BSOD

Zpráva

citaquita · #1 Příspěvek od **citaquita** » 16 bře 2012 21:45

Dobrý den,

nedávno mi tatínek luxoval počítač, přičemž tím nejspíš něco poškodil a počítač mi pak nešel naběhnout (předtím fungoval úplně bez problémů). Vyměnila jsem už dvakrát MB a RAM, procesor jenom jednou (:)), nyní počítač jakoby běží, ale zlobí mě BSOD. Naskočí mi kdykoliv počítač nechám dlouho zapnutý, když dám stahovat nějaký větší soubor z internetu atp. Kromě toho mi neustále padají různé aplikace, nejčastěji ICQ, které spadne jakmile někomu pošlu zprávu.

Toto jsou mé hlavní komponenty:

GIGABYTE A55M-S2V (AMD A75, VGA + PCIe x16, DDR3 2400, SATA II RAID, USB 2.0, GLAN, DVI, 8ch audio, mATX, scFM1)
AMD A4 X2 3400 Procesor Dual-Core (65W), 2700MHz, BOX, socket FM1
Corsair 4GB KIT DDR3 1600MHz CL9 XMS3 DHX
NVIDIA GeForce 9500 GT (512 MB)

Budu vděčná za jakékoliv rady, protože vůbec netuším, co se děje:(.

Zde jsou výpisy z BlueScreenView:

==================================================
Dump File : Mini031212-01.dmp
Crash Time : 12.3.2012 14:02:56
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x100000d1
Parameter 1 : 0x00000030
Parameter 2 : 0x00000002
Parameter 3 : 0x00000000
Parameter 4 : 0xb26e4058
Caused By Driver : tcpip.sys
Caused By Address : tcpip.sys+2c058
File Description : TCP/IP Protocol Driver
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)
Processor : 32-bit
Crash Address : tcpip.sys+2c058
Stack Address 1 : tcpip.sys+435a
Stack Address 2 : tcpip.sys+1ef5
Stack Address 3 : tcpip.sys+1b19
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031212-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================
==================================================
Dump File : Mini031212-02.dmp
Crash Time : 12.3.2012 14:54:02
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x98808a41
Parameter 2 : 0x00000001
Parameter 3 : 0x806e69f5
Parameter 4 : 0x00000000
Caused By Driver : hal.dll
Caused By Address : hal.dll+29f5
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+29f5
Stack Address 1 : ntoskrnl.exe+4547b
Stack Address 2 : ntoskrnl.exe+c9e9
Stack Address 3 : ntoskrnl.exe+a7de
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031212-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031312-01.dmp
Crash Time : 13.3.2012 17:09:33
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xf0555dd8
Parameter 2 : 0x00000000
Parameter 3 : 0x805266ae
Parameter 4 : 0x00000002
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4f6ae
File Description : NT Kernel & System
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)
Processor : 32-bit
Crash Address : ntoskrnl.exe+4f6ae
Stack Address 1 : ntoskrnl.exe+6a67c
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031312-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031312-02.dmp
Crash Time : 13.3.2012 17:12:00
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x90555dd8
Parameter 2 : 0x00000000
Parameter 3 : 0x805266ae
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4f6ae
File Description : NT Kernel & System
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)
Processor : 32-bit
Crash Address : ntoskrnl.exe+4f6ae
Stack Address 1 : ntoskrnl.exe+6a67c
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031312-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031312-03.dmp
Crash Time : 13.3.2012 17:45:08
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xfa555dd8
Parameter 2 : 0x00000000
Parameter 3 : 0x805266ae
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4f6ae
File Description : NT Kernel & System
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)
Processor : 32-bit
Crash Address : ntoskrnl.exe+4f6ae
Stack Address 1 : ntoskrnl.exe+6a67c
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031312-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031312-04.dmp
Crash Time : 13.3.2012 22:06:59
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xf8555dd8
Parameter 2 : 0x00000000
Parameter 3 : 0x805266ae
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4f6ae
File Description : NT Kernel & System
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)
Processor : 32-bit
Crash Address : ntoskrnl.exe+4f6ae
Stack Address 1 : ntoskrnl.exe+6a67c
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031312-04.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031212-03.dmp
Crash Time : 12.3.2012 23:06:29
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0x98808a41
Parameter 2 : 0x00000001
Parameter 3 : 0x806e69f5
Parameter 4 : 0x00000000
Caused By Driver : hal.dll
Caused By Address : hal.dll+29f5
File Description : Hardware Abstraction Layer DLL
Product Name : Microsoft® Windows® Operating System
Company : Microsoft Corporation
File Version : 5.1.2600.5512 (xpsp.080413-2111)
Processor : 32-bit
Crash Address : hal.dll+29f5
Stack Address 1 : ntoskrnl.exe+4547b
Stack Address 2 : ntoskrnl.exe+c9e9
Stack Address 3 : ntoskrnl.exe+a7de
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031212-03.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031412-02.dmp
Crash Time : 14.3.2012 23:37:55
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xbf907af1
Parameter 3 : 0xb10b0c54
Parameter 4 : 0x00000000
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+107af1
File Description : Multi-User Win32 Driver
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6189 (xpsp_sp3_gdr.120203-1028)
Processor : 32-bit
Crash Address : win32k.sys+107af1
Stack Address 1 : win32k.sys+67e8
Stack Address 2 : win32k.sys+6500
Stack Address 3 : win32k.sys+3c3c
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031412-02.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031412-01.dmp
Crash Time : 14.3.2012 23:09:46
Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED
Bug Check Code : 0x1000008e
Parameter 1 : 0xc0000005
Parameter 2 : 0xb07bbb43
Parameter 3 : 0xb088eb9c
Parameter 4 : 0x00000000
Caused By Driver : gdrv.sys
Caused By Address : gdrv.sys+b43
File Description :
Product Name :
Company :
File Version :
Processor : 32-bit
Crash Address : gdrv.sys+b43
Stack Address 1 : gdrv.sys+501
Stack Address 2 : ntoskrnl.exe+1819f
Stack Address 3 : ntoskrnl.exe+a981d
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031412-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031512-01.dmp
Crash Time : 15.3.2012 22:13:52
Bug Check String : PAGE_FAULT_IN_NONPAGED_AREA
Bug Check Code : 0x10000050
Parameter 1 : 0xd0555dd8
Parameter 2 : 0x00000000
Parameter 3 : 0x805266ae
Parameter 4 : 0x00000000
Caused By Driver : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+4f6ae
File Description : NT Kernel & System
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6165 (xpsp_sp3_gdr.111025-1629)
Processor : 32-bit
Crash Address : ntoskrnl.exe+4f6ae
Stack Address 1 : ntoskrnl.exe+6a67c
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031512-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

