515 9080 ini910u - ok
11:42:29.0562 9080 IntelIde - ok
11:42:29.0609 9080 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:42:29.0609 9080 Ip6Fw - ok
11:42:29.0656 9080 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:42:29.0656 9080 IpFilterDriver - ok
11:42:29.0687 9080 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:42:29.0687 9080 IpInIp - ok
11:42:29.0718 9080 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:42:29.0718 9080 IpNat - ok
11:42:29.0765 9080 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:42:29.0765 9080 IPSec - ok
11:42:29.0796 9080 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:42:29.0796 9080 IRENUM - ok
11:42:29.0859 9080 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:42:29.0859 9080 isapnp - ok
11:42:29.0906 9080 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:42:29.0906 9080 Kbdclass - ok
11:42:29.0968 9080 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:42:29.0968 9080 kmixer - ok
11:42:30.0015 9080 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:42:30.0015 9080 KSecDD - ok
11:42:30.0078 9080 lbrtfdc - ok
11:42:30.0406 9080 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:42:30.0406 9080 mnmdd - ok
11:42:30.0515 9080 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:42:30.0515 9080 Modem - ok
11:42:30.0562 9080 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:42:30.0562 9080 Mouclass - ok
11:42:30.0593 9080 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:42:30.0593 9080 mouhid - ok
11:42:30.0656 9080 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:42:30.0656 9080 MountMgr - ok
11:42:30.0687 9080 mraid35x - ok
11:42:30.0734 9080 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:42:30.0734 9080 MRxDAV - ok
11:42:30.0812 9080 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:42:30.0828 9080 MRxSmb - ok
11:42:30.0890 9080 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:42:30.0890 9080 Msfs - ok
11:42:30.0968 9080 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:42:30.0968 9080 MSKSSRV - ok
11:42:31.0015 9080 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:42:31.0031 9080 MSPCLOCK - ok
11:42:31.0062 9080 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:42:31.0062 9080 MSPQM - ok
11:42:31.0093 9080 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:42:31.0093 9080 mssmbios - ok
11:42:31.0140 9080 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:42:31.0140 9080 Mup - ok
11:42:31.0203 9080 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:42:31.0203 9080 NDIS - ok
11:42:31.0234 9080 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:42:31.0234 9080 NdisTapi - ok
11:42:31.0281 9080 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:42:31.0312 9080 Ndisuio - ok
11:42:31.0328 9080 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:42:31.0328 9080 NdisWan - ok
11:42:31.0390 9080 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:42:31.0390 9080 NDProxy - ok
11:42:31.0437 9080 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:42:31.0437 9080 NetBIOS - ok
11:42:31.0468 9080 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:42:31.0468 9080 NetBT - ok
11:42:31.0531 9080 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:42:31.0531 9080 Npfs - ok
11:42:31.0593 9080 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:42:31.0593 9080 Ntfs - ok
11:42:31.0781 9080 ntk_PowerDVD (170ee229d4def31dbe95348c9a88fe74) D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
11:42:31.0781 9080 ntk_PowerDVD - ok
11:42:31.0859 9080 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:42:31.0859 9080 Null - ok
11:42:32.0140 9080 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:42:32.0218 9080 nv - ok
11:42:32.0312 9080 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:42:32.0312 9080 NwlnkFlt - ok
11:42:32.0359 9080 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:42:32.0359 9080 NwlnkFwd - ok
11:42:32.0437 9080 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:42:32.0437 9080 Parport - ok
11:42:32.0484 9080 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:42:32.0484 9080 PartMgr - ok
11:42:32.0531 9080 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:42:32.0531 9080 ParVdm - ok
11:42:32.0578 9080 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:42:32.0578 9080 PCI - ok
11:42:32.0609 9080 PCIDump - ok
11:42:32.0640 9080 PCIIde - ok
11:42:32.0687 9080 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:42:32.0687 9080 Pcmcia - ok
11:42:32.0750 9080 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
11:42:32.0750 9080 pcouffin - ok
11:42:32.0781 9080 PDCOMP - ok
11:42:32.0828 9080 PDFRAME - ok
11:42:32.0859 9080 PDRELI - ok
11:42:32.0906 9080 PDRFRAME - ok
11:42:32.0937 9080 perc2 - ok
11:42:32.0968 9080 perc2hib - ok
11:42:33.0078 9080 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:42:33.0078 9080 PptpMiniport - ok
11:42:33.0109 9080 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:42:33.0125 9080 PSched - ok
11:42:33.0156 9080 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:42:33.0156 9080 Ptilink - ok
11:42:33.0203 9080 ql1080 - ok
11:42:33.0234 9080 Ql10wnt - ok
11:42:33.0265 9080 ql12160 - ok
11:42:33.0296 9080 ql1240 - ok
11:42:33.0343 9080 ql1280 - ok
11:42:33.0390 9080 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:42:33.0390 9080 RasAcd - ok
11:42:33.0421 9080 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:42:33.0421 9080 Rasl2tp - ok
11:42:33.0468 9080 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:42:33.0468 9080 RasPppoe - ok
11:42:33.0515 9080 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:42:33.0515 9080 Raspti - ok
11:42:33.0562 9080 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:42:33.0562 9080 Rdbss - ok
11:42:33.0609 9080 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:42:33.0609 9080 RDPCDD - ok
11:42:33.0656 9080 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:42:33.0656 9080 rdpdr - ok
11:42:33.0718 9080 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:42:33.0718 9080 RDPWD - ok
11:42:33.0781 9080 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:42:33.0781 9080 redbook - ok
11:42:33.0953 9080 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:42:33.0953 9080 Secdrv - ok
11:42:34.0000 9080 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:42:34.0000 9080 serenum - ok
11:42:34.0031 9080 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:42:34.0031 9080 Serial - ok
11:42:34.0046 9080 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:42:34.0046 9080 Sfloppy - ok
11:42:34.0109 9080 Simbad - ok
11:42:34.0140 9080 Sparrow - ok
11:42:34.0187 9080 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:42:34.0187 9080 splitter - ok
11:42:34.0234 9080 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:42:34.0234 9080 sr - ok
11:42:34.0296 9080 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:42:34.0296 9080 Srv - ok
11:42:34.0359 9080 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:42:34.0359 9080 swenum - ok
