Ahoj, jak již z názvů vyplívá, mám problém s tímto určitým virem. Mám pocit, že mi způsobuje zamrzávání pc ale nejsem si úplně jistý. Každopádně Vám řeknu přihodu, která se mi teď stala... Brouzdal jsem na netu a najednou mi Firefox přestal odpovídat, tak jsem ho chtěl ukončit ale v té samé chvíli zamrzl také celý pc. Nešlo nic udělat, tak jsem ho vypnul na tvrdo a zase zapl. Po prvním zapnutí, se mi pc v půlce zapínání seknul a nic nedělal, tak jsme ho opět vypnul a zapl na tvrdo. Teď se již zapl a naskočila mi tabulka od Avira že našel virus TR/Graftor.910514 konkrétně ve složce D:\Windows\system32\msipfh32.dll nechci jej odstraňovat, neboť je to ve složce windowsu, mám strach že bych něco pokazil. Proto Vás prosím o pomoc. Děkuji
RSIT: 1/2
Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-06-29 14:01:49
Systém Microsoft Windows XP Professional Service Pack 3
System drive D: has 59 GB (24%) free of 243 GB
Total RAM: 2815 MB (70% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:02:05, on 29.6.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir Desktop\sched.exe
D:\Program Files\Avira\AntiVir Desktop\avguard.exe
D:\WINDOWS\arservice.exe
D:\WINDOWS\eHome\ehRecvr.exe
D:\WINDOWS\eHome\ehSched.exe
D:\Program Files\FileZilla Server\FileZilla Server.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\CyberLink\Shared files\RichVideo.exe
D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
D:\WINDOWS\system32\dllhost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\ARPWRMSG.EXE
D:\WINDOWS\ehome\ehtray.exe
D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
D:\Program Files\AVG Secure Search\vprot.exe
D:\WINDOWS\eHome\ehmsas.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\BitTorrent\BitTorrent.exe
D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Windows Sidebar\sidebar.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\WINDOWS\system32\mspaint.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
D:\Documents and Settings\Admin\Dokumenty\Downloads\RSIT.exe
D:\Program Files\trend micro\Admin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={29B71858-D ... 2012-06-27 09:28:35&v=11.1.0.12&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - D:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [ehTray] D:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [vProt] "D:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] D:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKCU\..\Run: [Sidebar] D:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\Program Files\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [MSIDLL] rundll32.exe msipfh32.dll,aaIoezw
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: GIGABYTE Gamer HUD Lite.lnk = D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
O8 - Extra context menu item: Free YouTube to MP3 Converter - D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - D:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\system32\browseui.dll
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - D:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - D:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NMSAccess - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - D:\WINDOWS\system32\sfrem01.exe
O23 - Service: Steam Client Service - Valve Corporation - D:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater11.2.0 - Unknown owner - D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
--
End of file - 9080 bytes
=========Mozilla firefox=========
ProfilePath - D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default
prefs.js - "browser.startup.homepage" - "seznam.cz"
prefs.js - "keyword.URL" - "http://isearch.avg.com/search?cid=%7Bb9 ... &sap=ku&q="
"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"avg@toolbar"=D:\Documents and Settings\All Users\Data aplikací\AVG Secure Search\11.1.0.12\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=D:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=D:\WINDOWS\system32\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
D:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
D:\Program Files\Mozilla Firefox\plugins\
npdnu.dll
npdnu.xpt
npdnupdater2.dll
npdnupdater2.xpt
nppdf32.dll
D:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
avg-secure-search.xml
bing.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\extensions\
{33e0daa6-3af3-d8b5-6752-10e949c61516}
{8567a644-e36c-470c-86cf-9c5b4f37db81}
{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
D:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\searchplugins\
conduit.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}]
Complitly - D:\Documents and Settings\Admin\Data aplikací\Complitly\Complitly.dll [2012-05-21 142040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - D:\Program Files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll [2012-06-27 2074208]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=D:\WINDOWS\RTHDCPL.EXE [2008-04-10 16861184]
"Alcmtr"=D:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AlwaysReady Power Message APP"=D:\WINDOWS\ARPWRMSG.EXE [2008-12-27 77312]
"ehTray"=D:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"avgnt"=D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-05-09 348624]
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2010-01-31 13666920]
"Malwarebytes' Anti-Malware"=D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]
"vProt"=D:\Program Files\AVG Secure Search\vprot.exe [2012-06-27 1107552]
"PWRISOVM.EXE"=D:\Program Files\PowerISO\PWRISOVM.EXE [2012-05-31 336992]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=D:\Program Files\Windows Sidebar\sidebar.exe [2008-04-11 1276416]
"Steam"=D:\Program Files\Steam\steam.exe [2012-05-06 1242448]
"DAEMON Tools Lite"=D:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-12-19 40960]
"BitTorrent"=D:\Program Files\BitTorrent\BitTorrent.exe [2012-05-30 6380400]
"MSIDLL"=msipfh32.dll,aaIoezw []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
D:\Program Files\Clownfish\Clownfish.exe [2012-05-08 1091320]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
D:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2012-02-26 1044992]
D:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
GIGABYTE Gamer HUD Lite.lnk - D:\Program Files\GIGABYTE\Gamer HUD Lite\HUD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2008-12-14 133632]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009\Windows XP Ultimate 2009.msstyles
"InstallTheme"=D:\WINDOWS\Resources\Themes\Windows XP Ultimate 2009.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe"="D:\Program Files\Steam\steamapps\common\world of battles\release\launcher.exe:*:Enabled:World of Battles"
"D:\Program Files\BitTorrent\BitTorrent.exe"="D:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="D:\Documents and Settings\Admin\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe"="D:\Program Files\Steam\steamapps\common\SuperMNC\Binaries\Win32\SuperMNCGameClient.exe:*:Enabled:Super Monday Night Combat"
"D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe"="D:\Program Files\Steam\steamapps\common\arma 2 free\ArmA2Free.exe:*:Enabled:ARMA 2: Free"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe"="D:\Program Files\Sierra\Empire Earth - The Art of Conquest\EE-AOC.exe:*:Enabled:EE-AOC"
"D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe"="D:\Documents and Settings\Admin\Data aplikací\GameRanger\GameRanger\GameRanger.exe:*:Enabled:GameRanger"
"D:\WINDOWS\system32\dplaysvr.exe"="D:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe"="D:\Program Files\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"D:\Program Files\Sierra\Empire Earth\Empire Earth.exe"="D:\Program Files\Sierra\Empire Earth\Empire Earth.exe:*:Enabled:Empire Earth"
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe"="D:\Program Files\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe"="D:\Program Files\Steam\steamapps\common\Aliens vs Predator\AvP.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Game-save.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\TmUnitedForever\TmForever.exe"="D:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX00.156\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX02.531\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe"="D:\DOCUME~1\Admin\LOCALS~1\Temp\Rar$EX04.094\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe"="D:\Documents and Settings\Admin\Plocha\TrackMania_United_keygen_by_DETONATiON.exe:*:Enabled:TrackMania_United_keygen_by_DETONATiON"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player 2.0.1"
"D:\Program Files\ArmA 2\arma2OA.exe"="D:\Program Files\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead"
"D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe"="D:\Program Files\ArmA 2\Expansion\beta\arma2oa.exe:*:Enabled:ArmA 2 OA"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"VIDC.HFYU"=huffyuv.dll
"VIDC.FPS1"=frapsvid.dll
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Trojský kůň (Graftor.910514) Prosím o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
RSIT: 2/2
======List of files/folders created in the last 3 months======
2012-06-29 14:01:49 ----D---- D:\rsit
2012-06-29 13:51:35 ----A---- D:\WINDOWS\system32\OLD4.tmp
2012-06-29 13:51:29 ----D---- D:\WINDOWS\LastGood
2012-06-28 13:18:20 ----D---- D:\Program Files\ArmA 2
2012-06-28 07:03:19 ----RHD---- D:\Documents and Settings\Admin\Data aplikací\SecuROM
2012-06-27 09:29:34 ----D---- D:\Documents and Settings\Admin\Data aplikací\PowerISO
2012-06-27 09:28:35 ----D---- D:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2012-06-27 09:28:35 ----D---- D:\Documents and Settings\Admin\Data aplikací\AVG Secure Search
2012-06-27 09:28:31 ----D---- D:\Program Files\Common Files\AVG Secure Search
2012-06-27 09:28:30 ----D---- D:\Program Files\AVG Secure Search
2012-06-27 09:27:23 ----HD---- D:\Documents and Settings\All Users\Data aplikací\Common Files
2012-06-27 09:27:20 ----D---- D:\Program Files\PowerISO
2012-06-27 09:22:30 ----D---- D:\Documents and Settings\Admin\Data aplikací\Spirited Machine
2012-06-27 09:22:09 ----D---- D:\Program Files\Spirited Machine
2012-06-27 08:51:31 ----SHD---- D:\Config.Msi
2012-06-27 08:14:34 ----HD---- D:\WINDOWS\msdownld.tmp
2012-06-26 15:01:00 ----D---- D:\Program Files\AV Music Morpher Gold
2012-06-26 15:01:00 ----D---- D:\Documents and Settings\All Users\Data aplikací\Avnex
2012-06-26 14:36:27 ----D---- D:\Program Files\Dart Karaoke Studio CDG
2012-06-26 14:36:27 ----A---- D:\WINDOWS\system32\MFC71U.DLL
2012-06-26 14:32:25 ----A---- D:\WINDOWS\iun6002.exe
2012-06-26 14:32:23 ----D---- D:\Program Files\Karaoke Anything!