==================================================
Dump File : Mini031612-01.dmp
Crash Time : 16.3.2012 16:31:33
Bug Check String : IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x1000000a
Parameter 1 : 0x10100000
Parameter 2 : 0x0000001c
Parameter 3 : 0x00000001
Parameter 4 : 0x80540b21
Caused By Driver : win32k.sys
Caused By Address : win32k.sys+2eea
File Description : Multi-User Win32 Driver
Product Name : Operační systém Microsoft® Windows®
Company : Microsoft Corporation
File Version : 5.1.2600.6189 (xpsp_sp3_gdr.120203-1028)
Processor : 32-bit
Crash Address : ntoskrnl.exe+69b21
Stack Address 1 : win32k.sys+2eea
Stack Address 2 : win32k.sys+1ac2
Stack Address 3 : win32k.sys+19cb2
Computer Name :
Full Path : C:\WINDOWS\Minidump\Mini031612-01.dmp
Processors Count : 2
Major Version : 15
Minor Version : 2600
Dump File Size : 90 112
==================================================

#2 Příspěvek od **Rudy** » 16 bře 2012 22:18

Zdravím!
Podle minidumpů může být problém jak v hardwaru, tak i v softwaru. Bude to možná hledání jehly v kupce sena. Nejprve dejte log RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 . Dál uvidíme.

citaquita · #3 Příspěvek od **citaquita** » 17 bře 2012 10:31

Moc děkuji za rychlou reakci!

Zde přikládám log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by saanjei at 2012-03-17 10:28:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 171 GB (56%) free of 305 GB
Total RAM: 3325 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:47, on 17.3.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avast\AvastSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\CML.exe
C:\WINDOWS\system32\RecvMessage.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Avast\avastUI.exe
C:\Program Files\ZoneAlarm\zlclient.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Encarta\Encarta Reference Library 2006 DVD\EDICT.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\GIGABYTE\G.O.M\GCSVR.EXE
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Documents and Settings\saanjei\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\saanjei\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\saanjei\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\saanjei\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\saanjei\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Install\RSIT.exe
C:\Program Files\trend micro\saanjei.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [tray2] C:\WINDOWS\system32\CML.exe
O4 - HKLM\..\Run: [tray3] C:\WINDOWS\system32\RecvMessage.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [E06ZXLRD_1079375] "C:\Program Files\Microsoft Encarta\Encarta Reference Library 2006 DVD\EDICT.EXE" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-220523388-1606980848-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast\AvastSvc.exe
O23 - Service: COM Service - Unknown owner - C:\Program Files\GIGABYTE\G.O.M\GCSVR.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7397 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\saanjei\Data aplikací\Mozilla\Firefox\Profiles\af2wlqrf.default

prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\saanjei\Data aplikací\Mozilla\Firefox\Profiles\af2wlqrf.default\extensions\
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-05-12 20053608]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2005-02-17 221184]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17 81920]
"tray2"=C:\WINDOWS\system32\CML.exe [2005-07-15 20480]
"tray3"=C:\WINDOWS\system32\RecvMessage.exe [2007-01-10 196608]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-02-10 15494464]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-02-10 1634112]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\Avast\avastUI.exe [2012-03-07 4241512]
"ZoneAlarm Client"=C:\Program Files\ZoneAlarm\zlclient.exe [2011-03-18 1043968]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"E06ZXLRD_1079375"=C:\Program Files\Microsoft Encarta\Encarta Reference Library 2006 DVD\EDICT.EXE [2005-06-04 301776]