11:42:34.0406 9080 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:42:34.0406 9080 swmidi - ok
11:42:34.0468 9080 symc810 - ok
11:42:34.0500 9080 symc8xx - ok
11:42:34.0546 9080 sym_hi - ok
11:42:34.0578 9080 sym_u3 - ok
11:42:34.0625 9080 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:42:34.0625 9080 sysaudio - ok
11:42:34.0703 9080 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:42:34.0703 9080 Tcpip - ok
11:42:34.0750 9080 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:42:34.0750 9080 TDPIPE - ok
11:42:34.0781 9080 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:42:34.0781 9080 TDTCP - ok
11:42:34.0828 9080 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:42:34.0828 9080 TermDD - ok
11:42:34.0906 9080 TosIde - ok
11:42:34.0984 9080 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
11:42:34.0984 9080 uagp35 - ok
11:42:35.0031 9080 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:42:35.0031 9080 Udfs - ok
11:42:35.0062 9080 ultra - ok
11:42:35.0125 9080 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:42:35.0140 9080 Update - ok
11:42:35.0218 9080 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:42:35.0218 9080 usbehci - ok
11:42:35.0234 9080 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:42:35.0250 9080 usbhub - ok
11:42:35.0296 9080 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:42:35.0296 9080 usbprint - ok
11:42:35.0328 9080 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:42:35.0328 9080 USBSTOR - ok
11:42:35.0375 9080 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:42:35.0375 9080 usbuhci - ok
11:42:35.0437 9080 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:42:35.0437 9080 VgaSave - ok
11:42:35.0484 9080 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:42:35.0484 9080 ViaIde - ok
11:42:35.0546 9080 VIAudio (fece79a9aef62ad5f11a3f4a14f1dead) C:\WINDOWS\system32\drivers\vinyl97.sys
11:42:35.0546 9080 VIAudio - ok
11:42:35.0578 9080 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:42:35.0578 9080 VolSnap - ok
11:42:35.0671 9080 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:42:35.0671 9080 Wanarp - ok
11:42:35.0703 9080 WDICA - ok
11:42:35.0750 9080 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:42:35.0750 9080 wdmaud - ok
11:42:36.0156 9080 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) D:\Instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl
11:42:36.0156 9080 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
11:42:36.0265 9080 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
11:42:36.0312 9080 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:42:36.0406 9080 \Device\Harddisk0\DR0 - ok
11:42:36.0421 9080 Boot (0x1200) (97ef7a8c11d7601e41b1a69b949facc5) \Device\Harddisk0\DR0\Partition0
11:42:36.0421 9080 \Device\Harddisk0\DR0\Partition0 - ok
11:42:36.0468 9080 Boot (0x1200) (726ec966f820fdc65b21f7ed01c5bc63) \Device\Harddisk0\DR0\Partition1
11:42:36.0468 9080 \Device\Harddisk0\DR0\Partition1 - ok
11:42:36.0468 9080 ============================================================
11:42:36.0468 9080 Scan finished
11:42:36.0468 9080 ============================================================
11:42:36.0531 9064 Detected object count: 0
11:42:36.0531 9064 Actual detected object count: 0
11:42:42.0718 8924 Deinitialize success
:11:42:24.0250 8644 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31
11:42:24.0328 8644 ============================================================
11:42:24.0328 8644 Current date / time: 2011/12/18 11:42:24.0328
11:42:24.0328 8644 SystemInfo:
11:42:24.0328 8644
11:42:24.0328 8644 OS Version: 5.1.2600 ServicePack: 3.0
11:42:24.0328 8644 Product type: Workstation
11:42:24.0328 8644 ComputerName: STANOUS
11:42:24.0328 8644 UserName: Staňouš
11:42:24.0328 8644 Windows directory: C:\WINDOWS
11:42:24.0328 8644 System windows directory: C:\WINDOWS
11:42:24.0328 8644 Processor architecture: Intel x86
11:42:24.0328 8644 Number of processors: 1
11:42:24.0328 8644 Page size: 0x1000
11:42:24.0328 8644 Boot type: Normal boot
11:42:24.0328 8644 ============================================================
11:42:25.0312 8644 Initialize success
11:42:26.0015 9080 ============================================================
11:42:26.0015 9080 Scan started
11:42:26.0015 9080 Mode: Manual;
11:42:26.0015 9080 ============================================================
11:42:26.0671 9080 Abiosdsk - ok
11:42:26.0703 9080 abp480n5 - ok
11:42:26.0765 9080 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:42:26.0765 9080 ACPI - ok
11:42:26.0812 9080 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
11:42:26.0812 9080 ACPIEC - ok
11:42:26.0843 9080 adpu160m - ok
11:42:26.0875 9080 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
11:42:26.0875 9080 aec - ok
11:42:26.0906 9080 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
11:42:26.0906 9080 AFD - ok
11:42:26.0953 9080 Aha154x - ok
11:42:26.0984 9080 aic78u2 - ok
11:42:27.0015 9080 aic78xx - ok
11:42:27.0093 9080 AliIde - ok
11:42:27.0140 9080 AmdK7 (3980814f8027d27ea003e2e3d9d4f604) C:\WINDOWS\system32\DRIVERS\amdk7.sys
11:42:27.0140 9080 AmdK7 - ok
11:42:27.0171 9080 amsint - ok
11:42:27.0218 9080 asc - ok
11:42:27.0250 9080 asc3350p - ok
11:42:27.0281 9080 asc3550 - ok
11:42:27.0343 9080 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:42:27.0343 9080 AsyncMac - ok
11:42:27.0375 9080 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
11:42:27.0375 9080 atapi - ok
11:42:27.0406 9080 Atdisk - ok
11:42:27.0468 9080 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:42:27.0468 9080 Atmarpc - ok
11:42:27.0515 9080 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
11:42:27.0515 9080 audstub - ok
11:42:27.0578 9080 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
11:42:27.0578 9080 Beep - ok
11:42:27.0640 9080 catchme - ok
11:42:27.0671 9080 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
11:42:27.0687 9080 cbidf2k - ok
11:42:27.0718 9080 cd20xrnt - ok
11:42:27.0765 9080 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
11:42:27.0765 9080 Cdaudio - ok
11:42:27.0796 9080 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
11:42:27.0796 9080 Cdfs - ok
11:42:27.0843 9080 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:42:27.0843 9080 Cdrom - ok
11:42:27.0875 9080 Changer - ok
11:42:27.0953 9080 CmdIde - ok
11:42:28.0031 9080 Cpqarray - ok
11:42:28.0093 9080 dac2w2k - ok
11:42:28.0140 9080 dac960nt - ok
11:42:28.0203 9080 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
11:42:28.0203 9080 Disk - ok
11:42:28.0328 9080 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
11:42:28.0328 9080 dmboot - ok
11:42:28.0390 9080 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
11:42:28.0390 9080 dmio - ok
11:42:28.0421 9080 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
11:42:28.0421 9080 dmload - ok
11:42:28.0500 9080 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
11:42:28.0500 9080 DMusic - ok
11:42:28.0546 9080 dpti2o - ok
11:42:28.0593 9080 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
11:42:28.0593 9080 drmkaud - ok