2012-06-25 23:27:56 ----D---- D:\Program Files\Conduit
2012-06-25 23:27:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\uTorrent Turbo Booster
2012-06-25 23:27:41 ----D---- D:\Program Files\Complitly
2012-06-25 23:27:41 ----D---- D:\Documents and Settings\Admin\Data aplikací\Complitly
2012-06-25 21:36:52 ----D---- D:\Documents and Settings\Admin\Data aplikací\six-updater
2012-06-25 21:36:51 ----D---- D:\Documents and Settings\Admin\Data aplikací\six-zsync
2012-06-25 21:35:56 ----D---- D:\Program Files\SIX Projects
2012-06-24 22:00:32 ----D---- D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers
2012-06-24 22:00:23 ----A---- D:\WINDOWS\system32\Newtonsoft.Json.Net20.dll
2012-06-24 22:00:18 ----D---- D:\Program Files\DVDVideoSoft
2012-06-24 22:00:18 ----D---- D:\Program Files\Common Files\DVDVideoSoft
2012-06-24 21:59:52 ----D---- D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoft
2012-06-24 21:55:00 ----D---- D:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
2012-06-24 21:54:56 ----D---- D:\Program Files\YTD YouTube Downloader & Converter
2012-06-23 18:49:54 ----A---- D:\WINDOWS\system32\msipfh32.dll
2012-06-23 18:44:37 ----HD---- D:\WINDOWS\PIF
2012-06-23 17:15:44 ----N---- D:\WINDOWS\system32\SET331.tmp
2012-06-23 17:15:44 ----N---- D:\WINDOWS\system32\SET330.tmp
2012-06-23 17:15:43 ----N---- D:\WINDOWS\system32\SET32F.tmp
2012-06-23 17:15:43 ----D---- D:\b64b0dd5c246d309d23e0db23c129e
2012-06-23 17:15:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\Blizzard
2012-06-23 17:03:12 ----D---- D:\Program Files\Common Files\Blizzard Entertainment
2012-06-23 16:38:07 ----D---- D:\Documents and Settings\All Users\Data aplikací\TrackMania
2012-06-23 16:29:19 ----D---- D:\Program Files\TmUnitedForever
2012-06-21 19:49:07 ----A---- D:\WINDOWS\system32\drivers\PnkBstrK.sys
2012-06-21 19:49:02 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
2012-06-21 19:48:54 ----A---- D:\WINDOWS\system32\PnkBstrA.exe
2012-06-20 00:06:26 ----D---- D:\Documents and Settings\Admin\Data aplikací\Nero
2012-06-18 23:15:39 ----D---- D:\Documents and Settings\Admin\Data aplikací\InfraRecorder
2012-06-18 23:15:37 ----D---- D:\Program Files\InfraRecorder
2012-06-18 23:08:57 ----D---- D:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2012-06-18 23:08:57 ----D---- D:\Documents and Settings\Admin\Data aplikací\Canneverbe Limited
2012-06-18 23:08:42 ----A---- D:\WINDOWS\system32\drivers\StarOpen.sys
2012-06-18 23:08:41 ----D---- D:\Program Files\CDBurnerXP
2012-06-17 21:24:12 ----D---- D:\Documents and Settings\Admin\Data aplikací\.minecraft
2012-06-17 21:19:54 ----D---- D:\Documents and Settings\Admin\Data aplikací\minecraft
2012-06-16 11:47:21 ----D---- D:\Documents and Settings\Admin\Data aplikací\vlc
2012-06-16 11:45:08 ----D---- D:\Program Files\VideoLAN
2012-06-16 06:13:01 ----D---- D:\Program Files\The KMPlayer
2012-06-15 13:44:33 ----D---- D:\Avenger
2012-06-13 14:50:04 ----D---- D:\Program Files\Call of Duty 4 - Modern Warfare
2012-06-12 18:22:08 ----A---- D:\WINDOWS\system32\PerfStringBackup.TMP
2012-06-12 08:40:35 ----A---- D:\WINDOWS\resetlog.txt
2012-06-11 14:28:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\Malwarebytes
2012-06-11 14:28:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-06-11 14:28:10 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2012-06-11 14:28:10 ----A---- D:\WINDOWS\system32\drivers\mbam.sys
2012-06-11 14:17:13 ----SHD---- D:\WINDOWS\CSC
2012-06-10 19:27:02 ----A---- D:\WINDOWS\ntbtlog.txt
2012-06-10 15:33:15 ----D---- D:\Program Files\trend micro
2012-06-10 12:41:34 ----D---- D:\WINDOWS\ERDNT
2012-06-09 11:56:06 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ask
2012-06-09 11:56:00 ----D---- D:\Program Files\Common Files\Java
2012-06-09 11:55:39 ----D---- D:\Program Files\Oracle
2012-06-09 11:55:30 ----D---- D:\Documents and Settings\Admin\Data aplikací\Oracle
2012-06-09 11:55:24 ----A---- D:\WINDOWS\system32\javaws.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\javaw.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\java.exe
2012-06-08 23:05:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Solidshield
2012-06-08 22:53:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\EA Core
2012-06-08 22:30:22 ----D---- D:\Program Files\CCleaner
2012-06-08 22:28:49 ----D---- D:\Program Files\Electronic Arts
2012-06-08 21:43:04 ----D---- D:\WINDOWS\pss
2012-06-08 21:19:44 ----D---- D:\WINDOWS\system32\appmgmt
2012-06-06 16:23:45 ----D---- D:\Program Files\GotCLIP Downloader
2012-06-03 19:02:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\CyberLink
2012-06-03 19:01:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
2012-06-03 19:01:19 ----D---- D:\Program Files\SmartSound Software
2012-06-03 18:56:57 ----D---- D:\Program Files\CyberLink
2012-06-03 18:23:02 ----A---- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
2012-06-03 18:22:45 ----D---- D:\Documents and Settings\All Users\Data aplikací\CyberLink
2012-06-03 15:05:09 ----D---- D:\Documents and Settings\Admin\Data aplikací\Sony
2012-06-03 10:02:15 ----AD---- D:\Documents and Settings\All Users\Data aplikací\TEMP
2012-06-02 14:24:28 ----D---- D:\Documents and Settings\Admin\Data aplikací\Audacity
2012-06-02 14:24:13 ----D---- D:\Program Files\Audacity
2012-06-02 03:02:13 ----D---- D:\Fraps
2012-06-01 18:11:09 ----D---- D:\Program Files\Origin Games
2012-06-01 18:11:06 ----D---- D:\Documents and Settings\Admin\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-06-01 18:10:37 ----D---- D:\Program Files\Origin
2012-05-31 17:48:10 ----A---- D:\WINDOWS\NeroDigital.ini
2012-05-31 17:34:24 ----D---- D:\Documents and Settings\Admin\Data aplikací\Toribash
2012-05-31 17:32:10 ----D---- D:\Program Files\Taksi
2012-05-31 17:12:42 ----A---- D:\WINDOWS\system32\D3DX81ab.dll
2012-05-31 17:12:25 ----D---- D:\Program Files\Quobi
2012-05-31 15:42:25 ----D---- D:\WINDOWS\system32\LogFiles
2012-05-31 08:40:50 ----A---- D:\WINDOWS\system32\drivers\scdemu.sys
2012-05-30 21:19:08 ----D---- D:\Program Files\Call of Duty Moders Warfare 3
2012-05-30 19:39:50 ----D---- D:\GAMES
2012-05-29 07:14:47 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-05-29 07:14:11 ----D---- D:\Documents and Settings\Admin\Data aplikací\Leadertech
2012-05-27 20:50:27 ----A---- D:\WINDOWS\system32\LMRTREND.dll
2012-05-27 20:50:26 ----A---- D:\WINDOWS\system32\dxtmsft3.dll
2012-05-27 20:50:23 ----A---- D:\WINDOWS\system32\unam4ie.exe
2012-05-27 20:50:21 ----A---- D:\WINDOWS\system32\vidx16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf32.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\qcut.dll
2012-05-27 20:45:01 ----A---- D:\WINDOWS\IsUninst.exe
2012-05-27 20:27:42 ----D---- D:\Program Files\GIGABYTE
2012-05-27 18:14:41 ----A---- D:\WINDOWS\eReg.dat
2012-05-27 18:11:38 ----D---- D:\Program Files\EA SPORTS
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\IR41_32.DLL
2012-05-27 16:44:03 ----D---- D:\UbiSoft
2012-05-27 16:43:42 ----D---- D:\WINDOWS\UbiSoft
2012-05-27 15:53:01 ----D---- D:\WINDOWS\Minidump
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
2012-05-26 11:23:57 ----D---- D:\Program Files\Alternative Software Ltd
2012-05-25 22:19:44 ----A---- D:\WINDOWS\SIERRA.INI
2012-05-25 22:19:18 ----D---- D:\Program Files\Sierra
2012-05-25 20:19:46 ----D---- D:\Documents and Settings\Admin\Data aplikací\TS3Client
2012-05-25 16:06:21 ----D---- D:\Program Files\Stronghold Crusader
2012-05-25 14:53:04 ----D---- D:\Documents and Settings\Admin\Data aplikací\GameRanger
2012-05-24 23:03:08 ----D---- D:\Program Files\Microsoft.NET
2012-05-23 06:16:52 ----A---- D:\WINDOWS\system32\CmdLineExt03.dll
2012-05-23 06:10:48 ----D---- D:\Program Files\Starbreeze Studios
2012-05-19 18:10:18 ----A---- D:\WINDOWS\wordpad.INI
2012-05-15 14:43:00 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2012-05-13 21:14:16 ----A---- D:\WINDOWS\system32\drivers\usbprint.sys
2012-05-13 00:45:53 ----D---- D:\Program Files\Lua
2012-05-13 00:45:02 ----D---- D:\Program Files\Notepad++
2012-05-13 00:45:02 ----D---- D:\Documents and Settings\Admin\Data aplikací\Notepad++
2012-05-11 20:11:17 ----D---- D:\Documents and Settings\Admin\Data aplikací\Google
2012-05-10 18:29:10 ----D---- D:\Program Files\Matik-Demo
2012-05-09 17:29:43 ----A---- D:\WINDOWS\system32\XAudio2_7.dll
2012-05-09 17:29:43 ----A---- D:\WINDOWS\system32\XAPOFX1_5.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\xactengine3_7.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dx11_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dx10_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dcsx_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\D3DCompiler_43.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\XAudio2_6.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\XAPOFX1_4.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\xactengine3_6.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\D3DX9_43.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\XAudio2_5.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\xactengine3_5.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\X3DAudio1_7.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\d3dx11_42.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\d3dcsx_42.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\D3DCompiler_42.dll
2012-05-09 17:29:38 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2012-05-09 17:29:38 ----A---- D:\WINDOWS\system32\d3dx10_42.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\d3dx10_40.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\D3DCompiler_40.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\XAudio2_3.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\XAPOFX1_2.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\xactengine3_3.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\X3DAudio1_5.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\D3DX9_40.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\XAudio2_2.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\XAPOFX1_1.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\xactengine3_2.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\d3dx10_39.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\D3DCompiler_39.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\XAudio2_1.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\XAPOFX1_0.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\xactengine3_1.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\D3DX9_39.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\X3DAudio1_4.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\d3dx10_38.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\D3DCompiler_38.dll
2012-05-09 17:29:31 ----A---- D:\WINDOWS\system32\D3DX9_38.dll
2012-05-09 17:27:40 ----D---- D:\WINDOWS\Logs
2012-05-09 03:49:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-05-09 03:48:23 ----HDC---- D:\WINDOWS\$NtUninstallKB959426$
2012-05-09 03:46:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2467659$
2012-05-09 03:46:39 ----D---- D:\WINDOWS\ie8updates
2012-05-09 03:44:15 ----HDC---- D:\WINDOWS\ie8
2012-05-09 03:40:30 ----D---- D:\Program Files\Adobe Media Player
2012-05-09 03:39:33 ----A---- D:\WINDOWS\system32\MRT.exe
2012-05-09 03:28:16 ----D---- D:\66f20e54c31fdba8c7e5b029da615a
2012-05-09 03:28:12 ----HDC---- D:\WINDOWS\$NtUninstallKB2641653$
2012-05-09 03:28:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2387149$
2012-05-09 03:28:01 ----HDC---- D:\WINDOWS\$NtUninstallKB960859$
2012-05-09 03:27:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2564958$
2012-05-09 03:27:53 ----HDC---- D:\WINDOWS\$NtUninstallKB2478971$
2012-05-09 03:27:48 ----HDC---- D:\WINDOWS\$NtUninstallKB2544893-v2$
2012-05-09 03:27:43 ----HDC---- D:\WINDOWS\$NtUninstallKB2536276-v2$
2012-05-09 03:27:34 ----HDC---- D:\WINDOWS\$NtUninstallKB2646524$
2012-05-09 03:27:29 ----HDC---- D:\WINDOWS\$NtUninstallKB2585542$
2012-05-09 03:27:23 ----HDC---- D:\WINDOWS\$NtUninstallKB2631813$
2012-05-09 03:27:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2296011$
2012-05-09 03:27:14 ----HDC---- D:\WINDOWS\$NtUninstallKB2115168$
2012-05-09 03:27:08 ----HDC---- D:\WINDOWS\$NtUninstallKB975558_WM8$
2012-05-09 03:27:04 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2012-05-09 03:26:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-05-09 03:26:17 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2012-05-09 03:26:00 ----HDC---- D:\WINDOWS\$NtUninstallKB969059$
2012-05-09 03:25:48 ----HDC---- D:\WINDOWS\$NtUninstallKB2443105$
2012-05-09 03:25:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2012-05-09 03:25:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2481109$
2012-05-09 03:25:04 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2012-05-09 03:24:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2485663$
2012-05-09 03:24:39 ----HDC---- D:\WINDOWS\$NtUninstallKB2598479$
2012-05-09 03:24:29 ----HDC---- D:\WINDOWS\$NtUninstallKB2440591$
2012-05-09 03:24:12 ----HDC---- D:\WINDOWS\$NtUninstallKB982132$
2012-05-09 03:24:06 ----HDC---- D:\WINDOWS\$NtUninstallKB971657$
2012-05-09 03:23:41 ----D---- D:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2012-05-09 03:19:26 ----HDC---- D:\WINDOWS\$NtUninstallKB978338$
2012-05-09 03:19:15 ----HDC---- D:\WINDOWS\$NtUninstallKB954155_WM9$
2012-05-09 03:18:59 ----HDC---- D:\WINDOWS\$NtUninstallKB2507938$
2012-05-09 03:18:41 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2012-05-09 03:14:30 ----HDC---- D:\WINDOWS\$NtUninstallKB2510581$
2012-05-09 03:14:24 ----HDC---- D:\WINDOWS\$NtUninstallKB956744$
2012-05-09 03:14:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2476490$
2012-05-09 03:14:13 ----HDC---- D:\WINDOWS\$NtUninstallKB974112$
2012-05-09 03:14:02 ----HDC---- D:\WINDOWS\$NtUninstallKB956572$