C:\Documents and Settings\saanjei\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\RecvMessage.exe"="C:\WINDOWS\system32\RecvMessage.exe:*:Enabled:RecvMessage"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=L3CODECA.ACM
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-03-17 10:28:35 ----D---- C:\Program Files\trend micro
2012-03-17 10:28:34 ----D---- C:\rsit
2012-03-17 10:04:30 ----A---- C:\WINDOWS\system32\jerror.dat
2012-03-17 10:04:30 ----A---- C:\WINDOWS\system32\jcsball.dat
2012-03-17 09:19:46 ----A---- C:\WINDOWS\gdrv.sys
2012-03-16 21:22:40 ----D---- C:\Program Files\EVEREST Home Edition
2012-03-16 21:06:57 ----D---- C:\Program Files\LogViewer2
2012-03-16 10:13:17 ----A---- C:\WINDOWS\system32\MRT.exe
2012-03-16 10:12:48 ----N---- C:\WINDOWS\system32\browserchoice.exe
2012-03-15 22:32:25 ----D---- C:\9f31bce4e73bc890dac68da0bd3aa05c
2012-03-15 22:29:11 ----SHD---- C:\Config.Msi
2012-03-15 14:03:52 ----D---- C:\WINDOWS\ie8updates
2012-03-15 02:14:54 ----D---- C:\WINDOWS\WBEM
2012-03-15 02:13:42 ----HDC---- C:\WINDOWS\ie8
2012-03-15 00:09:51 ----D---- C:\Program Files\SeaTools for Windows
2012-03-15 00:08:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2012-03-14 23:26:26 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2012-03-14 15:37:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\HPSSUPPLY
2012-03-14 15:37:47 ----D---- C:\Program Files\HP
2012-03-14 15:37:37 ----A---- C:\WINDOWS\system32\WRes1200.txt
2012-03-14 15:37:37 ----A---- C:\WINDOWS\system32\W600dpi.txt
2012-03-14 15:37:37 ----A---- C:\WINDOWS\system32\HRes600.txt
2012-03-14 15:37:37 ----A---- C:\WINDOWS\system32\HRes1200.txt
2012-03-14 15:37:37 ----A---- C:\WINDOWS\system32\HPPLVS.dll
2012-03-14 15:37:36 ----A---- C:\WINDOWS\system32\HP1006LM.DLL
2012-03-14 15:37:20 ----A---- C:\WINDOWS\lexstat.ini
2012-03-14 15:33:11 ----HD---- C:\Program Files\Avago-HP
2012-03-14 15:31:45 ----SHD---- C:\WINDOWS\ftpcache
2012-03-14 14:06:00 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Windows Search
2012-03-14 14:05:19 ----D---- C:\WINDOWS\system32\GroupPolicy
2012-03-14 14:05:19 ----D---- C:\Program Files\Windows Desktop Search
2012-03-14 14:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2012-03-13 23:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$
2012-03-13 23:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2012-03-13 23:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2012-03-13 23:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$
2012-03-13 23:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$
2012-03-13 23:42:09 ----D---- C:\WINDOWS\SxsCaPendDel
2012-03-13 22:30:45 ----AH---- C:\WINDOWS\system32\zllictbl.dat
2012-03-13 22:30:44 ----A---- C:\WINDOWS\system32\vsregexp.dll
2012-03-13 22:30:42 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2012-03-13 22:30:42 ----A---- C:\WINDOWS\system32\zlcomm.dll
2012-03-13 22:30:37 ----A---- C:\WINDOWS\system32\vswmi.dll
2012-03-13 22:30:35 ----D---- C:\WINDOWS\system32\ZoneLabs
2012-03-13 22:30:35 ----A---- C:\WINDOWS\system32\zpeng25.dll
2012-03-13 22:30:35 ----A---- C:\WINDOWS\system32\vsxml.dll
2012-03-13 22:30:35 ----A---- C:\WINDOWS\system32\vspubapi.dll
2012-03-13 22:30:34 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2012-03-13 22:30:32 ----A---- C:\WINDOWS\system32\vsdatant.sys
2012-03-13 22:30:31 ----D---- C:\Program Files\ZoneAlarm
2012-03-13 22:29:29 ----D---- C:\WINDOWS\Internet Logs
2012-03-13 22:29:29 ----A---- C:\WINDOWS\system32\vsutil.dll
2012-03-13 22:29:29 ----A---- C:\WINDOWS\system32\vsinit.dll
2012-03-13 22:29:29 ----A---- C:\WINDOWS\system32\vsdata.dll
2012-03-13 22:23:32 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-03-13 22:23:31 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-03-13 22:23:30 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-03-13 22:23:29 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-03-13 22:23:29 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-03-13 22:23:28 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-03-13 22:23:28 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-03-13 22:23:28 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-03-13 22:23:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-03-13 22:23:08 ----A---- C:\WINDOWS\avastSS.scr
2012-03-13 22:22:57 ----D---- C:\Program Files\Avast
2012-03-13 22:22:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-03-13 19:49:49 ----D---- C:\Documents and Settings\saanjei\Data aplikací\ICQ
2012-03-13 19:49:44 ----D---- C:\Program Files\ICQ7.6
2012-03-13 19:33:14 ----D---- C:\Program Files\Common Files\Adobe
2012-03-13 19:33:14 ----D---- C:\Program Files\Adobe
2012-03-13 19:32:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-03-13 18:34:53 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Canneverbe Limited
2012-03-13 18:34:43 ----D---- C:\Program Files\CDBurnerXP
2012-03-13 18:34:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2012-03-13 18:32:48 ----D---- C:\WINDOWS\system32\appmgmt
2012-03-13 18:30:01 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Nero
2012-03-13 18:28:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2012-03-13 18:24:18 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2012-03-13 17:48:05 ----A---- C:\WINDOWS\system32\muweb.dll
2012-03-13 17:48:05 ----A---- C:\WINDOWS\system32\mucltui.dll
2012-03-13 17:27:57 ----D---- C:\Program Files\MSXML 4.0
2012-03-13 00:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2012-03-12 23:58:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2012-03-12 23:58:43 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2012-03-12 23:58:39 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2012-03-12 23:58:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2012-03-12 23:57:03 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2012-03-12 23:56:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-03-12 23:56:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-03-12 23:56:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2012-03-12 23:56:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-03-12 23:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-03-12 23:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-03-12 23:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-03-12 23:55:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-03-12 23:55:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2012-03-12 23:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2012-03-12 23:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2012-03-12 23:54:49 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2012-03-12 23:54:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-03-12 23:54:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2012-03-12 23:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2012-03-12 23:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2012-03-12 23:54:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2012-03-12 23:54:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2012-03-12 23:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2012-03-12 23:54:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-03-12 23:54:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2012-03-12 23:54:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-03-12 23:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-03-12 23:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2012-03-12 23:53:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-03-12 23:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2012-03-12 23:53:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2012-03-12 23:53:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2012-03-12 23:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2012-03-12 23:53:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-03-12 23:53:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-03-12 23:53:21 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2012-03-12 23:53:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2012-03-12 23:53:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2012-03-12 23:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-03-12 23:52:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2012-03-12 23:52:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2012-03-12 23:52:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2012-03-12 23:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2012-03-12 23:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2012-03-12 23:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2012-03-12 23:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2012-03-12 23:52:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2012-03-12 23:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-03-12 23:50:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2012-03-12 23:49:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2012-03-12 23:49:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2012-03-12 23:48:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2012-03-12 23:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2012-03-12 23:48:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-03-12 23:48:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2012-03-12 23:48:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2012-03-12 23:48:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2012-03-12 23:48:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-03-12 23:48:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2012-03-12 23:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2012-03-12 23:48:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2012-03-12 23:48:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-03-12 23:48:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2647516$