11:42:28.0640 9080 eamon (a777d095402b31b0aafe7f19c89fb3a1) C:\WINDOWS\system32\DRIVERS\eamon.sys
11:42:28.0640 9080 eamon - ok
11:42:28.0687 9080 easdrv (e6dffb60bdbd91749eab4d45bc8926a9) C:\WINDOWS\system32\DRIVERS\easdrv.sys
11:42:28.0687 9080 easdrv - ok
11:42:28.0734 9080 epfwtdir (bb2e195088af3f6091ef9f8e42f0581f) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
11:42:28.0734 9080 epfwtdir - ok
11:42:28.0828 9080 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
11:42:28.0828 9080 Fastfat - ok
11:42:28.0875 9080 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
11:42:28.0875 9080 Fdc - ok
11:42:28.0921 9080 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys
11:42:28.0921 9080 FETNDIS - ok
11:42:28.0953 9080 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
11:42:28.0953 9080 Fips - ok
11:42:28.0984 9080 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:42:28.0984 9080 Flpydisk - ok
11:42:29.0031 9080 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
11:42:29.0046 9080 FltMgr - ok
11:42:29.0093 9080 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:42:29.0093 9080 Fs_Rec - ok
11:42:29.0125 9080 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:42:29.0125 9080 Ftdisk - ok
11:42:29.0156 9080 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:42:29.0156 9080 Gpc - ok
11:42:29.0218 9080 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:42:29.0218 9080 hidusb - ok
11:42:29.0265 9080 hpn - ok
11:42:29.0328 9080 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
11:42:29.0328 9080 HTTP - ok
11:42:29.0375 9080 i2omgmt - ok
11:42:29.0390 9080 i2omp - ok
11:42:29.0437 9080 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:42:29.0437 9080 i8042prt - ok
11:42:29.0453 9080 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
11:42:29.0468 9080 Imapi - ok
11:42:29.0515 9080 ini910u - ok
11:42:29.0562 9080 IntelIde - ok
11:42:29.0609 9080 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
11:42:29.0609 9080 Ip6Fw - ok
11:42:29.0656 9080 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:42:29.0656 9080 IpFilterDriver - ok
11:42:29.0687 9080 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:42:29.0687 9080 IpInIp - ok
11:42:29.0718 9080 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:42:29.0718 9080 IpNat - ok
11:42:29.0765 9080 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:42:29.0765 9080 IPSec - ok
11:42:29.0796 9080 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
11:42:29.0796 9080 IRENUM - ok
11:42:29.0859 9080 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:42:29.0859 9080 isapnp - ok
11:42:29.0906 9080 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:42:29.0906 9080 Kbdclass - ok
11:42:29.0968 9080 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
11:42:29.0968 9080 kmixer - ok
11:42:30.0015 9080 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
11:42:30.0015 9080 KSecDD - ok
11:42:30.0078 9080 lbrtfdc - ok
11:42:30.0406 9080 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
11:42:30.0406 9080 mnmdd - ok
11:42:30.0515 9080 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
11:42:30.0515 9080 Modem - ok
11:42:30.0562 9080 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:42:30.0562 9080 Mouclass - ok
11:42:30.0593 9080 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:42:30.0593 9080 mouhid - ok
11:42:30.0656 9080 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
11:42:30.0656 9080 MountMgr - ok
11:42:30.0687 9080 mraid35x - ok
11:42:30.0734 9080 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:42:30.0734 9080 MRxDAV - ok
11:42:30.0812 9080 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:42:30.0828 9080 MRxSmb - ok
11:42:30.0890 9080 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
11:42:30.0890 9080 Msfs - ok
11:42:30.0968 9080 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:42:30.0968 9080 MSKSSRV - ok
11:42:31.0015 9080 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:42:31.0031 9080 MSPCLOCK - ok
11:42:31.0062 9080 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
11:42:31.0062 9080 MSPQM - ok
11:42:31.0093 9080 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:42:31.0093 9080 mssmbios - ok
11:42:31.0140 9080 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
11:42:31.0140 9080 Mup - ok
11:42:31.0203 9080 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
11:42:31.0203 9080 NDIS - ok
11:42:31.0234 9080 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:42:31.0234 9080 NdisTapi - ok
11:42:31.0281 9080 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:42:31.0312 9080 Ndisuio - ok
11:42:31.0328 9080 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:42:31.0328 9080 NdisWan - ok
11:42:31.0390 9080 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
11:42:31.0390 9080 NDProxy - ok
11:42:31.0437 9080 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
11:42:31.0437 9080 NetBIOS - ok
11:42:31.0468 9080 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
11:42:31.0468 9080 NetBT - ok
11:42:31.0531 9080 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
11:42:31.0531 9080 Npfs - ok
11:42:31.0593 9080 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
11:42:31.0593 9080 Ntfs - ok
11:42:31.0781 9080 ntk_PowerDVD (170ee229d4def31dbe95348c9a88fe74) D:\Instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
11:42:31.0781 9080 ntk_PowerDVD - ok
11:42:31.0859 9080 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
11:42:31.0859 9080 Null - ok
11:42:32.0140 9080 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:42:32.0218 9080 nv - ok
11:42:32.0312 9080 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:42:32.0312 9080 NwlnkFlt - ok
11:42:32.0359 9080 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:42:32.0359 9080 NwlnkFwd - ok
11:42:32.0437 9080 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
11:42:32.0437 9080 Parport - ok
11:42:32.0484 9080 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
11:42:32.0484 9080 PartMgr - ok
11:42:32.0531 9080 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
11:42:32.0531 9080 ParVdm - ok
11:42:32.0578 9080 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
11:42:32.0578 9080 PCI - ok
11:42:32.0609 9080 PCIDump - ok
11:42:32.0640 9080 PCIIde - ok
11:42:32.0687 9080 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
11:42:32.0687 9080 Pcmcia - ok
11:42:32.0750 9080 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\WINDOWS\system32\Drivers\pcouffin.sys
11:42:32.0750 9080 pcouffin - ok
11:42:32.0781 9080 PDCOMP - ok
11:42:32.0828 9080 PDFRAME - ok
11:42:32.0859 9080 PDRELI - ok
11:42:32.0906 9080 PDRFRAME - ok
11:42:32.0937 9080 perc2 - ok
11:42:32.0968 9080 perc2hib - ok
11:42:33.0078 9080 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:42:33.0078 9080 PptpMiniport - ok
11:42:33.0109 9080 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
11:42:33.0125 9080 PSched - ok
11:42:33.0156 9080 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:42:33.0156 9080 Ptilink - ok
11:42:33.0203 9080 ql1080 - ok