2012-05-09 03:13:53 ----HDC---- D:\WINDOWS\$NtUninstallKB2347290$
2012-05-09 03:13:46 ----HDC---- D:\WINDOWS\$NtUninstallKB956844$
2012-05-09 03:13:36 ----HDC---- D:\WINDOWS\$NtUninstallKB2641690$
2012-05-09 03:13:17 ----HDC---- D:\WINDOWS\$NtUninstallKB2483185$
2012-05-09 03:13:05 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2012-05-09 03:12:52 ----HDC---- D:\WINDOWS\$NtUninstallKB2079403$
2012-05-09 03:12:41 ----HDC---- D:\WINDOWS\$NtUninstallKB2624667$
2012-05-09 03:11:24 ----HDC---- D:\WINDOWS\$NtUninstallKB979687$
2012-05-09 03:11:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973869$
2012-05-09 03:11:10 ----HDC---- D:\WINDOWS\$NtUninstallKB975025$
2012-05-09 03:11:03 ----HDC---- D:\WINDOWS\$NtUninstallKB952004$
2012-05-09 03:07:45 ----HDC---- D:\WINDOWS\$NtUninstallKB974571$
2012-05-09 03:07:39 ----HDC---- D:\WINDOWS\$NtUninstallKB2592799$
2012-05-09 03:07:28 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2012-05-09 03:07:12 ----HDC---- D:\WINDOWS\$NtUninstallKB973507$
2012-05-09 03:07:09 ----D---- D:\Program Files\Common Files\Adobe AIR
2012-05-09 03:06:57 ----HDC---- D:\WINDOWS\$NtUninstallKB2535512$
2012-05-09 03:06:50 ----HDC---- D:\WINDOWS\$NtUninstallKB977816$
2012-05-09 03:06:42 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2012-05-09 03:06:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2412687$
2012-05-09 03:06:26 ----HDC---- D:\WINDOWS\$NtUninstallKB2570947$
2012-05-09 03:06:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2621440$
2012-05-09 03:06:10 ----HDC---- D:\WINDOWS\$NtUninstallKB981322$
2012-05-09 03:06:01 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2012-05-09 03:05:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2507618$
2012-05-09 03:05:45 ----HDC---- D:\WINDOWS\$NtUninstallKB2603381$
2012-05-09 03:05:37 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2012-05-09 03:05:28 ----HDC---- D:\WINDOWS\$NtUninstallKB973540_WM9$
2012-05-09 03:05:20 ----HDC---- D:\WINDOWS\$NtUninstallKB2419632$
2012-05-09 03:05:12 ----HDC---- D:\WINDOWS\$NtUninstallKB929399$
2012-05-09 03:05:00 ----HDC---- D:\WINDOWS\$NtUninstallKB939683$
2012-05-09 03:04:47 ----HDC---- D:\WINDOWS\$NtUninstallKB2508429$
2012-05-09 03:04:38 ----HDC---- D:\WINDOWS\$NtUninstallKB2653956$
2012-05-09 03:04:29 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2012-05-09 03:03:57 ----HDC---- D:\WINDOWS\$NtUninstallKB971029$
2012-05-09 03:03:30 ----HDC---- D:\WINDOWS\$NtUninstallKB2506212$
2012-05-09 03:03:25 ----HDC---- D:\WINDOWS\$NtUninstallKB952069_WM9$
2012-05-09 03:03:20 ----HDC---- D:\WINDOWS\$NtUninstallKB2633952$
2012-05-09 03:03:14 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2012-05-09 03:03:01 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2012-05-09 03:02:51 ----HDC---- D:\WINDOWS\$NtUninstallKB979309$
2012-05-09 03:02:18 ----D---- D:\WINDOWS\ie7updates
2012-05-09 03:02:05 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2012-05-09 03:02:00 ----HDC---- D:\WINDOWS\$NtUninstallKB981997$
2012-05-09 03:01:54 ----HDC---- D:\WINDOWS\$NtUninstallKB960803$
2012-05-09 03:01:49 ----HDC---- D:\WINDOWS\$NtUninstallKB973815$
2012-05-09 03:01:44 ----HDC---- D:\WINDOWS\$NtUninstallKB2618451$
2012-05-09 03:01:40 ----HDC---- D:\WINDOWS\$NtUninstallKB956802$
2012-05-09 03:01:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2509553$
2012-05-09 03:01:30 ----HDC---- D:\WINDOWS\$NtUninstallKB982665$
2012-05-09 03:01:26 ----HDC---- D:\WINDOWS\$NtUninstallKB2478960$
2012-05-09 03:01:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2393802$
2012-05-09 03:01:12 ----HDC---- D:\WINDOWS\$NtUninstallKB923561$
2012-05-09 03:01:08 ----HDC---- D:\WINDOWS\$NtUninstallKB2620712$
2012-05-09 03:01:04 ----HDC---- D:\WINDOWS\$NtUninstallKB2566454$
2012-05-09 03:01:00 ----HDC---- D:\WINDOWS\$NtUninstallKB2661637$
2012-05-09 03:00:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2584146$
2012-05-09 03:00:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2633171$
2012-05-09 03:00:44 ----HDC---- D:\WINDOWS\$NtUninstallKB975467$
2012-05-09 03:00:39 ----HDC---- D:\WINDOWS\$NtUninstallKB968389$
2012-05-09 03:00:34 ----HDC---- D:\WINDOWS\$NtUninstallKB2423089$
2012-05-09 03:00:25 ----HDC---- D:\WINDOWS\$NtUninstallKB2360937$
2012-05-08 16:19:49 ----D---- D:\Documents and Settings\Admin\Data aplikací\FileZilla
2012-05-08 16:17:22 ----D---- D:\Program Files\FileZilla FTP Client
2012-05-08 16:06:55 ----D---- D:\Program Files\FileZilla Server
2012-05-08 14:57:54 ----D---- D:\Program Files\Clownfish
2012-05-08 08:09:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\MTA San Andreas All
2012-05-08 08:08:31 ----D---- D:\Program Files\MTA San Andreas 1.3
2012-05-08 07:42:59 ----D---- D:\Program Files\Rockstar Games
2012-05-08 03:14:21 ----N---- D:\WINDOWS\system32\browserchoice.exe
2012-05-08 03:01:55 ----N---- D:\WINDOWS\system32\iacenc.dll
2012-05-08 03:00:25 ----D---- D:\WINDOWS\system32\PreInstall
2012-05-08 03:00:23 ----HDC---- D:\WINDOWS\$NtUninstallKB898461$
2012-05-07 17:26:44 ----D---- D:\WINDOWS\SxsCaPendDel
2012-05-07 17:26:11 ----A---- D:\WINDOWS\system32\XAudio2_0.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\xactengine3_0.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\X3DAudio1_3.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\d3dx10_37.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\D3DCompiler_37.dll
2012-05-07 17:26:09 ----A---- D:\WINDOWS\system32\xactengine2_10.dll
2012-05-07 17:26:09 ----A---- D:\WINDOWS\system32\D3DX9_37.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\d3dx9_36.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\d3dx10_36.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\D3DCompiler_36.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\xactengine2_9.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\d3dx9_35.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\d3dx10_35.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\D3DCompiler_35.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\xactengine2_8.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\X3DAudio1_2.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\d3dx10_34.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\D3DCompiler_34.dll
2012-05-07 17:26:05 ----A---- D:\WINDOWS\system32\xinput1_3.dll
2012-05-07 17:26:05 ----A---- D:\WINDOWS\system32\d3dx9_34.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\xactengine2_7.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\d3dx10_33.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\D3DCompiler_33.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\xactengine2_6.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\xactengine2_5.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\d3dx9_33.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\xactengine2_4.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\x3daudio1_1.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\d3dx9_32.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\d3dx9_31.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xinput1_2.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xinput1_1.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xactengine2_3.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xactengine2_2.dll
2012-05-07 17:25:59 ----A---- D:\WINDOWS\system32\xactengine2_1.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\xactengine2_0.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\x3daudio1_0.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\d3dx9_30.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\d3dx9_29.dll
2012-05-07 17:25:52 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_27.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_26.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_25.dll
2012-05-07 17:25:44 ----A---- D:\WINDOWS\system32\d3dx9_24.dll
2012-05-07 17:18:00 ----D---- D:\WINDOWS\Sun
2012-05-07 15:50:57 ----D---- D:\WINDOWS\system32\SoftwareDistribution
2012-05-07 15:44:29 ----D---- D:\Documents and Settings\All Users\Data aplikací\IObit
2012-05-07 15:44:28 ----D---- D:\Program Files\IObit
2012-05-07 14:38:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\WinRAR
2012-05-07 12:36:39 ----D---- D:\Program Files\BitTorrent
2012-05-07 12:34:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
2012-05-07 12:29:24 ----A---- D:\WINDOWS\system32\drivers\dtsoftbus01.sys
2012-05-07 12:29:21 ----D---- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
2012-05-07 12:29:20 ----D---- D:\Program Files\DAEMON Tools Lite
2012-05-07 12:28:39 ----D---- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-05-07 11:51:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
2012-05-07 10:19:21 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-07 00:22:20 ----A---- D:\WINDOWS\system32\h323log.txt
2012-05-07 00:14:08 ----A---- D:\WINDOWS\system32\drivers\splitter.sys
2012-05-07 00:14:07 ----A---- D:\WINDOWS\system32\drivers\aec.sys
2012-05-07 00:14:06 ----A---- D:\WINDOWS\system32\drivers\swmidi.sys
2012-05-07 00:14:05 ----A---- D:\WINDOWS\system32\drivers\DMusic.sys
2012-05-07 00:14:04 ----A---- D:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-05-07 00:14:03 ----A---- D:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-05-07 00:14:02 ----A---- D:\WINDOWS\system32\drivers\sysaudio.sys
2012-05-07 00:14:01 ----A---- D:\WINDOWS\system32\drivers\kmixer.sys
2012-05-07 00:13:59 ----A---- D:\WINDOWS\system32\drivers\wdmaud.sys
2012-05-07 00:13:58 ----A---- D:\WINDOWS\system32\drivers\drmkaud.sys
2012-05-07 00:13:57 ----A---- D:\WINDOWS\system32\drivers\MSPQM.sys
2012-05-07 00:13:54 ----A---- D:\WINDOWS\system32\drivers\audstub.sys
2012-05-07 00:13:44 ----A---- D:\WINDOWS\system32\hidserv.dll
2012-05-07 00:13:31 ----D---- D:\WINDOWS\system32\RTCOM
2012-05-07 00:13:31 ----A---- D:\WINDOWS\system32\ksuser.dll
2012-05-07 00:13:31 ----A---- D:\WINDOWS\system32\drivers\portcls.sys
2012-05-07 00:13:30 ----A---- D:\WINDOWS\system32\drivers\drmk.sys
2012-05-07 00:12:55 ----A---- D:\WINDOWS\system32\drivers\redbook.sys
2012-05-07 00:12:29 ----A---- D:\WINDOWS\system32\drivers\enum1394.sys
2012-05-07 00:12:02 ----A---- D:\WINDOWS\system32\usbui.dll
2012-05-07 00:10:14 ----SHD---- D:\WINDOWS\Installer
2012-05-07 00:10:14 ----D---- D:\Program Files\Common Files\ODBC
2012-05-07 00:10:14 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2012-05-07 00:10:14 ----A---- D:\WINDOWS\ODBCINST.INI
2012-05-07 00:10:10 ----D---- D:\Program Files\Common Files\SpeechEngines
2012-05-07 00:10:09 ----D---- D:\Program Files\Common Files\Microsoft Shared
2012-05-07 00:10:09 ----D---- D:\Program Files\Common Files
2012-05-07 00:10:09 ----D---- D:\Program Files
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdtuq.dll
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdtuf.dll
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdazel.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbduzb.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdtat.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdmon.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdkyr.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdkaz.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdaze.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdycc.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdur.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdru1.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdru.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdbu.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdblr.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhept.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhela3.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhela2.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe319.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe220.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdgkl.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlv1.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlv.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlt1.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlt.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdest.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdycl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdsl1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdsl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdro.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdpl1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdpl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdhu1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdhu.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdcr.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\KBDAL.DLL
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\irclass.dll
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\dgsetup.dll
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\dgrpsetu.dll
2012-05-07 00:09:48 ----A---- D:\WINDOWS\system32\spxcoins.dll
2012-05-07 00:09:48 ----A---- D:\WINDOWS\system32\EqnClass.Dll
2012-05-07 00:09:46 ----A---- D:\WINDOWS\TASKMAN.EXE
2012-05-07 00:09:45 ----A---- D:\WINDOWS\system32\drivers\irenum.sys
2012-05-07 00:09:45 ----A---- D:\WINDOWS\system32\batt.dll
2012-05-07 00:09:44 ----A---- D:\WINDOWS\system32\storprop.dll
2012-05-07 00:09:44 ----A---- D:\WINDOWS\notepad.exe
2012-05-07 00:09:38 ----ASH---- D:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-05-07 00:09:24 ----D---- D:\WINDOWS\system32\CatRoot2
2012-05-07 00:09:24 ----D---- D:\WINDOWS\system32\CatRoot
2012-05-07 00:09:18 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-05-07 00:07:32 ----A---- D:\WINDOWS\system32\drivers\RtkHDAud.sys
2012-05-07 00:07:25 ----A---- D:\WINDOWS\SOUNDMAN.EXE