2012-03-12 23:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2012-03-12 23:47:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-03-12 23:47:55 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-03-12 23:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-03-12 23:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-03-12 23:47:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-03-12 23:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-03-12 23:47:38 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2012-03-12 23:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-03-12 23:47:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2012-03-12 23:47:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-03-12 23:47:15 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2012-03-12 23:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-03-12 23:47:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2012-03-12 23:46:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-03-12 23:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2012-03-12 23:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-03-12 23:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2012-03-12 23:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-03-12 23:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2012-03-12 23:46:33 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2012-03-12 23:46:29 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2012-03-12 23:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2012-03-12 23:46:23 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2012-03-12 23:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2012-03-12 23:46:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2012-03-12 23:46:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-03-12 23:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2012-03-12 23:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2012-03-12 23:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-03-12 23:43:10 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2012-03-12 23:43:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2012-03-12 23:43:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2012-03-12 23:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2012-03-12 23:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2012-03-12 23:42:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-03-12 23:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2012-03-12 23:42:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-03-12 23:42:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-03-12 23:42:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2012-03-12 23:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2012-03-12 23:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2012-03-12 23:42:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2012-03-12 23:42:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2012-03-12 23:17:09 ----D---- C:\Program Files\Microsoft Silverlight
2012-03-12 23:04:09 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Thunderbird
2012-03-12 23:04:04 ----D---- C:\Program Files\Mozilla Thunderbird
2012-03-12 22:59:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2012-03-12 22:52:35 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Mozilla
2012-03-12 22:52:30 ----D---- C:\Program Files\Mozilla Firefox
2012-03-12 22:51:09 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Adobe
2012-03-12 22:39:38 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2012-03-12 22:31:56 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-03-12 22:27:19 ----D---- C:\Program Files\Microsoft Encarta
2012-03-12 22:27:14 ----D---- C:\WINDOWS\Lhsp
2012-03-12 22:27:14 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Macromedia
2012-03-12 22:26:54 ----D---- C:\WINDOWS\speech
2012-03-12 22:26:15 ----D---- C:\WINDOWS\system32\PreInstall
2012-03-12 22:26:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2012-03-12 22:26:13 ----HD---- C:\WINDOWS\$hf_mig$
2012-03-12 22:25:33 ----D---- C:\WINDOWS\system32\URTTEMP
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\lxbkvs.dll
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\lxbkpwr.dll
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKPMNT.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKLSNT.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKLCNT.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKLCNP.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKIH.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKCU.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\lxbkcomm.dll
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LXBKCFG.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEXPPS.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEXPING.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEXP2P32.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEXBCES.EXE
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEXBCE.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\LEX2KUSB.DLL
2012-03-12 22:22:11 ----A---- C:\WINDOWS\system32\INSTMON.EXE
2012-03-12 22:22:10 ----A---- C:\WINDOWS\system32\LXBKCUR.DLL
2012-03-12 22:22:10 ----A---- C:\WINDOWS\system32\LEXLMPM.DLL
2012-03-12 22:22:04 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2012-03-12 22:22:02 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2012-03-12 22:21:59 ----D---- C:\Program Files\Lexmark X1100 Series
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\LXBKUTIL.DLL
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\lxbkscin.dll
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\LXBKJSWR.DLL
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\LXBKGF.DLL
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\lxbkcoin.ini
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\lxbkcoin.dll
2012-03-12 22:21:59 ----A---- C:\WINDOWS\system32\lxbkcinf.dll
2012-03-12 22:21:55 ----A---- C:\WINDOWS\uninst.exe
2012-03-12 22:18:08 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2012-03-12 22:17:12 ----A---- C:\WINDOWS\system32\msonpmon.dll
2012-03-12 22:16:58 ----D---- C:\Program Files\Microsoft Works
2012-03-12 22:16:50 ----D---- C:\Program Files\Common Files\DESIGNER
2012-03-12 22:16:37 ----D---- C:\Program Files\Microsoft.NET
2012-03-12 22:15:22 ----D---- C:\WINDOWS\SHELLNEW
2012-03-12 22:15:10 ----D---- C:\Program Files\Microsoft Office
2012-03-12 22:15:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-03-12 22:14:53 ----RHD---- C:\MSOCache
2012-03-12 14:03:02 ----D---- C:\WINDOWS\Minidump
2012-03-11 23:48:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-03-11 23:48:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrszht.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrstr.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsth.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrssv.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrssl.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrssk.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsru.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrspt.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrspl.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsno.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsko.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsja.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsit.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrshu.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrshe.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrses.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrseng.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsel.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsde.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsda.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrscs.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvrsar.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvcpl.dll
2012-03-11 23:48:13 ----A---- C:\WINDOWS\system32\nvcolor.exe
2012-03-11 23:48:12 ----A---- C:\WINDOWS\system32\nvmctray.dll
2012-03-11 23:48:11 ----A---- C:\WINDOWS\system32\nvwddi.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\OpenCL.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2012-03-11 23:47:38 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2012-03-11 23:47:37 ----A---- C:\WINDOWS\system32\nvcuda.dll
2012-03-11 23:47:36 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2012-03-11 23:47:36 ----A---- C:\WINDOWS\system32\nvapi.dll
2012-03-11 23:47:36 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2012-03-11 23:47:36 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2012-03-11 23:47:12 ----D---- C:\Program Files\NVIDIA Corporation
2012-03-11 23:46:53 ----D---- C:\NVIDIA
2012-03-11 23:26:55 ----D---- C:\Install
2012-03-11 23:22:18 ----D---- C:\Maasha
2012-03-11 23:12:15 ----SHD---- C:\RECYCLER
2012-03-11 23:06:56 ----A---- C:\WINDOWS\system32\wpa.bak
2012-03-11 23:04:25 ----A---- C:\WINDOWS\system32\h323log.txt
2012-03-11 23:02:52 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2012-03-11 23:02:19 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-03-11 23:01:59 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2012-03-11 23:01:57 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2012-03-11 23:01:27 ----A---- C:\WINDOWS\system32\Cmos.Txt
2012-03-11 23:01:14 ----A---- C:\WINDOWS\system32\usbui.dll
2012-03-11 23:00:26 ----A---- C:\WINDOWS\system32\usetup.exe
2012-03-11 23:00:19 ----A---- C:\WINDOWS\imsins.BAK
2012-03-11 23:00:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-03-11 23:00:16 ----SHD---- C:\WINDOWS\Installer
2012-03-11 23:00:16 ----D---- C:\Program Files\Common Files\ODBC
2012-03-11 23:00:16 ----A---- C:\WINDOWS\ODBCINST.INI
2012-03-11 23:00:13 ----RD---- C:\Program Files
2012-03-11 23:00:13 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-03-11 23:00:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-03-11 23:00:13 ----D---- C:\Program Files\Common Files
2012-03-11 23:00:10 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-03-11 23:00:10 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-03-11 23:00:10 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-03-11 23:00:09 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-03-11 23:00:09 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-03-11 23:00:09 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-03-11 23:00:09 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-03-11 23:00:08 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-03-11 23:00:07 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-03-11 23:00:06 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-03-11 23:00:06 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-03-11 23:00:05 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-03-11 23:00:05 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-03-11 23:00:05 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdycl.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdsl.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdro.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdpl.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdhu.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\kbdcr.dll
2012-03-11 23:00:03 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2012-03-11 23:00:02 ----A---- C:\WINDOWS\system32\irclass.dll