11:42:33.0234 9080 Ql10wnt - ok
11:42:33.0265 9080 ql12160 - ok
11:42:33.0296 9080 ql1240 - ok
11:42:33.0343 9080 ql1280 - ok
11:42:33.0390 9080 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:42:33.0390 9080 RasAcd - ok
11:42:33.0421 9080 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:42:33.0421 9080 Rasl2tp - ok
11:42:33.0468 9080 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:42:33.0468 9080 RasPppoe - ok
11:42:33.0515 9080 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
11:42:33.0515 9080 Raspti - ok
11:42:33.0562 9080 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:42:33.0562 9080 Rdbss - ok
11:42:33.0609 9080 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:42:33.0609 9080 RDPCDD - ok
11:42:33.0656 9080 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:42:33.0656 9080 rdpdr - ok
11:42:33.0718 9080 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
11:42:33.0718 9080 RDPWD - ok
11:42:33.0781 9080 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
11:42:33.0781 9080 redbook - ok
11:42:33.0953 9080 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:42:33.0953 9080 Secdrv - ok
11:42:34.0000 9080 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
11:42:34.0000 9080 serenum - ok
11:42:34.0031 9080 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
11:42:34.0031 9080 Serial - ok
11:42:34.0046 9080 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
11:42:34.0046 9080 Sfloppy - ok
11:42:34.0109 9080 Simbad - ok
11:42:34.0140 9080 Sparrow - ok
11:42:34.0187 9080 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
11:42:34.0187 9080 splitter - ok
11:42:34.0234 9080 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
11:42:34.0234 9080 sr - ok
11:42:34.0296 9080 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
11:42:34.0296 9080 Srv - ok
11:42:34.0359 9080 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
11:42:34.0359 9080 swenum - ok
11:42:34.0406 9080 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
11:42:34.0406 9080 swmidi - ok
11:42:34.0468 9080 symc810 - ok
11:42:34.0500 9080 symc8xx - ok
11:42:34.0546 9080 sym_hi - ok
11:42:34.0578 9080 sym_u3 - ok
11:42:34.0625 9080 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
11:42:34.0625 9080 sysaudio - ok
11:42:34.0703 9080 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:42:34.0703 9080 Tcpip - ok
11:42:34.0750 9080 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
11:42:34.0750 9080 TDPIPE - ok
11:42:34.0781 9080 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
11:42:34.0781 9080 TDTCP - ok
11:42:34.0828 9080 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
11:42:34.0828 9080 TermDD - ok
11:42:34.0906 9080 TosIde - ok
11:42:34.0984 9080 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
11:42:34.0984 9080 uagp35 - ok
11:42:35.0031 9080 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
11:42:35.0031 9080 Udfs - ok
11:42:35.0062 9080 ultra - ok
11:42:35.0125 9080 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
11:42:35.0140 9080 Update - ok
11:42:35.0218 9080 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:42:35.0218 9080 usbehci - ok
11:42:35.0234 9080 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:42:35.0250 9080 usbhub - ok
11:42:35.0296 9080 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:42:35.0296 9080 usbprint - ok
11:42:35.0328 9080 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:42:35.0328 9080 USBSTOR - ok
11:42:35.0375 9080 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:42:35.0375 9080 usbuhci - ok
11:42:35.0437 9080 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
11:42:35.0437 9080 VgaSave - ok
11:42:35.0484 9080 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
11:42:35.0484 9080 ViaIde - ok
11:42:35.0546 9080 VIAudio (fece79a9aef62ad5f11a3f4a14f1dead) C:\WINDOWS\system32\drivers\vinyl97.sys
11:42:35.0546 9080 VIAudio - ok
11:42:35.0578 9080 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
11:42:35.0578 9080 VolSnap - ok
11:42:35.0671 9080 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:42:35.0671 9080 Wanarp - ok
11:42:35.0703 9080 WDICA - ok
11:42:35.0750 9080 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
11:42:35.0750 9080 wdmaud - ok
11:42:36.0156 9080 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74ec37b9eaf9fca015b933a526825c7a) D:\Instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl
11:42:36.0156 9080 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} - ok
11:42:36.0265 9080 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
11:42:36.0312 9080 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
11:42:36.0406 9080 \Device\Harddisk0\DR0 - ok
11:42:36.0421 9080 Boot (0x1200) (97ef7a8c11d7601e41b1a69b949facc5) \Device\Harddisk0\DR0\Partition0
11:42:36.0421 9080 \Device\Harddisk0\DR0\Partition0 - ok
11:42:36.0468 9080 Boot (0x1200) (726ec966f820fdc65b21f7ed01c5bc63) \Device\Harddisk0\DR0\Partition1
11:42:36.0468 9080 \Device\Harddisk0\DR0\Partition1 - ok
11:42:36.0468 9080 ============================================================
11:42:36.0468 9080 Scan finished
11:42:36.0468 9080 ============================================================
11:42:36.0531 9064 Detected object count: 0
11:42:36.0531 9064 Actual detected object count: 0
11:42:42.0718 8924 Deinitialize success
Re: prosím o kontrolu logu
Uvolnete nejake volne misto na disku, nejlepe tak aspon na 3-4 GB, system se jinak dusi Pokud nemate, tak presunte Combofix primo na disk c:\
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files\SweetIM Registry:: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{EEE6C35D-6118-11DC-9C72-001320C79847}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook] [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"=- [-HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1] [-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [-HKEY_CLASSES_ROOT\SWEETIE.IEToolbar] [-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SweetIM"=- "NeroFilterCheck"=- "RemoteControl10"=- "BDRegion"=- "RemoteControl11"=- "Adobe ARM"=- "SunJavaUpdateSched"=- File:: c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk DDS:: uStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4} mStart Page = hxxp://home.sweetim.com/?st=1&barid={4FE4A934-1375-11E1-BF2F-00110972B9A4} IE: Search the Web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html Firefox:: FF - ProfilePath - c:\documents and settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\ FF - prefs.js: browser.search.defaulturl - FF - prefs.js: keyword.URL - hxxp://www.etypestart.com/s/?src=addrba ... x86-SP3&q= RegLock:: [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents] ClearJavaCache:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt taktez primo na disk c:\
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: prosím o kontrolu logu
ComboFix 11-12-16.01 - Staňouš 18.12.2011 17:42:16.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.219 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-18 do 2011-12-18 )))))))))))))))))))))))))))))))
.