2012-05-07 00:07:25 ----A---- D:\WINDOWS\SkyTel.exe
2012-05-07 00:07:24 ----A---- D:\WINDOWS\RtlUpd.exe
2012-05-07 00:07:24 ----A---- D:\WINDOWS\RTLCPL.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\RTHDCPL.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\MicCal.exe
2012-05-07 00:07:23 ----A---- D:\WINDOWS\ALCWZRD.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\ALCMTR.EXE
2012-05-07 00:06:39 ----A---- D:\WINDOWS\system32\drivers\Rtnicxp.sys
2012-05-07 00:06:39 ----A---- D:\WINDOWS\system32\drivers\Rtenicxp.sys
2012-05-07 00:03:12 ----A---- D:\WINDOWS\system32\drivers\AmdK8.sys
2012-05-07 00:03:04 ----D---- D:\Documents and Settings
2012-05-07 00:03:03 ----SHD---- D:\System Volume Information
2012-05-07 00:03:03 ----A---- D:\WINDOWS\system32\FNTCACHE.DAT
2012-05-06 23:56:43 ----SD---- D:\WINDOWS\Downloaded Program Files
2012-05-06 23:56:43 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-05-06 23:56:43 ----RSD---- D:\WINDOWS\Fonts
2012-05-06 23:56:43 ----RD---- D:\WINDOWS\Web
2012-05-06 23:56:43 ----HD---- D:\WINDOWS\inf
2012-05-06 23:56:43 ----D---- D:\WINDOWS\WinSxS
2012-05-06 23:56:43 ----D---- D:\WINDOWS\WBEM
2012-05-06 23:56:43 ----D---- D:\WINDOWS\twain_32
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Temp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\wins
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\wbem
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\usmt
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\spool
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ShellExt
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\Setup
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ras
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\oobe
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\npp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\mui
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\inetsrv
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\IME
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\icsxml
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ias
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\export
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\UMDF
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\etc
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\disdn
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\dhcp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\cs-cz
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\cs
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\config
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\3com_dmi
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\3076
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\2052
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1054
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1042
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1041
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1037
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1033
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1031
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1029
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1028
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1025
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system
2012-05-06 23:56:43 ----D---- D:\WINDOWS\security
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Resources
2012-05-06 23:56:43 ----D---- D:\WINDOWS\repair
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Provisioning
2012-05-06 23:56:43 ----D---- D:\WINDOWS\pchealth
2012-05-06 23:56:43 ----D---- D:\WINDOWS\PeerNet
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Offline Web Pages
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Network Diagnostic
2012-05-06 23:56:43 ----D---- D:\WINDOWS\mui
2012-05-06 23:56:43 ----D---- D:\WINDOWS\msapps
2012-05-06 23:56:43 ----D---- D:\WINDOWS\msagent
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Media
2012-05-06 23:56:43 ----D---- D:\WINDOWS\L2Schemas
2012-05-06 23:56:43 ----D---- D:\WINDOWS\java
2012-05-06 23:56:43 ----D---- D:\WINDOWS\ime
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Help
2012-05-06 23:56:43 ----D---- D:\WINDOWS\ehome
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Driver Cache
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Debug
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Cursors
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Connection Wizard
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Config
2012-05-06 23:56:43 ----D---- D:\WINDOWS\AppPatch
2012-05-06 23:56:43 ----D---- D:\WINDOWS\addins
2012-05-06 23:56:43 ----D---- D:\WINDOWS
2012-05-06 23:56:43 ----ASH---- D:\pagefile.sys
2012-05-06 23:20:48 ----D---- D:\Documents and Settings\Admin\Data aplikací\Macromedia
2012-05-06 23:20:48 ----D---- D:\Documents and Settings\Admin\Data aplikací\Adobe
2012-05-06 23:13:56 ----A---- D:\WINDOWS\system32\drivers\nvhda32.sys
2012-05-06 23:13:55 ----A---- D:\WINDOWS\system32\nvhdap32.dll
2012-05-06 23:13:55 ----A---- D:\WINDOWS\system32\nvcohda.dll
2012-05-06 23:13:50 ----D---- D:\NVIDIA
2012-05-06 23:09:10 ----A---- D:\WINDOWS\nsreg.dat
2012-05-06 23:09:07 ----D---- D:\Documents and Settings\Admin\Data aplikací\Mozilla
2012-05-06 23:01:58 ----D---- D:\WINDOWS\system32\Lang
2012-05-06 23:01:58 ----D---- D:\Documents and Settings\Admin\Data aplikací\Skype
2012-05-06 23:01:36 ----A---- D:\WINDOWS\system32\wmpns.dll
2012-05-06 23:01:35 ----D---- D:\Documents and Settings\Admin\Data aplikací\Identities
2012-05-06 23:01:32 ----HD---- D:\Program Files\Uninstall Information
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\TwnLib4.dll
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\imagXRA7.dll
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\imagXR7.dll
2012-05-06 22:59:53 ----D---- D:\Program Files\Nero
2012-05-06 22:59:53 ----D---- D:\Program Files\Common Files\Nero
2012-05-06 22:59:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Nero
2012-05-06 22:59:53 ----A---- D:\WINDOWS\system32\imagXpr7.dll
2012-05-06 22:59:53 ----A---- D:\WINDOWS\system32\imagX7.dll
2012-05-06 22:59:37 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-05-06 22:59:29 ----HD---- D:\Program Files\InstallShield Installation Information
2012-05-06 22:59:29 ----D---- D:\Program Files\NVIDIA Corporation
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\msvcp71.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\MFC71.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\DSETUP.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\drivers\pfc.sys
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\drivers\nvport.sys
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\DolbyHph.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\atl71.dll
2012-05-06 22:59:27 ----A---- D:\WINDOWS\system32\msvcr71.dll
2012-05-06 22:59:24 ----D---- D:\Program Files\Common Files\InstallShield
2012-05-06 22:59:00 ----D---- D:\Documents and Settings\Admin\Data aplikací\Sun
2012-05-06 22:58:44 ----HDC---- D:\WINDOWS\$NtUninstallXPSEPSCLP$
2012-05-06 22:57:38 ----D---- D:\Program Files\MSBuild
2012-05-06 22:57:36 ----D---- D:\WINDOWS\system32\XPSViewer
2012-05-06 22:57:33 ----D---- D:\WINDOWS\system32\en-us
2012-05-06 22:57:33 ----D---- D:\Program Files\Reference Assemblies
2012-05-06 22:57:15 ----N---- D:\WINDOWS\system32\spmsg2.dll
2012-05-06 22:54:03 ----D---- D:\Program Files\WinRAR
2012-05-06 22:53:31 ----D---- D:\Program Files\OpenOffice.org 3
2012-05-06 22:52:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Adobe
2012-05-06 22:52:49 ----D---- D:\Program Files\Common Files\Adobe
2012-05-06 22:52:49 ----D---- D:\Program Files\Adobe
2012-05-06 22:52:11 ----D---- D:\Program Files\Common Files\Software Update Utility
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\vxblock.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxwave.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxsfs.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxmas.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxinsa64.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxhpinst.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxdrv.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxcpya64.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxafs.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\px.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\drivers\cdralw2k.sys
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\drivers\cdr4_xp.sys
2012-05-06 22:51:44 ----D---- D:\Program Files\Winamp
2012-05-06 22:51:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\Winamp
2012-05-06 22:51:38 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2012-05-06 22:51:35 ----D---- D:\Program Files\Google
2012-05-06 22:51:24 ----D---- D:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-06 22:51:16 ----D---- D:\Program Files\Mozilla Firefox
2012-05-06 22:51:07 ----A---- D:\WPI_Log.txt
2012-05-06 22:48:19 ----SD---- D:\Documents and Settings\Admin\Data aplikací\Microsoft
2012-05-06 22:48:19 ----ASH---- D:\Documents and Settings\Admin\Data aplikací\desktop.ini
2012-05-06 22:46:25 ----D---- D:\WINDOWS\SoftwareDistribution
2012-05-06 22:46:10 ----SD---- D:\WINDOWS\system32\Microsoft
2012-05-06 22:46:10 ----D---- D:\WINDOWS\Prefetch
2012-05-06 22:46:10 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-05-06 22:44:58 ----AS---- D:\WINDOWS\bootstat.dat
2012-05-06 22:41:40 ----D---- D:\WINDOWS\system32\xircom
2012-05-06 22:41:40 ----D---- D:\Program Files\xerox
2012-05-06 22:41:40 ----D---- D:\Program Files\microsoft frontpage
2012-05-06 22:40:56 ----N---- D:\WINDOWS\system32\drivers\pxhelp20.sys
2012-05-06 22:40:12 ----D---- D:\Program Files\Windows Plus
2012-05-06 22:40:11 ----A---- D:\WINDOWS\system32\mypixdx.scr
2012-05-06 22:40:09 ----A---- D:\WINDOWS\system32\nature.scr
2012-05-06 22:40:07 ----A---- D:\WINDOWS\system32\davinci.scr
2012-05-06 22:40:05 ----A---- D:\WINDOWS\system32\space.scr
2012-05-06 22:40:03 ----A---- D:\WINDOWS\system32\wpgldfsh.scr
2012-05-06 22:39:24 ----A---- D:\WINDOWS\system32\mhn.dll
2012-05-06 22:39:24 ----A---- D:\WINDOWS\system32\drivers\mhndrv.sys
2012-05-06 22:39:20 ----A---- D:\WINDOWS\system32\igdetect.dll
2012-05-06 22:39:12 ----D---- D:\Program Files\Common Files\Steam
2012-05-06 22:39:11 ----D---- D:\Program Files\Steam
2012-05-06 22:38:16 ----A---- D:\WINDOWS\system32\Bliss.scr
2012-05-06 22:37:30 ----RSD---- D:\WINDOWS\assembly
2012-05-06 22:37:30 ----D---- D:\WINDOWS\system32\URTTemp
2012-05-06 22:37:30 ----D---- D:\WINDOWS\Microsoft.NET
2012-05-06 22:37:15 ----D---- D:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2012-05-06 22:37:05 ----HDC---- D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2012-05-06 22:37:00 ----D---- D:\Program Files\Alky for Applications
2012-05-06 22:36:34 ----N---- D:\WINDOWS\system32\imapi2fs.dll
2012-05-06 22:36:34 ----N---- D:\WINDOWS\system32\imapi2.dll
2012-05-06 22:36:22 ----A---- D:\WINDOWS\system32\spupdsvc.exe
2012-05-06 22:35:59 ----D---- D:\Program Files\Common Files\Skype
2012-05-06 22:35:58 ----RD---- D:\Program Files\Skype
2012-05-06 22:35:46 ----N---- D:\WINDOWS\system32\spmsg.dll
2012-05-06 22:35:45 ----HD---- D:\WINDOWS\$hf_mig$
2012-05-06 22:35:38 ----A---- D:\WINDOWS\control.ini
2012-05-06 22:35:25 ----A---- D:\WINDOWS\system32\mapi32.dll
2012-05-06 22:34:29 ----HD---- D:\Program Files\WindowsUpdate
2012-05-06 22:34:26 ----D---- D:\Program Files\Online Services
2012-05-06 22:34:09 ----D---- D:\WINDOWS\system32\DirectX
2012-05-06 22:34:00 ----A---- D:\WINDOWS\system32\atrace.dll
2012-05-06 22:33:57 ----A---- D:\WINDOWS\system32\desktop.ini
2012-05-06 22:33:57 ----A---- D:\WINDOWS\desktop.ini
2012-05-06 22:33:49 ----A---- D:\WINDOWS\system32\nmevtmsg.dll
2012-05-06 22:33:47 ----D---- D:\Program Files\Common Files\Services
2012-05-06 22:33:47 ----A---- D:\WINDOWS\system32\acctres.dll
2012-05-06 22:33:44 ----SD---- D:\WINDOWS\Tasks
2012-05-06 22:33:44 ----A---- D:\WINDOWS\system32\icfgnt5.dll
2012-05-06 22:33:42 ----D---- D:\Program Files\Common Files\MSSoap
2012-05-06 22:33:37 ----D---- D:\WINDOWS\srchasst
2012-05-06 22:33:36 ----D---- D:\WINDOWS\system32\Macromed
2012-05-06 22:33:34 ----A---- D:\WINDOWS\system32\wuweb.dll
2012-05-06 22:33:34 ----A---- D:\WINDOWS\system32\wucltui.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wups.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauserv.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuaueng1.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuaueng.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauclt1.exe
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauclt.exe
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\wuapi.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\qmgrprxy.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\qmgr.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx4.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx3.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx2.dll
2012-05-06 22:33:27 ----D---- D:\Program Files\Movie Maker
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrslv.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrdm.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrcdlg.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\racpldlg.dll
2012-05-06 22:32:58 ----A---- D:\WINDOWS\system32\fltMc.exe
2012-05-06 22:32:58 ----A---- D:\WINDOWS\system32\fltlib.dll
2012-05-06 22:32:57 ----D---- D:\WINDOWS\system32\Restore
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srsvc.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srrstr.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srclient.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\drivers\fltMgr.sys