2012-03-11 23:00:01 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-03-11 23:00:01 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-03-11 23:00:01 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-03-11 23:00:01 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-03-11 22:59:59 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2012-03-11 22:59:59 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-03-11 22:59:59 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2012-03-11 22:59:59 ----A---- C:\WINDOWS\system32\batt.dll
2012-03-11 22:59:58 ----A---- C:\WINDOWS\system32\storprop.dll
2012-03-11 22:59:58 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-03-11 22:59:51 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-03-11 22:59:49 ----RA---- C:\WINDOWS\SET8.tmp
2012-03-11 22:59:47 ----RA---- C:\WINDOWS\SET4.tmp
2012-03-11 22:59:46 ----RA---- C:\WINDOWS\SET3.tmp
2012-03-11 22:59:41 ----D---- C:\WINDOWS\system32\CatRoot2
2012-03-11 22:59:41 ----D---- C:\WINDOWS\system32\CatRoot
2012-03-11 22:59:36 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\ycc.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\w83781d.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\SysConfig.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\SInfo.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\RecvMsgDLL.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\RecvMessage.exe
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Rcontrolagent.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Mem.dat.bak
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Mem.dat
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\MarkFunDrv.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\IOInfo.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\HWM.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\HwInfo.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\HWAgent.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\HUADRV.DLL
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\GSCM2.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\GSCM.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\GMail.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\GCSVR.exe
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\FLASHFUN.DLL
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\FlashDLL.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Flash.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\DTInfo.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\DSETUP.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\DrvInfo.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\DeviceID.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\CTray.exe
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\COM_ycc.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\CmosDLL.dll
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Cmos.dat.bak
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\Cmos.dat
2012-03-11 22:59:24 ----A---- C:\WINDOWS\system32\CML.exe
2012-03-11 22:59:17 ----A---- C:\WINDOWS\setuplog.txt
2012-03-11 22:59:15 ----SHD---- C:\System Volume Information
2012-03-11 22:59:15 ----D---- C:\Documents and Settings
2012-03-11 22:59:14 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-03-11 22:58:28 ----SH---- C:\boot.ini
2012-03-11 22:55:20 ----A---- C:\WINDOWS\system32\snmptrap.exe
2012-03-11 22:55:19 ----A---- C:\WINDOWS\system32\snmp.exe
2012-03-11 22:55:19 ----A---- C:\WINDOWS\system32\evntwin.exe
2012-03-11 22:55:18 ----A---- C:\WINDOWS\system32\evntcmd.exe
2012-03-11 22:55:17 ----A---- C:\WINDOWS\system32\snmpmib.dll
2012-03-11 22:55:17 ----A---- C:\WINDOWS\system32\evntagnt.dll
2012-03-11 22:55:16 ----A---- C:\WINDOWS\system32\hostmib.dll
2012-03-11 22:55:15 ----A---- C:\WINDOWS\system32\lmmib2.dll
2012-03-11 22:53:23 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-03-11 22:53:23 ----RD---- C:\WINDOWS\Web
2012-03-11 22:53:23 ----RD---- C:\WINDOWS\Fonts
2012-03-11 22:53:23 ----HD---- C:\WINDOWS\inf
2012-03-11 22:53:23 ----D---- C:\WINDOWS\WinSxS
2012-03-11 22:53:23 ----D---- C:\WINDOWS\twain_32
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Temp
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\wins
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\wbem
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\usmt
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\spool
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\ShellExt
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\Setup
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\ras
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\oobe
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\npp
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\mui
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\inetsrv
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\IME
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\icsxml
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\ias
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\export
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\drivers\etc
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\drivers
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\dhcp
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\cs-cz
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\cs
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\config
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\3com_dmi
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\3076
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\2052
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1054
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1042
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1041
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1037
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1033
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1031
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1029
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1028
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32\1025
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system32
2012-03-11 22:53:23 ----D---- C:\WINDOWS\system
2012-03-11 22:53:23 ----D---- C:\WINDOWS\security
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Resources
2012-03-11 22:53:23 ----D---- C:\WINDOWS\repair
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Provisioning
2012-03-11 22:53:23 ----D---- C:\WINDOWS\pchealth
2012-03-11 22:53:23 ----D---- C:\WINDOWS\PeerNet
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Network Diagnostic
2012-03-11 22:53:23 ----D---- C:\WINDOWS\mui
2012-03-11 22:53:23 ----D---- C:\WINDOWS\msapps
2012-03-11 22:53:23 ----D---- C:\WINDOWS\msagent
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Media
2012-03-11 22:53:23 ----D---- C:\WINDOWS\L2Schemas
2012-03-11 22:53:23 ----D---- C:\WINDOWS\java
2012-03-11 22:53:23 ----D---- C:\WINDOWS\ime
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Help
2012-03-11 22:53:23 ----D---- C:\WINDOWS\ehome
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Driver Cache
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Dell
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Debug
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Cursors
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Connection Wizard
2012-03-11 22:53:23 ----D---- C:\WINDOWS\Config
2012-03-11 22:53:23 ----D---- C:\WINDOWS\AppPatch
2012-03-11 22:53:23 ----D---- C:\WINDOWS\addins
2012-03-11 22:53:23 ----D---- C:\WINDOWS
2012-03-11 22:53:22 ----ASH---- C:\pagefile.sys
2012-03-11 22:51:50 ----A---- C:\WINDOWS\IsUninst.exe
2012-03-11 22:50:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\InstallShield
2012-03-11 22:47:16 ----A---- C:\WINDOWS\etdrv.sys
2012-03-11 22:44:07 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys
2012-03-11 22:40:34 ----D---- C:\Program Files\GIGABYTE
2012-03-11 22:40:34 ----A---- C:\WINDOWS\system32\drivers\AppleCharger.sys
2012-03-11 22:40:34 ----A---- C:\WINDOWS\system32\AppleChargerSrv.exe
2012-03-11 22:40:15 ----D---- C:\Program Files\ATI
2012-03-11 22:40:11 ----RA---- C:\WINDOWS\system32\drivers\usbfilter.sys
2012-03-11 22:40:05 ----RA---- C:\WINDOWS\system32\drivers\amdide.sys
2012-03-11 22:40:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-03-11 22:40:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-03-11 22:39:52 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys
2012-03-11 22:39:51 ----A---- C:\WINDOWS\system32\RTNUninst32.dll
2012-03-11 22:39:51 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2012-03-11 22:39:10 ----D---- C:\WINDOWS\system32\Lang
2012-03-11 22:38:12 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2012-03-11 22:38:11 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-03-11 22:38:10 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-03-11 22:38:08 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-03-11 22:38:07 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2012-03-11 22:38:06 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-03-11 22:38:05 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-03-11 22:38:04 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-03-11 22:38:03 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-03-11 22:38:02 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-03-11 22:38:00 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-03-11 22:37:56 ----D---- C:\WINDOWS\system32\RTCOM
2012-03-11 22:37:54 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-03-11 22:37:54 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2012-03-11 22:37:54 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-03-11 22:37:49 ----A---- C:\WINDOWS\vncutil.exe
2012-03-11 22:37:49 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2012-03-11 22:37:49 ----A---- C:\WINDOWS\SkyTel.exe
2012-03-11 22:37:49 ----A---- C:\WINDOWS\RtlUpd.exe
2012-03-11 22:37:48 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2012-03-11 22:37:48 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2012-03-11 22:37:48 ----A---- C:\WINDOWS\RtkAudioService.exe
2012-03-11 22:37:47 ----A---- C:\WINDOWS\RTLCPL.EXE
2012-03-11 22:37:44 ----A---- C:\WINDOWS\RTHDCPL.EXE
2012-03-11 22:37:43 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2012-03-11 22:37:43 ----A---- C:\WINDOWS\MicCal.exe
2012-03-11 22:37:40 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2012-03-11 22:37:40 ----A---- C:\WINDOWS\ALCWZRD.EXE
2012-03-11 22:37:40 ----A---- C:\WINDOWS\ALCMTR.EXE
2012-03-11 22:37:39 ----HD---- C:\Program Files\InstallShield Installation Information
2012-03-11 22:37:39 ----D---- C:\Program Files\Realtek
2012-03-11 22:37:36 ----R---- C:\WINDOWS\RtlExUpd.dll
2012-03-11 22:37:33 ----D---- C:\Program Files\Common Files\InstallShield
2012-03-11 22:36:54 ----D---- C:\WINDOWS\system32\XPSViewer
2012-03-11 22:36:52 ----D---- C:\WINDOWS\system32\en-US