.
2011-12-16 16:47 . 2008-04-13 23:49 75264 -c--a-w- c:\windows\system32\dllcache\ipsec.sys
2011-12-16 16:47 . 2008-04-13 23:49 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2011-12-14 17:03 . 2011-12-14 17:03 -------- d-----w- c:\program files\Common Files\Java
2011-12-14 17:02 . 2011-12-14 17:02 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-14 17:02 . 2011-12-14 17:01 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-14 17:02 . 2011-12-14 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-14 17:01 . 2011-12-14 17:01 -------- d-----w- c:\program files\Java
2011-12-13 14:43 . 2011-12-13 14:43 -------- d-----w- C:\Terasoft
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- c:\program files\trend micro
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- C:\rsit
2011-12-08 07:13 . 2011-12-08 07:13 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2011-12-06 23:03 . 2011-12-06 23:03 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Temp
2011-12-06 23:03 . 2011-12-06 23:03 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Adobe
2011-12-06 23:00 . 2011-12-06 23:00 -------- d-----w- c:\program files\Common Files\Adobe
2011-12-06 22:58 . 2011-12-06 22:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-12-06 22:58 . 2011-12-06 22:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee Security Scan
2011-12-06 22:58 . 2011-12-08 07:12 -------- d-----w- c:\program files\McAfee Security Scan
2011-12-04 15:36 . 2011-12-04 15:36 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Identities
2011-12-01 12:04 . 2011-12-01 12:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\vsosdk
2011-11-27 17:59 . 2011-12-02 20:28 -------- d-----w- c:\windows\system32\kb
2011-11-27 17:48 . 2011-11-27 17:48 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\Microsoft Help
2011-11-27 17:40 . 2011-11-27 18:04 -------- d-----w- c:\windows\SxsCaPendDel
2011-11-27 17:38 . 2011-11-27 17:38 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-11-25 19:28 . 2011-11-25 19:28 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-11-25 08:17 . 2008-03-03 13:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2011-11-25 07:47 . 2011-11-25 07:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-11-24 21:15 . 2011-11-24 21:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-24 18:58 . 2011-11-24 21:14 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\MediaBox
2011-11-24 18:51 . 2011-11-24 22:33 -------- d-sh--w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\22c3a1d4
2011-11-24 18:24 . 2011-11-24 21:14 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\DAEMON Tools Lite
2011-11-24 18:24 . 2011-11-24 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-11-24 13:35 . 2011-12-01 20:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2011-11-24 12:32 . 2011-11-24 12:32 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\PowerCinema
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\program files\Cyberlink
2011-11-23 14:38 . 2011-11-23 14:39 -------- d-----w- c:\program files\Common Files\CyberLink
2011-11-23 14:37 . 2011-11-23 14:32 29480 ----a-w- c:\windows\system32\msxml3a.dll
2011-11-23 14:25 . 2011-11-23 14:25 87608 ----a-w- c:\documents and settings\Staňouš\Data aplikací\inst.exe
2011-11-23 14:25 . 2011-11-23 14:25 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-11-23 14:25 . 2011-11-23 14:25 47360 ----a-w- c:\documents and settings\Staňouš\Data aplikací\pcouffin.sys
2011-11-23 14:23 . 2011-12-08 18:26 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Vso
2011-11-23 14:22 . 2010-02-09 15:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-11-23 14:22 . 2010-02-09 15:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-11-23 14:22 . 2010-02-09 15:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-11-23 14:22 . 2010-02-09 15:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-11-23 14:22 . 2010-02-09 15:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-11-23 14:22 . 2010-02-09 15:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-11-23 14:22 . 2010-02-09 15:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-11-23 14:22 . 2011-11-23 14:22 -------- d-----w- c:\program files\VSO
2011-11-21 16:27 . 2011-11-21 16:27 -------- d-----w- c:\program files\ICQ6Toolbar
2011-11-21 16:27 . 2011-11-21 16:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ICQ
2011-11-21 16:27 . 2011-12-18 12:35 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\ICQ
2011-11-21 15:48 . 2011-11-24 17:44 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Ahead
2011-11-21 15:44 . 2011-11-21 15:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nero
2011-11-21 14:59 . 2011-11-21 14:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\LightScribe
2011-11-21 14:54 . 2011-11-21 15:51 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Ahead
2011-11-21 14:49 . 2011-11-24 21:19 -------- d-----w- c:\program files\Common Files\LightScribe
2011-11-21 14:45 . 2011-11-21 15:47 -------- d-----w- c:\program files\Common Files\Ahead
2011-11-21 14:45 . 2004-08-11 00:45 47616 ----a-w- c:\program files\Windows Media Player\msoobci.dll
2011-11-21 14:45 . 2004-08-11 00:45 819200 ----a-w- c:\program files\Windows Media Player\wmsetsdk.exe
2011-11-21 00:02 . 2011-11-24 12:32 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\CyberLink
2011-11-20 19:03 . 2011-12-16 16:54 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Skype
2011-11-20 19:03 . 2011-11-20 19:03 -------- d-----r- c:\program files\Skype
2011-11-20 19:03 . 2011-11-20 19:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-11-20 12:43 . 2011-11-20 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SweetIM
2011-11-20 10:25 . 2011-12-06 06:01 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Media Player Classic
2011-11-20 09:22 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2011-11-20 09:22 . 2011-07-16 14:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-11-20 09:22 . 2006-10-18 18:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2011-11-20 09:22 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-11-20 09:22 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-11-20 09:22 . 2011-10-28 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-19 00:01 . 2011-11-26 16:08 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\eType
2011-11-18 22:08 . 2011-11-24 12:25 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\CyberLink
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PDVD
2011-11-18 22:04 . 2011-11-25 22:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CyberLink
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\MediaServer
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\MediaServer
2011-11-18 22:00 . 2011-11-18 22:00 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Google
2011-11-18 21:59 . 2011-11-23 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Temp
2011-11-18 21:59 . 2011-11-18 22:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\install_clap
2011-11-18 20:41 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-11-18 20:41 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-11-18 20:41 . 2011-11-18 20:41 -------- d-----w- c:\windows\Logs
2011-11-18 20:40 . 2011-12-07 22:08 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Winamp
2011-11-18 19:52 . 2011-11-18 19:52 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\GHISLER
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-11-18 18:42 . 2011-02-02 07:58 2067456 -c----w- c:\windows\system32\dllcache\lhmstscx.dll
2011-11-18 18:42 . 2011-01-27 11:57 677888 -c----w- c:\windows\system32\dllcache\lhmstsc.exe