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\mnmdd.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\isrdbg32.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\ils.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\drivers\sr.sys
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\nmmkcert.dll
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\msconf.dll
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\mnmsrvc.exe
2012-05-06 22:32:51 ----D---- D:\Program Files\NetMeeting
2012-05-06 22:32:51 ----A---- D:\WINDOWS\system32\msoert2.dll
2012-05-06 22:32:51 ----A---- D:\WINDOWS\system32\msoeacct.dll
2012-05-06 22:32:49 ----A---- D:\WINDOWS\system32\inetres.dll
2012-05-06 22:32:49 ----A---- D:\WINDOWS\system32\inetcomm.dll
2012-05-06 22:32:46 ----D---- D:\Program Files\Outlook Express
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\schedsvc.dll
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\mstinit.exe
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\mstask.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\isign32.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\inetcfg.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\icwphbk.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\icwdial.dll
2012-05-06 22:32:37 ----D---- D:\Program Files\Common Files\System
2012-05-06 22:32:36 ----D---- D:\Program Files\Internet Explorer
2012-05-06 22:32:12 ----A---- D:\WINDOWS\system32\emptyregdb.dat
2012-05-06 22:32:06 ----D---- D:\Program Files\ComPlus Applications
2012-05-06 22:32:05 ----A---- D:\WINDOWS\vbaddin.ini
2012-05-06 22:32:05 ----A---- D:\WINDOWS\vb.ini
2012-05-06 22:32:01 ----D---- D:\WINDOWS\Registration
2012-05-06 22:30:38 ----D---- D:\Program Files\VistaExperience.org
2012-05-06 22:29:12 ----D---- D:\Program Files\Windows Sidebar
2012-05-06 22:29:05 ----D---- D:\Program Files\Windows Media Connect 2
2012-05-06 22:29:04 ----D---- D:\Program Files\Windows Media Player
2012-05-06 22:29:03 ----D---- D:\Program Files\Messenger
2012-05-06 22:28:59 ----D---- D:\Program Files\MSN Gaming Zone
2012-05-06 22:28:59 ----A---- D:\WINDOWS\system32\write.exe
2012-05-06 22:28:48 ----A---- D:\WINDOWS\system32\sndvol32.exe
2012-05-06 22:28:48 ----A---- D:\WINDOWS\system32\hticons.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\winchat.exe
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avwav.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avtapi.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avmeter.dll
2012-05-06 22:28:39 ----A---- D:\WINDOWS\system32\getuname.dll
2012-05-06 22:28:38 ----A---- D:\WINDOWS\system32\charmap.exe
2012-05-06 22:28:38 ----A---- D:\WINDOWS\system32\calc.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\winmine.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\sol.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\mshearts.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\usrlogon.cmd
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tsshutdn.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tslabels.ini
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tskill.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tsdiscon.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tscon.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\reset.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\freecell.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\shadow.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\rwinsta.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\regini.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\rdpcfgex.dll
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\qwinsta.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\qappsrv.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\msg.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\logoff.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\cdmodem.dll
2012-05-06 22:28:34 ----A---- D:\WINDOWS\system32\msdtcprf.ini
2012-05-06 22:28:27 ----A---- D:\WINDOWS\system32\wmimgmt.msc
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\sndrec32.exe
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\mplay32.exe
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\accwiz.exe
2012-05-06 22:28:25 ----D---- D:\Program Files\Windows NT
2012-05-06 22:28:25 ----A---- D:\WINDOWS\system32\hypertrm.dll
2012-05-06 22:28:24 ----A---- D:\WINDOWS\system32\mspaint.exe
2012-05-06 22:28:24 ----A---- D:\WINDOWS\system32\clipbrd.exe
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\spider.exe
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\drivers\tdtcp.sys
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\drivers\tdpipe.sys
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\tsgqec.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\tscfgwmi.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\rhttpaa.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\drivers\rdpwd.sys
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\aaclient.dll
2012-05-06 22:28:21 ----A---- D:\WINDOWS\system32\mstscax.dll
2012-05-06 22:28:21 ----A---- D:\WINDOWS\system32\mstsc.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\termsrv.dll
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\sessmgr.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\remotepg.dll
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdshost.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdsaddin.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdchost.dll
2012-05-06 22:28:19 ----D---- D:\WINDOWS\system32\MsDtc
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpwsx.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpsnd.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpclip.exe
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\qprocess.exe
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\msdtcuiu.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\icaapi.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\cfgbkend.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\xolehlp.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\mtxoci.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\msdtctm.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\msdtcprx.dll
2012-05-06 22:28:17 ----A---- D:\WINDOWS\system32\msdtclog.dll
2012-05-06 22:28:17 ----A---- D:\WINDOWS\system32\msdtc.exe
2012-05-06 22:28:16 ----D---- D:\WINDOWS\system32\Com
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\stclient.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxlegih.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxex.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxdm.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\dcomcnfg.exe
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\comrepl.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\comaddin.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\colbact.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\clbcatex.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrvut.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrvps.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrv.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comuid.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comsvcs.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comsnap.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\clbcatq.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\servdeps.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\mmfutil.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\licwmi.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\cmprops.dll
2012-05-06 22:28:02 ----A---- D:\WINDOWS\system32\drivers\termdd.sys
2012-05-06 22:28:01 ----A---- D:\WINDOWS\system32\drivers\rdpdr.sys
2012-05-06 22:11:59 ----D---- D:\Documents and Settings\Admin\Data aplikací\Avira
2012-05-06 21:48:24 ----D---- D:\Documents and Settings\Admin\Data aplikací\minecraft2
2012-05-06 21:45:34 ----D---- D:\Hry
2012-05-06 21:40:07 ----SHD---- D:\RECYCLER
2012-05-06 21:34:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Sun
2012-05-06 21:33:54 ----A---- D:\WINDOWS\system32\npdeployJava1.dll
2012-05-06 21:33:54 ----A---- D:\WINDOWS\system32\deployJava1.dll
2012-05-06 21:33:44 ----D---- D:\Program Files\Java
2012-05-06 21:20:10 ----D---- D:\Program Files\Mozilla Maintenance Service
2012-05-06 21:20:10 ----D---- D:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-05-06 21:05:35 ----A---- D:\WINDOWS\system32\drivers\ssmdrv.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avkmgr.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avipbb.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avgntflt.sys
2012-05-06 21:05:32 ----D---- D:\Program Files\Avira
2012-05-06 21:05:32 ----D---- D:\Documents and Settings\All Users\Data aplikací\Avira
2012-05-06 21:03:33 ----D---- D:\Documents and Settings\Admin\Data aplikací\skypePM
2012-05-06 21:03:33 ----A---- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
======List of files/folders modified in the last 3 months======
2012-06-08 21:43:45 ----A---- D:\WINDOWS\win.ini
2012-06-08 21:43:45 ----A---- D:\WINDOWS\system.ini
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\ir32_32.dll
2012-05-06 22:35:12 ----ASH---- D:\WINDOWS\fonts\desktop.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); D:\WINDOWS\system32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); D:\WINDOWS\system32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); D:\WINDOWS\system32\drivers\sfsync04.sys [2006-05-10 52224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK8;AMD Processor Driver; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-05-09 137928]
R1 avkmgr;avkmgr; D:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-05-07 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\D:\WINDOWS\system32\Drivers\nvport.sys []
R1 SCDEmu;SCDEmu; D:\WINDOWS\system32\drivers\SCDEmu.sys [2012-05-31 113104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-05-09 83392]
R3 aracpi;aracpi; D:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-27 22784]
R3 arhidfltr;MS Ar HID Filter Driver; D:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-27 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; D:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-27 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; D:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-27 4992]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-12-27 60800]
R3 ARPolicy;ARPolicy; D:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-27 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 MBAMProtector;MBAMProtector; \??\D:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-27 12160]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-12-27 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-30 10279520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; D:\WINDOWS\system32\drivers\nvhda32.sys [2009-11-12 57320]
R3 pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-21 104320]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-09 110032]
R2 AntiVirSchedulerService;Avira Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
R2 ARSVC;ARSVC; D:\WINDOWS\arservice.exe [2008-12-27 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; D:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; D:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 FileZilla Server;FileZilla Server FTP server; D:\Program Files\FileZilla Server\FileZilla Server.exe [2012-02-26 632320]
R2 MBAMService;MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 McrdSvc;Media Center Extender Service; D:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NMSAccess;NMSAccess; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-01-31 154216]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2012-06-21 76888]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); D:\Program Files\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-06-27 935008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); D:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2012-05-31 529232]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
======List of files/folders created in the last 3 months======
2012-06-29 14:01:49 ----D---- D:\rsit
2012-06-29 13:51:35 ----A---- D:\WINDOWS\system32\OLD4.tmp
2012-06-29 13:51:29 ----D---- D:\WINDOWS\LastGood
2012-06-28 13:18:20 ----D---- D:\Program Files\ArmA 2
2012-06-28 07:03:19 ----RHD---- D:\Documents and Settings\Admin\Data aplikací\SecuROM
2012-06-27 09:29:34 ----D---- D:\Documents and Settings\Admin\Data aplikací\PowerISO
2012-06-27 09:28:35 ----D---- D:\Documents and Settings\All Users\Data aplikací\AVG Secure Search
2012-06-27 09:28:35 ----D---- D:\Documents and Settings\Admin\Data aplikací\AVG Secure Search
2012-06-27 09:28:31 ----D---- D:\Program Files\Common Files\AVG Secure Search
2012-06-27 09:28:30 ----D---- D:\Program Files\AVG Secure Search
2012-06-27 09:27:23 ----HD---- D:\Documents and Settings\All Users\Data aplikací\Common Files
2012-06-27 09:27:20 ----D---- D:\Program Files\PowerISO
2012-06-27 09:22:30 ----D---- D:\Documents and Settings\Admin\Data aplikací\Spirited Machine
2012-06-27 09:22:09 ----D---- D:\Program Files\Spirited Machine
2012-06-27 08:51:31 ----SHD---- D:\Config.Msi
2012-06-27 08:14:34 ----HD---- D:\WINDOWS\msdownld.tmp
2012-06-26 15:01:00 ----D---- D:\Program Files\AV Music Morpher Gold
2012-06-26 15:01:00 ----D---- D:\Documents and Settings\All Users\Data aplikací\Avnex
2012-06-26 14:36:27 ----D---- D:\Program Files\Dart Karaoke Studio CDG
2012-06-26 14:36:27 ----A---- D:\WINDOWS\system32\MFC71U.DLL
2012-06-26 14:32:25 ----A---- D:\WINDOWS\iun6002.exe
2012-06-26 14:32:23 ----D---- D:\Program Files\Karaoke Anything!