2012-03-11 22:36:52 ----D---- C:\Program Files\MSBuild
2012-03-11 22:36:49 ----D---- C:\Program Files\Reference Assemblies
2012-03-11 22:36:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-03-11 22:36:33 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-03-11 22:36:32 ----N---- C:\WINDOWS\system32\prntvpt.dll
2012-03-11 22:36:31 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2012-03-11 22:36:31 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2012-03-11 22:36:31 ----D---- C:\0a3260f2c2bfeaa92552d9
2012-03-11 22:36:13 ----RSD---- C:\WINDOWS\assembly
2012-03-11 22:36:03 ----D---- C:\WINDOWS\Microsoft.NET
2012-03-11 22:30:49 ----A---- C:\WINDOWS\GSetup.ini
2012-03-11 22:30:48 ----RA---- C:\WINDOWS\GSetup.exe
2012-03-11 22:17:32 ----D---- C:\Documents and Settings\saanjei\Data aplikací\Identities
2012-03-11 22:17:31 ----HD---- C:\Program Files\Uninstall Information
2012-03-11 22:17:26 ----ASH---- C:\Documents and Settings\saanjei\Data aplikací\desktop.ini
2012-03-11 22:17:25 ----SD---- C:\Documents and Settings\saanjei\Data aplikací\Microsoft
2012-03-11 22:12:15 ----D---- C:\WINDOWS\SoftwareDistribution
2012-03-11 22:12:14 ----D---- C:\WINDOWS\Prefetch
2012-03-11 22:12:13 ----SD---- C:\WINDOWS\system32\Microsoft
2012-03-11 22:12:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-03-11 22:10:42 ----AS---- C:\WINDOWS\bootstat.dat
2012-03-11 22:09:22 ----D---- C:\WINDOWS\system32\xircom
2012-03-11 22:09:22 ----D---- C:\Program Files\xerox
2012-03-11 22:09:22 ----D---- C:\Program Files\microsoft frontpage
2012-03-11 22:09:09 ----D---- C:\DELL
2012-03-11 22:09:01 ----RASH---- C:\MSDOS.SYS
2012-03-11 22:09:01 ----RASH---- C:\IO.SYS
2012-03-11 22:09:01 ----A---- C:\WINDOWS\control.ini
2012-03-11 22:09:01 ----A---- C:\CONFIG.SYS
2012-03-11 22:09:01 ----A---- C:\AUTOEXEC.BAT
2012-03-11 22:08:53 ----A---- C:\WINDOWS\OEWABLog.txt
2012-03-11 22:08:49 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-03-11 22:08:11 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-03-11 22:08:11 ----RD---- C:\WINDOWS\Offline Web Pages
2012-03-11 22:08:04 ----HD---- C:\Program Files\WindowsUpdate
2012-03-11 22:08:01 ----D---- C:\Program Files\Online Services
2012-03-11 22:07:49 ----D---- C:\WINDOWS\system32\DirectX
2012-03-11 22:07:44 ----A---- C:\WINDOWS\system32\atrace.dll
2012-03-11 22:07:41 ----A---- C:\WINDOWS\system32\desktop.ini
2012-03-11 22:07:41 ----A---- C:\WINDOWS\desktop.ini
2012-03-11 22:07:35 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-03-11 22:07:34 ----A---- C:\WINDOWS\system32\acctres.dll
2012-03-11 22:07:33 ----D---- C:\Program Files\Common Files\Services
2012-03-11 22:07:31 ----SD---- C:\WINDOWS\Tasks
2012-03-11 22:07:31 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-03-11 22:07:30 ----D---- C:\Program Files\Common Files\MSSoap
2012-03-11 22:07:27 ----D---- C:\WINDOWS\srchasst
2012-03-11 22:07:26 ----D---- C:\WINDOWS\system32\Macromed
2012-03-11 22:07:24 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-03-11 22:07:24 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-03-11 22:07:24 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-03-11 22:07:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\wups.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-03-11 22:07:23 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-03-11 22:07:19 ----D---- C:\Program Files\Movie Maker
2012-03-11 22:07:04 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-03-11 22:07:04 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-03-11 22:07:04 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-03-11 22:07:04 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-03-11 22:07:01 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-03-11 22:07:01 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-03-11 22:07:01 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-03-11 22:07:00 ----D---- C:\WINDOWS\system32\Restore
2012-03-11 22:07:00 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-03-11 22:07:00 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-03-11 22:07:00 ----A---- C:\WINDOWS\system32\srclient.dll
2012-03-11 22:07:00 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\msconf.dll
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-03-11 22:06:59 ----A---- C:\WINDOWS\system32\ils.dll
2012-03-11 22:06:57 ----D---- C:\Program Files\NetMeeting
2012-03-11 22:06:57 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-03-11 22:06:56 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-03-11 22:06:56 ----A---- C:\WINDOWS\system32\inetres.dll
2012-03-11 22:06:55 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-03-11 22:06:54 ----D---- C:\Program Files\Outlook Express
2012-03-11 22:06:54 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-03-11 22:06:54 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-03-11 22:06:54 ----A---- C:\WINDOWS\system32\mstask.dll
2012-03-11 22:06:53 ----A---- C:\WINDOWS\system32\isign32.dll
2012-03-11 22:06:53 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-03-11 22:06:53 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-03-11 22:06:53 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-03-11 22:06:48 ----D---- C:\Program Files\Common Files\System
2012-03-11 22:06:45 ----D---- C:\Program Files\Internet Explorer
2012-03-11 22:06:24 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-03-11 22:06:15 ----D---- C:\Program Files\ComPlus Applications
2012-03-11 22:06:13 ----A---- C:\WINDOWS\vbaddin.ini
2012-03-11 22:06:13 ----A---- C:\WINDOWS\vb.ini
2012-03-11 22:06:09 ----D---- C:\WINDOWS\Registration
2012-03-11 22:06:02 ----D---- C:\Program Files\Windows Media Player
2012-03-11 22:05:56 ----D---- C:\Program Files\Messenger
2012-03-11 22:05:53 ----D---- C:\Program Files\MSN Gaming Zone
2012-03-11 22:05:53 ----A---- C:\WINDOWS\system32\write.exe
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\winchat.exe
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\hticons.dll
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\avwav.dll
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-03-11 22:05:45 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-03-11 22:05:39 ----A---- C:\WINDOWS\system32\charmap.exe
2012-03-11 22:05:39 ----A---- C:\WINDOWS\system32\getuname.dll
2012-03-11 22:05:38 ----A---- C:\WINDOWS\system32\winmine.exe
2012-03-11 22:05:38 ----A---- C:\WINDOWS\system32\sol.exe
2012-03-11 22:05:38 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-03-11 22:05:38 ----A---- C:\WINDOWS\system32\calc.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\tskill.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\tscon.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\shadow.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\reset.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\regini.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\msg.exe
2012-03-11 22:05:37 ----A---- C:\WINDOWS\system32\freecell.exe
2012-03-11 22:05:36 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-03-11 22:05:36 ----A---- C:\WINDOWS\system32\logoff.exe
2012-03-11 22:05:36 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-03-11 22:05:31 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-03-11 22:05:30 ----D---- C:\Program Files\Windows NT
2012-03-11 22:05:30 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-03-11 22:05:30 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-03-11 22:05:30 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-03-11 22:05:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-03-11 22:05:29 ----A---- C:\WINDOWS\system32\spider.exe
2012-03-11 22:05:29 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-03-11 22:05:29 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\tsgqec.dll
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-03-11 22:05:28 ----A---- C:\WINDOWS\system32\aaclient.dll
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-03-11 22:05:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-03-11 22:05:26 ----D---- C:\WINDOWS\system32\MsDtc
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-03-11 22:05:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-03-11 22:05:25 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-03-11 22:05:24 ----D---- C:\WINDOWS\system32\Com
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-03-11 22:05:24 ----A---- C:\WINDOWS\system32\colbact.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\stclient.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-03-11 22:05:23 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-03-11 22:05:22 ----A---- C:\WINDOWS\system32\comuid.dll
2012-03-11 22:05:22 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-03-11 22:05:22 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-03-11 22:05:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-03-11 22:05:17 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-03-11 22:05:17 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-03-11 22:05:17 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-03-11 22:05:14 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2012-03-11 22:05:14 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-03-11 23:00:12 ----A---- C:\WINDOWS\system.ini
2012-03-11 22:09:01 ----A---- C:\WINDOWS\win.ini
2012-03-11 22:08:41 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdide;amdide; C:\WINDOWS\system32\DRIVERS\amdide.sys [2010-06-29 11832]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-01-10 18544]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2012-03-07 95704]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-06-14 6359656]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-02-10 13415040]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-06-13 306664]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbfilter;AMD USB Filter Driver; C:\WINDOWS\system32\DRIVERS\usbfilter.sys [2010-12-15 36096]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S0 cerc6;cerc6; C:\WINDOWS\system32\drivers\cerc6.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 etdrv;etdrv; \??\C:\WINDOWS\etdrv.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast\AvastSvc.exe [2012-03-07 44768]
R2 COM Service;COM Service; C:\Program Files\GIGABYTE\G.O.M\GCSVR.EXE [2005-08-16 16384]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 NMSAccess;NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2009-01-12 71096]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-02-10 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-10 2348352]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2008-04-14 32768]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2011-03-18 2435592]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#4 Příspěvek od **Rudy** » 17 bře 2012 12:23