2011-11-18 18:41 . 2010-04-16 15:38 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2011-11-18 18:38 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-11-18 18:37 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-11-18 18:37 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-11-18 18:37 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-11-18 18:36 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-11-18 18:35 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-11-18 18:32 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-11-18 18:31 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-11-18 18:31 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-11-18 18:31 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-11-18 18:30 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-11-18 18:30 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-11-18 18:30 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-11-18 18:30 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-11-18 18:30 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-11-18 18:30 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-11-18 18:30 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-11-18 18:27 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-11-18 18:27 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-11-18 18:27 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-11-18 18:27 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-11-18 18:26 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-11-18 18:22 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-11-18 18:21 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-11-18 18:19 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-11-18 18:18 . 2011-04-29 19:07 852480 -c----w- c:\windows\system32\dllcache\vgx.dll
2011-11-18 18:16 . 2011-10-26 10:50 2194944 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-11-18 18:16 . 2011-10-26 10:49 2150912 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-11-18 18:16 . 2010-12-09 15:15 713216 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-11-18 18:16 . 2011-10-26 10:50 2071552 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-11-18 18:16 . 2011-10-26 10:49 2029056 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-11-18 18:16 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2004-08-17 13:44 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:33 . 2011-11-18 16:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 20:36 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:34 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-17 13:49 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2004-08-17 13:45 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-11-18 15:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2011-09-26 10:41 613376 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-05 07:07 . 2011-11-18 16:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-16_17.05.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-18 16:49 . 2011-12-18 16:49 16384 c:\windows\temp\Perflib_Perfdata_6fc.dat
+ 2011-12-18 16:49 . 2011-12-18 16:49 16384 c:\windows\temp\Perflib_Perfdata_494.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\Staňouš\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Instalave od18.11.2011\\ICQ7.7\\ICQ.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PowerDVD11.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PDVD11Serv.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\Common\\MediaServer\\CLMSServerForPDVD11.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"d:\\Instalave od18.11.2011\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\NavFilter\\CLHelper.exe"=
"d:\\Instalave od18.11.2011\\4\\ConvertXtoDvd.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD Cox\\PowerDVDCox10.exe"=
"d:\\Instalave od18.11.2011\\Total KOmandr\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\McAfee Security Scan\\2.0.181\\mcuicnt.exe"=
"c:\\Program Files\\Adobe\\Reader 10.0\\Reader\\AcroRd32.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD10.exe"=
"c:\\Documents and Settings\\Staňouš\\Plocha\\RSIT.exe"=
"d:\\Stahování\\staženo\\jxpiinstall.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 35168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/23 15:39];d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl [13.3.2010 12:58 87536]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [24.11.2011 12:01 77824]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [24.11.2011 12:01 69632]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [24.11.2011 12:01 286720]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 ntk_PowerDVD;ntk_PowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [24.11.2011 12:01 71664]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [23.11.2011 15:25 47360]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/24 12:02];\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl --> d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Print.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\instalave od18.11.2011\ICQ7.7\ICQ.exe
TCP: Interfaces\{B745FC88-D69F-476F-8D4D-93C6CA3F3A0B}: NameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-18 17:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-18 17:51:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-18 16:51
ComboFix2.txt 2011-12-16 17:08
.
Před spuštěním: 1 617 076 224
Po spuštění: 1 602 818 048
.
- - End Of File - - 7AFA9C8E7CF0BA84A996BD517CF9EB79
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.511.219 [GMT 1:00]
Spuštěný z: C:\ComboFix.exe
Použité ovládací přepínače :: C:\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\ContentPackagesActivationHandler.exe
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\GamesButton.png
c:\program files\SweetIM\Messenger\resources\images\KeyboardButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\resources\sqlite\mgSqlite3.dll
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\mghooking.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\about.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\blue\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\clear-history.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim-over.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier-anim.gif
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\content-notifier.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dating.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\e_cards.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\eye_icon_over.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\find.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\free_stuff.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\games.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\glitter.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\green\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\help.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\highlight.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\locales.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_16x16.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_21x18.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_32x32.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\logo_about.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\more-search-providers.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\music.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\news.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\options.html
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_bing.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_current.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_dictionary.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_google.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_hover.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_left.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_photo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_web.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\orange\search_button_yahoo.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\photos.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\search-current-site.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\shopping.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetim_text.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\video.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-search.png
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\web-toolbar.js
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\yahoo.png
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-11-18 do 2011-12-18 )))))))))))))))))))))))))))))))
.
.