2012-06-25 23:27:56 ----D---- D:\Program Files\Conduit
2012-06-25 23:27:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\uTorrent Turbo Booster
2012-06-25 23:27:41 ----D---- D:\Program Files\Complitly
2012-06-25 23:27:41 ----D---- D:\Documents and Settings\Admin\Data aplikací\Complitly
2012-06-25 21:36:52 ----D---- D:\Documents and Settings\Admin\Data aplikací\six-updater
2012-06-25 21:36:51 ----D---- D:\Documents and Settings\Admin\Data aplikací\six-zsync
2012-06-25 21:35:56 ----D---- D:\Program Files\SIX Projects
2012-06-24 22:00:32 ----D---- D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoftIEHelpers
2012-06-24 22:00:23 ----A---- D:\WINDOWS\system32\Newtonsoft.Json.Net20.dll
2012-06-24 22:00:18 ----D---- D:\Program Files\DVDVideoSoft
2012-06-24 22:00:18 ----D---- D:\Program Files\Common Files\DVDVideoSoft
2012-06-24 21:59:52 ----D---- D:\Documents and Settings\Admin\Data aplikací\DVDVideoSoft
2012-06-24 21:55:00 ----D---- D:\Documents and Settings\All Users\Data aplikací\YTD YouTube Downloader & Converter
2012-06-24 21:54:56 ----D---- D:\Program Files\YTD YouTube Downloader & Converter
2012-06-23 18:49:54 ----A---- D:\WINDOWS\system32\msipfh32.dll
2012-06-23 18:44:37 ----HD---- D:\WINDOWS\PIF
2012-06-23 17:15:44 ----N---- D:\WINDOWS\system32\SET331.tmp
2012-06-23 17:15:44 ----N---- D:\WINDOWS\system32\SET330.tmp
2012-06-23 17:15:43 ----N---- D:\WINDOWS\system32\SET32F.tmp
2012-06-23 17:15:43 ----D---- D:\b64b0dd5c246d309d23e0db23c129e
2012-06-23 17:15:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\Blizzard
2012-06-23 17:03:12 ----D---- D:\Program Files\Common Files\Blizzard Entertainment
2012-06-23 16:38:07 ----D---- D:\Documents and Settings\All Users\Data aplikací\TrackMania
2012-06-23 16:29:19 ----D---- D:\Program Files\TmUnitedForever
2012-06-21 19:49:07 ----A---- D:\WINDOWS\system32\drivers\PnkBstrK.sys
2012-06-21 19:49:02 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
2012-06-21 19:48:54 ----A---- D:\WINDOWS\system32\PnkBstrA.exe
2012-06-20 00:06:26 ----D---- D:\Documents and Settings\Admin\Data aplikací\Nero
2012-06-18 23:15:39 ----D---- D:\Documents and Settings\Admin\Data aplikací\InfraRecorder
2012-06-18 23:15:37 ----D---- D:\Program Files\InfraRecorder
2012-06-18 23:08:57 ----D---- D:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
2012-06-18 23:08:57 ----D---- D:\Documents and Settings\Admin\Data aplikací\Canneverbe Limited
2012-06-18 23:08:42 ----A---- D:\WINDOWS\system32\drivers\StarOpen.sys
2012-06-18 23:08:41 ----D---- D:\Program Files\CDBurnerXP
2012-06-17 21:24:12 ----D---- D:\Documents and Settings\Admin\Data aplikací\.minecraft
2012-06-17 21:19:54 ----D---- D:\Documents and Settings\Admin\Data aplikací\minecraft
2012-06-16 11:47:21 ----D---- D:\Documents and Settings\Admin\Data aplikací\vlc
2012-06-16 11:45:08 ----D---- D:\Program Files\VideoLAN
2012-06-16 06:13:01 ----D---- D:\Program Files\The KMPlayer
2012-06-15 13:44:33 ----D---- D:\Avenger
2012-06-13 14:50:04 ----D---- D:\Program Files\Call of Duty 4 - Modern Warfare
2012-06-12 18:22:08 ----A---- D:\WINDOWS\system32\PerfStringBackup.TMP
2012-06-12 08:40:35 ----A---- D:\WINDOWS\resetlog.txt
2012-06-11 14:28:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\Malwarebytes
2012-06-11 14:28:11 ----D---- D:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2012-06-11 14:28:10 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
2012-06-11 14:28:10 ----A---- D:\WINDOWS\system32\drivers\mbam.sys
2012-06-11 14:17:13 ----SHD---- D:\WINDOWS\CSC
2012-06-10 19:27:02 ----A---- D:\WINDOWS\ntbtlog.txt
2012-06-10 15:33:15 ----D---- D:\Program Files\trend micro
2012-06-10 12:41:34 ----D---- D:\WINDOWS\ERDNT
2012-06-09 11:56:06 ----D---- D:\Documents and Settings\All Users\Data aplikací\Ask
2012-06-09 11:56:00 ----D---- D:\Program Files\Common Files\Java
2012-06-09 11:55:39 ----D---- D:\Program Files\Oracle
2012-06-09 11:55:30 ----D---- D:\Documents and Settings\Admin\Data aplikací\Oracle
2012-06-09 11:55:24 ----A---- D:\WINDOWS\system32\javaws.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\javaw.exe
2012-06-09 11:55:18 ----A---- D:\WINDOWS\system32\java.exe
2012-06-08 23:05:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Solidshield
2012-06-08 22:53:03 ----D---- D:\Documents and Settings\All Users\Data aplikací\EA Core
2012-06-08 22:30:22 ----D---- D:\Program Files\CCleaner
2012-06-08 22:28:49 ----D---- D:\Program Files\Electronic Arts
2012-06-08 21:43:04 ----D---- D:\WINDOWS\pss
2012-06-08 21:19:44 ----D---- D:\WINDOWS\system32\appmgmt
2012-06-06 16:23:45 ----D---- D:\Program Files\GotCLIP Downloader
2012-06-03 19:02:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\CyberLink
2012-06-03 19:01:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\SmartSound Software Inc
2012-06-03 19:01:19 ----D---- D:\Program Files\SmartSound Software
2012-06-03 18:56:57 ----D---- D:\Program Files\CyberLink
2012-06-03 18:23:02 ----A---- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
2012-06-03 18:22:45 ----D---- D:\Documents and Settings\All Users\Data aplikací\CyberLink
2012-06-03 15:05:09 ----D---- D:\Documents and Settings\Admin\Data aplikací\Sony
2012-06-03 10:02:15 ----AD---- D:\Documents and Settings\All Users\Data aplikací\TEMP
2012-06-02 14:24:28 ----D---- D:\Documents and Settings\Admin\Data aplikací\Audacity
2012-06-02 14:24:13 ----D---- D:\Program Files\Audacity
2012-06-02 03:02:13 ----D---- D:\Fraps
2012-06-01 18:11:09 ----D---- D:\Program Files\Origin Games
2012-06-01 18:11:06 ----D---- D:\Documents and Settings\Admin\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Origin
2012-06-01 18:10:56 ----D---- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-06-01 18:10:37 ----D---- D:\Program Files\Origin
2012-05-31 17:48:10 ----A---- D:\WINDOWS\NeroDigital.ini
2012-05-31 17:34:24 ----D---- D:\Documents and Settings\Admin\Data aplikací\Toribash
2012-05-31 17:32:10 ----D---- D:\Program Files\Taksi
2012-05-31 17:12:42 ----A---- D:\WINDOWS\system32\D3DX81ab.dll
2012-05-31 17:12:25 ----D---- D:\Program Files\Quobi
2012-05-31 15:42:25 ----D---- D:\WINDOWS\system32\LogFiles
2012-05-31 08:40:50 ----A---- D:\WINDOWS\system32\drivers\scdemu.sys
2012-05-30 21:19:08 ----D---- D:\Program Files\Call of Duty Moders Warfare 3
2012-05-30 19:39:50 ----D---- D:\GAMES
2012-05-29 07:14:47 ----A---- D:\WINDOWS\system32\CmdLineExt.dll
2012-05-29 07:14:11 ----D---- D:\Documents and Settings\Admin\Data aplikací\Leadertech
2012-05-27 20:50:27 ----A---- D:\WINDOWS\system32\LMRTREND.dll
2012-05-27 20:50:26 ----A---- D:\WINDOWS\system32\dxtmsft3.dll
2012-05-27 20:50:23 ----A---- D:\WINDOWS\system32\unam4ie.exe
2012-05-27 20:50:21 ----A---- D:\WINDOWS\system32\vidx16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf32.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\w95inf16.dll
2012-05-27 20:50:20 ----A---- D:\WINDOWS\system32\qcut.dll
2012-05-27 20:45:01 ----A---- D:\WINDOWS\IsUninst.exe
2012-05-27 20:27:42 ----D---- D:\Program Files\GIGABYTE
2012-05-27 18:14:41 ----A---- D:\WINDOWS\eReg.dat
2012-05-27 18:11:38 ----D---- D:\Program Files\EA SPORTS
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\IR41_32.DLL
2012-05-27 16:44:03 ----D---- D:\UbiSoft
2012-05-27 16:43:42 ----D---- D:\WINDOWS\UbiSoft
2012-05-27 15:53:01 ----D---- D:\WINDOWS\Minidump
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\All Users\Data aplikací\Alternative Software Ltd
2012-05-26 11:25:34 ----D---- D:\Documents and Settings\Admin\Data aplikací\Alternative Software Ltd
2012-05-26 11:23:57 ----D---- D:\Program Files\Alternative Software Ltd
2012-05-25 22:19:44 ----A---- D:\WINDOWS\SIERRA.INI
2012-05-25 22:19:18 ----D---- D:\Program Files\Sierra
2012-05-25 20:19:46 ----D---- D:\Documents and Settings\Admin\Data aplikací\TS3Client
2012-05-25 16:06:21 ----D---- D:\Program Files\Stronghold Crusader
2012-05-25 14:53:04 ----D---- D:\Documents and Settings\Admin\Data aplikací\GameRanger
2012-05-24 23:03:08 ----D---- D:\Program Files\Microsoft.NET
2012-05-23 06:16:52 ----A---- D:\WINDOWS\system32\CmdLineExt03.dll
2012-05-23 06:10:48 ----D---- D:\Program Files\Starbreeze Studios
2012-05-19 18:10:18 ----A---- D:\WINDOWS\wordpad.INI
2012-05-15 14:43:00 ----A---- D:\WINDOWS\system32\d3d9caps.dat
2012-05-13 21:14:16 ----A---- D:\WINDOWS\system32\drivers\usbprint.sys
2012-05-13 00:45:53 ----D---- D:\Program Files\Lua
2012-05-13 00:45:02 ----D---- D:\Program Files\Notepad++
2012-05-13 00:45:02 ----D---- D:\Documents and Settings\Admin\Data aplikací\Notepad++
2012-05-11 20:11:17 ----D---- D:\Documents and Settings\Admin\Data aplikací\Google
2012-05-10 18:29:10 ----D---- D:\Program Files\Matik-Demo