Ještě poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

citaquita · #5 Příspěvek od **citaquita** » 17 bře 2012 13:38

OK, tady je:

ComboFix 12-03-16.05 - saanjei 17.03.2012 13:30:30.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3325.2844 [GMT 1:00]
Spuštěný z: c:\documents and settings\saanjei\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\saanjei\WINDOWS
c:\windows\COM+.log
c:\windows\msmqinst.log
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
c:\windows\regopt.log
c:\windows\system32\gmail.dll
c:\windows\system32\TZLog.log
.
c:\windows\system32\drivers\i8042prt.sys . . . chybí !!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-17 do 2012-03-17 )))))))))))))))))))))))))))))))
.
.
2012-03-17 09:28 . 2012-03-17 09:28 -------- d-----w- C:\rsit
2012-03-15 21:32 . 2012-03-15 21:32 -------- d-----w- C:\9f31bce4e73bc890dac68da0bd3aa05c
2012-03-12 21:14 . 2012-03-12 21:14 -------- d-----r- C:\MSOCache
2012-03-11 22:46 . 2012-03-11 22:46 -------- d-----w- C:\NVIDIA
2012-03-11 22:26 . 2012-03-17 09:27 -------- d-----w- C:\Install
2012-03-11 22:22 . 2012-03-12 14:53 -------- d-----w- C:\Maasha
2012-03-11 22:00 . 2012-03-17 09:28 -------- d-----r- C:\Program Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-03 09:57 . 2008-04-13 23:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-19 08:53 . 2008-04-13 23:00 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2012-02-16 14:53 . 2012-03-12 21:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E06ZXLRD_1079375"="c:\program files\Microsoft Encarta\Encarta Reference Library 2006 DVD\EDICT.EXE" [2005-06-04 301776]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-05-12 20053608]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"tray2"="c:\windows\system32\CML.exe" [2005-07-15 20480]
"tray3"="c:\windows\system32\RecvMessage.exe" [2007-01-10 196608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-10 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\Avast\avastUI.exe" [2012-03-07 4241512]
"ZoneAlarm Client"="c:\program files\ZoneAlarm\zlclient.exe" [2011-03-18 1043968]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
c:\documents and settings\saanjei\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\RecvMessage.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
.
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [11.3.2012 22:40 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.3.2012 22:23 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.3.2012 22:23 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.3.2012 22:23 20696]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [11.3.2012 23:48 2348352]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [11.3.2012 22:40 36096]
S0 cerc6;cerc6; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 COM Service;COM Service;c:\program files\GIGABYTE\G.O.M\GCSVR.exe [11.3.2012 23:00 16384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.3.2012 22:37 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 etdrv;etdrv;c:\windows\etdrv.sys [11.3.2012 22:47 17488]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\saanjei\Data aplikací\Mozilla\Firefox\Profiles\af2wlqrf.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-17 13:34
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-03-17 13:35:55
ComboFix-quarantined-files.txt 2012-03-17 12:35
.
Před spuštěním: Volných bajtů: 179 343 671 296
Po spuštění: Volných bajtů: 179 741 470 720
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2C0A9F65273FDF91BA3F131DD810666B

#6 Příspěvek od **Rudy** » 17 bře 2012 17:38

Otevřte poznámkový blok a zkopírujte do něj:

Driver::
cerc6

FCopy::
C:\WINDOWS\ServicePackFiles\i386\i8042prt.sys | c:\windows\system32\drivers\i8042prt.sys