2011-12-16 16:47 . 2008-04-13 23:49 75264 -c--a-w- c:\windows\system32\dllcache\ipsec.sys
2011-12-16 16:47 . 2008-04-13 23:49 75264 ----a-w- c:\windows\system32\drivers\ipsec.sys
2011-12-14 17:03 . 2011-12-14 17:03 -------- d-----w- c:\program files\Common Files\Java
2011-12-14 17:02 . 2011-12-14 17:02 476904 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2011-12-14 17:02 . 2011-12-14 17:01 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-12-14 17:02 . 2011-12-14 17:01 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-12-14 17:01 . 2011-12-14 17:01 -------- d-----w- c:\program files\Java
2011-12-13 14:43 . 2011-12-13 14:43 -------- d-----w- C:\Terasoft
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- c:\program files\trend micro
2011-12-11 13:24 . 2011-12-11 13:25 -------- d-----w- C:\rsit
2011-12-08 07:13 . 2011-12-08 07:13 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\McAfee
2011-12-06 23:03 . 2011-12-06 23:03 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Temp
2011-12-06 23:03 . 2011-12-06 23:03 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Adobe
2011-12-06 23:00 . 2011-12-06 23:00 -------- d-----w- c:\program files\Common Files\Adobe
2011-12-06 22:58 . 2011-12-06 22:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2011-12-06 22:58 . 2011-12-06 22:58 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee Security Scan
2011-12-06 22:58 . 2011-12-08 07:12 -------- d-----w- c:\program files\McAfee Security Scan
2011-12-04 15:36 . 2011-12-04 15:36 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Identities
2011-12-01 12:04 . 2011-12-01 12:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\vsosdk
2011-11-27 17:59 . 2011-12-02 20:28 -------- d-----w- c:\windows\system32\kb
2011-11-27 17:48 . 2011-11-27 17:48 -------- d-----w- c:\documents and settings\Default User\Local Settings\Data aplikací\Microsoft Help
2011-11-27 17:40 . 2011-11-27 18:04 -------- d-----w- c:\windows\SxsCaPendDel
2011-11-27 17:38 . 2011-11-27 17:38 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\PCHealth
2011-11-25 19:28 . 2011-11-25 19:28 -------- d-s---w- c:\documents and settings\LocalService\UserData
2011-11-25 08:17 . 2008-03-03 13:25 5702 ---ha-w- c:\windows\nod32restoretemdono.reg
2011-11-25 07:47 . 2011-11-25 07:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
2011-11-24 21:15 . 2011-11-24 21:15 -------- d-----w- c:\windows\system32\wbem\Repository
2011-11-24 18:58 . 2011-11-24 21:14 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\MediaBox
2011-11-24 18:51 . 2011-11-24 22:33 -------- d-sh--w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\22c3a1d4
2011-11-24 18:24 . 2011-11-24 21:14 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\DAEMON Tools Lite
2011-11-24 18:24 . 2011-11-24 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-11-24 13:35 . 2011-12-01 20:14 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DVD Shrink
2011-11-24 12:32 . 2011-11-24 12:32 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\PowerCinema
2011-11-23 14:39 . 2011-11-23 14:39 -------- d-----w- c:\program files\Cyberlink
2011-11-23 14:38 . 2011-11-23 14:39 -------- d-----w- c:\program files\Common Files\CyberLink
2011-11-23 14:37 . 2011-11-23 14:32 29480 ----a-w- c:\windows\system32\msxml3a.dll
2011-11-23 14:25 . 2011-11-23 14:25 87608 ----a-w- c:\documents and settings\Staňouš\Data aplikací\inst.exe
2011-11-23 14:25 . 2011-11-23 14:25 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2011-11-23 14:25 . 2011-11-23 14:25 47360 ----a-w- c:\documents and settings\Staňouš\Data aplikací\pcouffin.sys
2011-11-23 14:23 . 2011-12-08 18:26 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Vso
2011-11-23 14:22 . 2010-02-09 15:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2011-11-23 14:22 . 2010-02-09 15:37 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2011-11-23 14:22 . 2010-02-09 15:37 217127 ----a-w- c:\windows\system32\drv43260.dll
2011-11-23 14:22 . 2010-02-09 15:37 208935 ----a-w- c:\windows\system32\drv33260.dll
2011-11-23 14:22 . 2010-02-09 15:37 176165 ----a-w- c:\windows\system32\drv23260.dll
2011-11-23 14:22 . 2010-02-09 15:37 1184984 ----a-w- c:\windows\system32\wvc1dmod.dll
2011-11-23 14:22 . 2010-02-09 15:37 102439 ----a-w- c:\windows\system32\sipr3260.dll
2011-11-23 14:22 . 2011-11-23 14:22 -------- d-----w- c:\program files\VSO
2011-11-21 16:27 . 2011-11-21 16:27 -------- d-----w- c:\program files\ICQ6Toolbar
2011-11-21 16:27 . 2011-11-21 16:27 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ICQ
2011-11-21 16:27 . 2011-12-18 12:35 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\ICQ
2011-11-21 15:48 . 2011-11-24 17:44 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Ahead
2011-11-21 15:44 . 2011-11-21 15:44 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Nero
2011-11-21 14:59 . 2011-11-21 14:59 -------- d-----w- c:\documents and settings\All Users\Data aplikací\LightScribe
2011-11-21 14:54 . 2011-11-21 15:51 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Ahead
2011-11-21 14:49 . 2011-11-24 21:19 -------- d-----w- c:\program files\Common Files\LightScribe
2011-11-21 14:45 . 2011-11-21 15:47 -------- d-----w- c:\program files\Common Files\Ahead
2011-11-21 14:45 . 2004-08-11 00:45 47616 ----a-w- c:\program files\Windows Media Player\msoobci.dll
2011-11-21 14:45 . 2004-08-11 00:45 819200 ----a-w- c:\program files\Windows Media Player\wmsetsdk.exe
2011-11-21 00:02 . 2011-11-24 12:32 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\CyberLink
2011-11-20 19:03 . 2011-12-16 16:54 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Skype
2011-11-20 19:03 . 2011-11-20 19:03 -------- d-----r- c:\program files\Skype
2011-11-20 19:03 . 2011-11-20 19:03 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Skype
2011-11-20 12:43 . 2011-11-20 12:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\SweetIM
2011-11-20 10:25 . 2011-12-06 06:01 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Media Player Classic
2011-11-20 09:22 . 2011-03-02 10:43 175616 ----a-w- c:\windows\system32\unrar.dll
2011-11-20 09:22 . 2011-07-16 14:17 151552 ----a-w- c:\windows\system32\ac3acm.acm
2011-11-20 09:22 . 2006-10-18 18:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2011-11-20 09:22 . 2011-06-24 14:44 243200 ----a-w- c:\windows\system32\xvidvfw.dll
2011-11-20 09:22 . 2011-06-24 14:28 650752 ----a-w- c:\windows\system32\xvidcore.dll
2011-11-20 09:22 . 2011-10-28 08:00 74752 ----a-w- c:\windows\system32\ff_vfw.dll
2011-11-19 00:01 . 2011-11-26 16:08 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\eType
2011-11-18 22:08 . 2011-11-24 12:25 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\CyberLink
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PDVD
2011-11-18 22:04 . 2011-11-25 22:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\CyberLink
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\MediaServer
2011-11-18 22:04 . 2011-11-18 22:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\MediaServer
2011-11-18 22:00 . 2011-11-18 22:00 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\Google
2011-11-18 21:59 . 2011-11-23 14:32 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Temp
2011-11-18 21:59 . 2011-11-18 22:01 -------- d-----w- c:\documents and settings\All Users\Data aplikací\install_clap
2011-11-18 20:41 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2011-11-18 20:41 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-11-18 20:41 . 2011-11-18 20:41 -------- d-----w- c:\windows\Logs
2011-11-18 20:40 . 2011-12-07 22:08 -------- d-----w- c:\documents and settings\Staňouš\Data aplikací\Winamp
2011-11-18 19:52 . 2011-11-18 19:52 -------- d-----w- c:\documents and settings\Staňouš\Local Settings\Data aplikací\GHISLER
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-11-18 19:06 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-11-18 18:42 . 2011-02-02 07:58 2067456 -c----w- c:\windows\system32\dllcache\lhmstscx.dll