2012-05-09 17:29:43 ----A---- D:\WINDOWS\system32\XAudio2_7.dll
2012-05-09 17:29:43 ----A---- D:\WINDOWS\system32\XAPOFX1_5.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\xactengine3_7.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dx11_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dx10_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\d3dcsx_43.dll
2012-05-09 17:29:42 ----A---- D:\WINDOWS\system32\D3DCompiler_43.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\XAudio2_6.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\XAPOFX1_4.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\xactengine3_6.dll
2012-05-09 17:29:41 ----A---- D:\WINDOWS\system32\D3DX9_43.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\XAudio2_5.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\xactengine3_5.dll
2012-05-09 17:29:40 ----A---- D:\WINDOWS\system32\X3DAudio1_7.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\d3dx11_42.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\d3dcsx_42.dll
2012-05-09 17:29:39 ----A---- D:\WINDOWS\system32\D3DCompiler_42.dll
2012-05-09 17:29:38 ----A---- D:\WINDOWS\system32\D3DX9_42.dll
2012-05-09 17:29:38 ----A---- D:\WINDOWS\system32\d3dx10_42.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\XAudio2_4.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\XAPOFX1_3.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\D3DX9_41.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\d3dx10_41.dll
2012-05-09 17:29:37 ----A---- D:\WINDOWS\system32\D3DCompiler_41.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\xactengine3_4.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\X3DAudio1_6.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\d3dx10_40.dll
2012-05-09 17:29:36 ----A---- D:\WINDOWS\system32\D3DCompiler_40.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\XAudio2_3.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\XAPOFX1_2.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\xactengine3_3.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\X3DAudio1_5.dll
2012-05-09 17:29:35 ----A---- D:\WINDOWS\system32\D3DX9_40.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\XAudio2_2.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\XAPOFX1_1.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\xactengine3_2.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\d3dx10_39.dll
2012-05-09 17:29:34 ----A---- D:\WINDOWS\system32\D3DCompiler_39.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\XAudio2_1.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\XAPOFX1_0.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\xactengine3_1.dll
2012-05-09 17:29:33 ----A---- D:\WINDOWS\system32\D3DX9_39.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\X3DAudio1_4.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\d3dx10_38.dll
2012-05-09 17:29:32 ----A---- D:\WINDOWS\system32\D3DCompiler_38.dll
2012-05-09 17:29:31 ----A---- D:\WINDOWS\system32\D3DX9_38.dll
2012-05-09 17:27:40 ----D---- D:\WINDOWS\Logs
2012-05-09 03:49:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-05-09 03:48:23 ----HDC---- D:\WINDOWS\$NtUninstallKB959426$
2012-05-09 03:46:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2467659$
2012-05-09 03:46:39 ----D---- D:\WINDOWS\ie8updates
2012-05-09 03:44:15 ----HDC---- D:\WINDOWS\ie8
2012-05-09 03:40:30 ----D---- D:\Program Files\Adobe Media Player
2012-05-09 03:39:33 ----A---- D:\WINDOWS\system32\MRT.exe
2012-05-09 03:28:16 ----D---- D:\66f20e54c31fdba8c7e5b029da615a
2012-05-09 03:28:12 ----HDC---- D:\WINDOWS\$NtUninstallKB2641653$
2012-05-09 03:28:07 ----HDC---- D:\WINDOWS\$NtUninstallKB2387149$
2012-05-09 03:28:01 ----HDC---- D:\WINDOWS\$NtUninstallKB960859$
2012-05-09 03:27:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2564958$
2012-05-09 03:27:53 ----HDC---- D:\WINDOWS\$NtUninstallKB2478971$
2012-05-09 03:27:48 ----HDC---- D:\WINDOWS\$NtUninstallKB2544893-v2$
2012-05-09 03:27:43 ----HDC---- D:\WINDOWS\$NtUninstallKB2536276-v2$
2012-05-09 03:27:34 ----HDC---- D:\WINDOWS\$NtUninstallKB2646524$
2012-05-09 03:27:29 ----HDC---- D:\WINDOWS\$NtUninstallKB2585542$
2012-05-09 03:27:23 ----HDC---- D:\WINDOWS\$NtUninstallKB2631813$
2012-05-09 03:27:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2296011$
2012-05-09 03:27:14 ----HDC---- D:\WINDOWS\$NtUninstallKB2115168$
2012-05-09 03:27:08 ----HDC---- D:\WINDOWS\$NtUninstallKB975558_WM8$
2012-05-09 03:27:04 ----HDC---- D:\WINDOWS\$NtUninstallKB955759$
2012-05-09 03:26:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-05-09 03:26:17 ----HDC---- D:\WINDOWS\$NtUninstallKB974318$
2012-05-09 03:26:00 ----HDC---- D:\WINDOWS\$NtUninstallKB969059$
2012-05-09 03:25:48 ----HDC---- D:\WINDOWS\$NtUninstallKB2443105$
2012-05-09 03:25:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2229593$
2012-05-09 03:25:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2481109$
2012-05-09 03:25:04 ----HDC---- D:\WINDOWS\$NtUninstallKB975713$
2012-05-09 03:24:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2485663$
2012-05-09 03:24:39 ----HDC---- D:\WINDOWS\$NtUninstallKB2598479$
2012-05-09 03:24:29 ----HDC---- D:\WINDOWS\$NtUninstallKB2440591$
2012-05-09 03:24:12 ----HDC---- D:\WINDOWS\$NtUninstallKB982132$
2012-05-09 03:24:06 ----HDC---- D:\WINDOWS\$NtUninstallKB971657$
2012-05-09 03:23:41 ----D---- D:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2012-05-09 03:19:26 ----HDC---- D:\WINDOWS\$NtUninstallKB978338$
2012-05-09 03:19:15 ----HDC---- D:\WINDOWS\$NtUninstallKB954155_WM9$
2012-05-09 03:18:59 ----HDC---- D:\WINDOWS\$NtUninstallKB2507938$
2012-05-09 03:18:41 ----HDC---- D:\WINDOWS\$NtUninstallKB972270$
2012-05-09 03:14:30 ----HDC---- D:\WINDOWS\$NtUninstallKB2510581$
2012-05-09 03:14:24 ----HDC---- D:\WINDOWS\$NtUninstallKB956744$
2012-05-09 03:14:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2476490$
2012-05-09 03:14:13 ----HDC---- D:\WINDOWS\$NtUninstallKB974112$
2012-05-09 03:14:02 ----HDC---- D:\WINDOWS\$NtUninstallKB956572$
2012-05-09 03:13:53 ----HDC---- D:\WINDOWS\$NtUninstallKB2347290$
2012-05-09 03:13:46 ----HDC---- D:\WINDOWS\$NtUninstallKB956844$
2012-05-09 03:13:36 ----HDC---- D:\WINDOWS\$NtUninstallKB2641690$
2012-05-09 03:13:17 ----HDC---- D:\WINDOWS\$NtUninstallKB2483185$
2012-05-09 03:13:05 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2012-05-09 03:12:52 ----HDC---- D:\WINDOWS\$NtUninstallKB2079403$
2012-05-09 03:12:41 ----HDC---- D:\WINDOWS\$NtUninstallKB2624667$
2012-05-09 03:11:24 ----HDC---- D:\WINDOWS\$NtUninstallKB979687$
2012-05-09 03:11:15 ----HDC---- D:\WINDOWS\$NtUninstallKB973869$
2012-05-09 03:11:10 ----HDC---- D:\WINDOWS\$NtUninstallKB975025$
2012-05-09 03:11:03 ----HDC---- D:\WINDOWS\$NtUninstallKB952004$
2012-05-09 03:07:45 ----HDC---- D:\WINDOWS\$NtUninstallKB974571$
2012-05-09 03:07:39 ----HDC---- D:\WINDOWS\$NtUninstallKB2592799$
2012-05-09 03:07:28 ----HDC---- D:\WINDOWS\$NtUninstallKB975560$
2012-05-09 03:07:12 ----HDC---- D:\WINDOWS\$NtUninstallKB973507$
2012-05-09 03:07:09 ----D---- D:\Program Files\Common Files\Adobe AIR
2012-05-09 03:06:57 ----HDC---- D:\WINDOWS\$NtUninstallKB2535512$
2012-05-09 03:06:50 ----HDC---- D:\WINDOWS\$NtUninstallKB977816$
2012-05-09 03:06:42 ----HDC---- D:\WINDOWS\$NtUninstallKB973687$
2012-05-09 03:06:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2412687$
2012-05-09 03:06:26 ----HDC---- D:\WINDOWS\$NtUninstallKB2570947$
2012-05-09 03:06:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2621440$
2012-05-09 03:06:10 ----HDC---- D:\WINDOWS\$NtUninstallKB981322$
2012-05-09 03:06:01 ----HDC---- D:\WINDOWS\$NtUninstallKB978695_WM9$
2012-05-09 03:05:54 ----HDC---- D:\WINDOWS\$NtUninstallKB2507618$
2012-05-09 03:05:45 ----HDC---- D:\WINDOWS\$NtUninstallKB2603381$
2012-05-09 03:05:37 ----HDC---- D:\WINDOWS\$NtUninstallKB973904$
2012-05-09 03:05:28 ----HDC---- D:\WINDOWS\$NtUninstallKB973540_WM9$
2012-05-09 03:05:20 ----HDC---- D:\WINDOWS\$NtUninstallKB2419632$
2012-05-09 03:05:12 ----HDC---- D:\WINDOWS\$NtUninstallKB929399$
2012-05-09 03:05:00 ----HDC---- D:\WINDOWS\$NtUninstallKB939683$
2012-05-09 03:04:47 ----HDC---- D:\WINDOWS\$NtUninstallKB2508429$
2012-05-09 03:04:38 ----HDC---- D:\WINDOWS\$NtUninstallKB2653956$
2012-05-09 03:04:29 ----HDC---- D:\WINDOWS\$NtUninstallKB974392$
2012-05-09 03:03:57 ----HDC---- D:\WINDOWS\$NtUninstallKB971029$
2012-05-09 03:03:30 ----HDC---- D:\WINDOWS\$NtUninstallKB2506212$
2012-05-09 03:03:25 ----HDC---- D:\WINDOWS\$NtUninstallKB952069_WM9$
2012-05-09 03:03:20 ----HDC---- D:\WINDOWS\$NtUninstallKB2633952$
2012-05-09 03:03:14 ----HDC---- D:\WINDOWS\$NtUninstallKB977914$