Uložte na plochu jako CFScritp.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

citaquita · #7 Příspěvek od **citaquita** » 17 bře 2012 18:15

Provedeno, akorát teď úplně nevím, jestli se tím něco vyřešilo... mělo by? Log nyní vypadá takto:

ComboFix 12-03-16.05 - saanjei 17.03.2012 18:00:34.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3325.2848 [GMT 1:00]
Spuštěný z: c:\documents and settings\saanjei\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\saanjei\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *Disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\drivers\i8042prt.sys . . . chybí !!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_cerc6
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-17 do 2012-03-17 )))))))))))))))))))))))))))))))
.
.
2012-03-17 09:28 . 2012-03-17 09:28 -------- d-----w- C:\rsit
2012-03-15 21:32 . 2012-03-15 21:32 -------- d-----w- C:\9f31bce4e73bc890dac68da0bd3aa05c
2012-03-12 21:14 . 2012-03-12 21:14 -------- d-----r- C:\MSOCache
2012-03-11 22:46 . 2012-03-11 22:46 -------- d-----w- C:\NVIDIA
2012-03-11 22:26 . 2012-03-17 09:27 -------- d-----w- C:\Install
2012-03-11 22:22 . 2012-03-12 14:53 -------- d-----w- C:\Maasha
2012-03-11 22:00 . 2012-03-17 09:28 -------- d-----r- C:\Program Files
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-03 09:57 . 2008-04-13 23:00 1860096 ----a-w- c:\windows\system32\win32k.sys
2011-12-19 08:53 . 2008-04-13 23:00 1510912 ----a-w- c:\windows\system32\shdocvw.dll
2012-02-16 14:53 . 2012-03-12 21:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-17_12.34.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-17 17:06 . 2012-03-17 17:06 40960 c:\windows\Temp\rtdrvmon.exe
+ 2012-03-17 16:57 . 2012-03-17 16:57 16384 c:\windows\Temp\Perflib_Perfdata_994.dat
+ 2012-03-17 17:06 . 2012-03-17 17:06 16384 c:\windows\Temp\Perflib_Perfdata_8a0.dat
+ 2012-03-17 17:06 . 2012-03-17 17:07 11819 c:\windows\system32\jerror.dat
+ 2012-03-17 17:06 . 2012-03-17 17:07 27452 c:\windows\system32\jcsball.dat
+ 2012-03-17 08:19 . 2012-03-17 17:06 17488 c:\windows\gdrv.sys
- 2012-03-17 08:19 . 2012-03-17 12:27 17488 c:\windows\gdrv.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-07 00:15 123536 ----a-w- c:\program files\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E06ZXLRD_1079375"="c:\program files\Microsoft Encarta\Encarta Reference Library 2006 DVD\EDICT.EXE" [2005-06-04 301776]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2011-05-12 20053608]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"tray2"="c:\windows\system32\CML.exe" [2005-07-15 20480]
"tray3"="c:\windows\system32\RecvMessage.exe" [2007-01-10 196608]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-10 15494464]
"NvMediaCenter"="NvMCTray.dll" [2012-02-10 108352]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-02-10 1634112]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"avast"="c:\program files\Avast\avastUI.exe" [2012-03-07 4241512]
"ZoneAlarm Client"="c:\program files\ZoneAlarm\zlclient.exe" [2011-03-18 1043968]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-13 15360]
.
c:\documents and settings\saanjei\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\RecvMessage.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"c:\\WINDOWS\\system32\\ZoneLabs\\vsmon.exe"=
.
R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [11.3.2012 22:40 18544]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [13.3.2012 22:23 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [13.3.2012 22:23 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [13.3.2012 22:23 20696]
R2 COM Service;COM Service;c:\program files\GIGABYTE\G.O.M\GCSVR.exe [11.3.2012 23:00 16384]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [11.3.2012 23:48 2348352]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [11.3.2012 22:40 36096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [11.3.2012 22:37 1691480]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 etdrv;etdrv;c:\windows\etdrv.sys [11.3.2012 22:47 17488]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\saanjei\Data aplikací\Mozilla\Firefox\Profiles\af2wlqrf.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-03-17 18:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
.
c:\windows\system32\jcsb.new 13155 bytes
c:\windows\system32\jcsball.dat 27531 bytes
c:\windows\system32\jerror.dat
.
sken byl úspešně dokončen
skryté soubory: 3
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1012)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Avast\AvastSvc.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\snmp.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
c:\windows\System32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-03-17 18:08:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-17 17:08
ComboFix2.txt 2012-03-17 12:35
.
Před spuštěním: Volných bajtů: 179 724 972 032
Po spuštění: Volných bajtů: 179 646 095 360
.
- - End Of File - - 8385F0066D534481978B2B56499C49E3

#8 Příspěvek od **Rudy** » 17 bře 2012 19:01

Přes hledání zjistěte, zda se v PC nachází záloha souboru i8042prt.sys a kde. Dejte cestu k souboru.

citaquita · #9 Příspěvek od **citaquita** » 17 bře 2012 19:11

OK, našla jsem, stačí udělat toto? :

FCopy::
C:\WINDOWS\Driver Cache\i386\sp3.cab\i8042prt.sys | c:\windows\system32\drivers\i8042prt.sys

nebo tam mám ještě něco dělat s tím ovladačem?

#10 Příspěvek od **Rudy** » 17 bře 2012 20:58

Ano, takto by měl skript fungovat.

#11 Příspěvek od **cernohous13** » 18 bře 2012 05:52

Dovolím si kolegu doplnit

Kdyby ho nedokázal CF z archivu extrahovat, zkus to přes RAR do složek
C:\WINDOWS\system32\dllcache
C:\WINDOWS\system32\drivers

citaquita · #12 Příspěvek od **citaquita** » 18 bře 2012 17:00

nedokázal no :/. a jak že se to dělá přes ten rar

?

#13 Příspěvek od **cernohous13** » 18 bře 2012 17:30

i8042prt.rar: (50.88 KiB) Staženo 90 x

Uděláme to jinak - stáhni někam soubor z přílohy -> přepiš příponu .rar na .sys
a nakopíruj do složek
C:\WINDOWS\system32\dllcache
C:\WINDOWS\system32\drivers

citaquita · #14 Příspěvek od **citaquita** » 18 bře 2012 19:13

a to mám prosím potom zkopírovat přes ten ComboFix anebo stačí copy&paste?

#15 Příspěvek od **Rudy** » 18 bře 2012 19:22

citaquita píše:a to mám prosím potom zkopírovat přes ten ComboFix anebo stačí copy&paste?

Zkopírujete do pozn. bloku, uložíte jako CFScript.txt na plochu a přetáhnete nad ikonu ComboFix.

VIRY.CZ

BSOD

BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD

Re: BSOD