2011-11-18 18:42 . 2011-01-27 11:57 677888 -c----w- c:\windows\system32\dllcache\lhmstsc.exe
2011-11-18 18:41 . 2010-04-16 15:38 406016 -c----w- c:\windows\system32\dllcache\usp10.dll
2011-11-18 18:38 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-11-18 18:37 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-11-18 18:37 . 2011-07-15 13:29 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-11-18 18:37 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-11-18 18:36 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-11-18 18:35 . 2010-06-14 14:31 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe
2011-11-18 18:32 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-11-18 18:31 . 2010-08-27 08:03 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2011-11-18 18:31 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2011-11-18 18:31 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2011-11-18 18:30 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe
2011-11-18 18:30 . 2009-03-06 14:23 284160 -c----w- c:\windows\system32\dllcache\pdh.dll
2011-11-18 18:30 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe
2011-11-18 18:30 . 2009-02-09 10:56 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll
2011-11-18 18:30 . 2009-02-09 10:56 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll
2011-11-18 18:30 . 2009-02-09 10:56 684032 -c----w- c:\windows\system32\dllcache\advapi32.dll
2011-11-18 18:30 . 2009-02-09 10:56 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll
2011-11-18 18:27 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-11-18 18:27 . 2011-06-24 14:10 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys
2011-11-18 18:27 . 2008-05-01 14:37 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2011-11-18 18:27 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
2011-11-18 18:26 . 2010-06-14 07:43 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2011-11-18 18:22 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2011-11-18 18:21 . 2010-06-18 13:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2011-11-18 18:19 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-11-18 18:18 . 2011-04-29 19:07 852480 -c----w- c:\windows\system32\dllcache\vgx.dll
2011-11-18 18:16 . 2011-10-26 10:50 2194944 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2011-11-18 18:16 . 2011-10-26 10:49 2150912 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2011-11-18 18:16 . 2010-12-09 15:15 713216 -c----w- c:\windows\system32\dllcache\ntdll.dll
2011-11-18 18:16 . 2011-10-26 10:50 2071552 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2011-11-18 18:16 . 2011-10-26 10:49 2029056 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2011-11-18 18:16 . 2010-07-16 11:58 219136 -c----w- c:\windows\system32\dllcache\wordpad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-23 14:40 . 2004-08-17 13:44 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-21 16:33 . 2011-11-18 16:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-01 20:36 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-11-01 20:36 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-11-01 20:36 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-11-01 20:34 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-17 13:49 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-17 13:49 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:50 . 2004-08-17 15:45 2071552 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-26 10:50 . 2004-08-17 13:45 2194944 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-18 11:13 . 2004-08-17 13:49 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2011-11-18 15:12 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-28 07:06 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-26 10:41 . 2011-09-26 10:41 613376 ------w- c:\windows\system32\uiautomationcore.dll
2011-09-26 10:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 10:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-11-05 07:07 . 2011-11-18 16:13 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-16_17.05.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-18 16:49 . 2011-12-18 16:49 16384 c:\windows\temp\Perflib_Perfdata_6fc.dat
+ 2011-12-18 16:49 . 2011-12-18 16:49 16384 c:\windows\temp\Perflib_Perfdata_494.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"AudioDeck"="c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe" [2007-08-09 528384]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2004-01-14 409600]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1461080]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
.
c:\documents and settings\Staňouš\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Instalave od18.11.2011\\ICQ7.7\\ICQ.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PowerDVD11.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\PDVD11Serv.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD11\\Common\\MediaServer\\CLMSServerForPDVD11.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"d:\\Instalave od18.11.2011\\Winamp\\winamp.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\NavFilter\\CLHelper.exe"=
"d:\\Instalave od18.11.2011\\4\\ConvertXtoDvd.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD Cox\\PowerDVDCox10.exe"=
"d:\\Instalave od18.11.2011\\Total KOmandr\\totalcmd\\TOTALCMD.EXE"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\McAfee Security Scan\\2.0.181\\mcuicnt.exe"=
"c:\\Program Files\\Adobe\\Reader 10.0\\Reader\\AcroRd32.exe"=
"d:\\Instalave od18.11.2011\\PowerDVD10\\PowerDVD10.exe"=
"c:\\Documents and Settings\\Staňouš\\Plocha\\RSIT.exe"=
"d:\\Stahování\\staženo\\jxpiinstall.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe"=
.
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [13.3.2008 16:52 35168]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2011/11/23 15:39];d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl [13.3.2010 12:58 87536]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [24.11.2011 12:01 77824]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [24.11.2011 12:01 69632]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;d:\instalave od18.11.2011\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [24.11.2011 12:01 286720]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [7.10.2009 9:16 472280]
R2 ntk_PowerDVD;ntk_PowerDVD;d:\instalave od18.11.2011\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys [24.11.2011 12:01 71664]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [23.11.2011 15:25 47360]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/11/24 12:02];\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl --> d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 13:49 227232]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - d:\instalave od18.11.2011\Easy-WebPrint\Resource.dll/RC_Print.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - d:\instalave od18.11.2011\ICQ7.7\ICQ.exe
TCP: Interfaces\{B745FC88-D69F-476F-8D4D-93C6CA3F3A0B}: NameServer = 10.0.0.1
FF - ProfilePath - c:\documents and settings\Staňouš\Data aplikací\Mozilla\Firefox\Profiles\xqgp9cpz.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-18 17:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AudioDeck = c:\program files\VIA\VIAudioi\SBADeck\ADeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD10\NavFilter\000.fcl"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\d:\instalave od18.11.2011\PowerDVD11\Common\NavFilter\000.fcl"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\RUNDLL32.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-12-18 17:51:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-12-18 16:51
ComboFix2.txt 2011-12-16 17:08
.
Před spuštěním: 1 617 076 224
Po spuštění: 1 602 818 048
.
- - End Of File - - 7AFA9C8E7CF0BA84A996BD517CF9EB79
Re: prosím o kontrolu logu
Jak se chova PC
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?