2012-05-09 03:03:01 ----HDC---- D:\WINDOWS\$NtUninstallKB978542$
2012-05-09 03:02:51 ----HDC---- D:\WINDOWS\$NtUninstallKB979309$
2012-05-09 03:02:18 ----D---- D:\WINDOWS\ie7updates
2012-05-09 03:02:05 ----HDC---- D:\WINDOWS\$NtUninstallKB979482$
2012-05-09 03:02:00 ----HDC---- D:\WINDOWS\$NtUninstallKB981997$
2012-05-09 03:01:54 ----HDC---- D:\WINDOWS\$NtUninstallKB960803$
2012-05-09 03:01:49 ----HDC---- D:\WINDOWS\$NtUninstallKB973815$
2012-05-09 03:01:44 ----HDC---- D:\WINDOWS\$NtUninstallKB2618451$
2012-05-09 03:01:40 ----HDC---- D:\WINDOWS\$NtUninstallKB956802$
2012-05-09 03:01:35 ----HDC---- D:\WINDOWS\$NtUninstallKB2509553$
2012-05-09 03:01:30 ----HDC---- D:\WINDOWS\$NtUninstallKB982665$
2012-05-09 03:01:26 ----HDC---- D:\WINDOWS\$NtUninstallKB2478960$
2012-05-09 03:01:18 ----HDC---- D:\WINDOWS\$NtUninstallKB2393802$
2012-05-09 03:01:12 ----HDC---- D:\WINDOWS\$NtUninstallKB923561$
2012-05-09 03:01:08 ----HDC---- D:\WINDOWS\$NtUninstallKB2620712$
2012-05-09 03:01:04 ----HDC---- D:\WINDOWS\$NtUninstallKB2566454$
2012-05-09 03:01:00 ----HDC---- D:\WINDOWS\$NtUninstallKB2661637$
2012-05-09 03:00:56 ----HDC---- D:\WINDOWS\$NtUninstallKB2584146$
2012-05-09 03:00:49 ----HDC---- D:\WINDOWS\$NtUninstallKB2633171$
2012-05-09 03:00:44 ----HDC---- D:\WINDOWS\$NtUninstallKB975467$
2012-05-09 03:00:39 ----HDC---- D:\WINDOWS\$NtUninstallKB968389$
2012-05-09 03:00:34 ----HDC---- D:\WINDOWS\$NtUninstallKB2423089$
2012-05-09 03:00:25 ----HDC---- D:\WINDOWS\$NtUninstallKB2360937$
2012-05-08 16:19:49 ----D---- D:\Documents and Settings\Admin\Data aplikací\FileZilla
2012-05-08 16:17:22 ----D---- D:\Program Files\FileZilla FTP Client
2012-05-08 16:06:55 ----D---- D:\Program Files\FileZilla Server
2012-05-08 14:57:54 ----D---- D:\Program Files\Clownfish
2012-05-08 08:09:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\MTA San Andreas All
2012-05-08 08:08:31 ----D---- D:\Program Files\MTA San Andreas 1.3
2012-05-08 07:42:59 ----D---- D:\Program Files\Rockstar Games
2012-05-08 03:14:21 ----N---- D:\WINDOWS\system32\browserchoice.exe
2012-05-08 03:01:55 ----N---- D:\WINDOWS\system32\iacenc.dll
2012-05-08 03:00:25 ----D---- D:\WINDOWS\system32\PreInstall
2012-05-08 03:00:23 ----HDC---- D:\WINDOWS\$NtUninstallKB898461$
2012-05-07 17:26:44 ----D---- D:\WINDOWS\SxsCaPendDel
2012-05-07 17:26:11 ----A---- D:\WINDOWS\system32\XAudio2_0.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\xactengine3_0.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\X3DAudio1_3.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\d3dx10_37.dll
2012-05-07 17:26:10 ----A---- D:\WINDOWS\system32\D3DCompiler_37.dll
2012-05-07 17:26:09 ----A---- D:\WINDOWS\system32\xactengine2_10.dll
2012-05-07 17:26:09 ----A---- D:\WINDOWS\system32\D3DX9_37.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\d3dx9_36.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\d3dx10_36.dll
2012-05-07 17:26:08 ----A---- D:\WINDOWS\system32\D3DCompiler_36.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\xactengine2_9.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\d3dx9_35.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\d3dx10_35.dll
2012-05-07 17:26:07 ----A---- D:\WINDOWS\system32\D3DCompiler_35.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\xactengine2_8.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\X3DAudio1_2.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\d3dx10_34.dll
2012-05-07 17:26:06 ----A---- D:\WINDOWS\system32\D3DCompiler_34.dll
2012-05-07 17:26:05 ----A---- D:\WINDOWS\system32\xinput1_3.dll
2012-05-07 17:26:05 ----A---- D:\WINDOWS\system32\d3dx9_34.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\xactengine2_7.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\d3dx10_33.dll
2012-05-07 17:26:04 ----A---- D:\WINDOWS\system32\D3DCompiler_33.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\xactengine2_6.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\xactengine2_5.dll
2012-05-07 17:26:02 ----A---- D:\WINDOWS\system32\d3dx9_33.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\xactengine2_4.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\x3daudio1_1.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\d3dx9_32.dll
2012-05-07 17:26:01 ----A---- D:\WINDOWS\system32\d3dx9_31.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xinput1_2.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xinput1_1.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xactengine2_3.dll
2012-05-07 17:26:00 ----A---- D:\WINDOWS\system32\xactengine2_2.dll
2012-05-07 17:25:59 ----A---- D:\WINDOWS\system32\xactengine2_1.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\xactengine2_0.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\x3daudio1_0.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\d3dx9_30.dll
2012-05-07 17:25:53 ----A---- D:\WINDOWS\system32\d3dx9_29.dll
2012-05-07 17:25:52 ----A---- D:\WINDOWS\system32\d3dx9_28.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_27.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_26.dll
2012-05-07 17:25:51 ----A---- D:\WINDOWS\system32\d3dx9_25.dll
2012-05-07 17:25:44 ----A---- D:\WINDOWS\system32\d3dx9_24.dll
2012-05-07 17:18:00 ----D---- D:\WINDOWS\Sun
2012-05-07 15:50:57 ----D---- D:\WINDOWS\system32\SoftwareDistribution
2012-05-07 15:44:29 ----D---- D:\Documents and Settings\All Users\Data aplikací\IObit
2012-05-07 15:44:28 ----D---- D:\Program Files\IObit
2012-05-07 14:38:18 ----D---- D:\Documents and Settings\Admin\Data aplikací\WinRAR
2012-05-07 12:36:39 ----D---- D:\Program Files\BitTorrent
2012-05-07 12:34:40 ----D---- D:\Documents and Settings\Admin\Data aplikací\BitTorrent
2012-05-07 12:29:24 ----A---- D:\WINDOWS\system32\drivers\dtsoftbus01.sys
2012-05-07 12:29:21 ----D---- D:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
2012-05-07 12:29:20 ----D---- D:\Program Files\DAEMON Tools Lite
2012-05-07 12:28:39 ----D---- D:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2012-05-07 11:51:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\.techniclauncher
2012-05-07 10:19:21 ----A---- D:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-07 00:22:20 ----A---- D:\WINDOWS\system32\h323log.txt
2012-05-07 00:14:08 ----A---- D:\WINDOWS\system32\drivers\splitter.sys
2012-05-07 00:14:07 ----A---- D:\WINDOWS\system32\drivers\aec.sys
2012-05-07 00:14:06 ----A---- D:\WINDOWS\system32\drivers\swmidi.sys
2012-05-07 00:14:05 ----A---- D:\WINDOWS\system32\drivers\DMusic.sys
2012-05-07 00:14:04 ----A---- D:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-05-07 00:14:03 ----A---- D:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-05-07 00:14:02 ----A---- D:\WINDOWS\system32\drivers\sysaudio.sys
2012-05-07 00:14:01 ----A---- D:\WINDOWS\system32\drivers\kmixer.sys
2012-05-07 00:13:59 ----A---- D:\WINDOWS\system32\drivers\wdmaud.sys
2012-05-07 00:13:58 ----A---- D:\WINDOWS\system32\drivers\drmkaud.sys
2012-05-07 00:13:57 ----A---- D:\WINDOWS\system32\drivers\MSPQM.sys
2012-05-07 00:13:54 ----A---- D:\WINDOWS\system32\drivers\audstub.sys
2012-05-07 00:13:44 ----A---- D:\WINDOWS\system32\hidserv.dll
2012-05-07 00:13:31 ----D---- D:\WINDOWS\system32\RTCOM
2012-05-07 00:13:31 ----A---- D:\WINDOWS\system32\ksuser.dll
2012-05-07 00:13:31 ----A---- D:\WINDOWS\system32\drivers\portcls.sys
2012-05-07 00:13:30 ----A---- D:\WINDOWS\system32\drivers\drmk.sys
2012-05-07 00:12:55 ----A---- D:\WINDOWS\system32\drivers\redbook.sys
2012-05-07 00:12:29 ----A---- D:\WINDOWS\system32\drivers\enum1394.sys
2012-05-07 00:12:02 ----A---- D:\WINDOWS\system32\usbui.dll
2012-05-07 00:10:14 ----SHD---- D:\WINDOWS\Installer
2012-05-07 00:10:14 ----D---- D:\Program Files\Common Files\ODBC
2012-05-07 00:10:14 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2012-05-07 00:10:14 ----A---- D:\WINDOWS\ODBCINST.INI
2012-05-07 00:10:10 ----D---- D:\Program Files\Common Files\SpeechEngines
2012-05-07 00:10:09 ----D---- D:\Program Files\Common Files\Microsoft Shared
2012-05-07 00:10:09 ----D---- D:\Program Files\Common Files
2012-05-07 00:10:09 ----D---- D:\Program Files
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdtuq.dll
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdtuf.dll
2012-05-07 00:10:05 ----RA---- D:\WINDOWS\system32\kbdazel.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbduzb.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdtat.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdmon.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdkyr.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdkaz.dll
2012-05-07 00:10:03 ----RA---- D:\WINDOWS\system32\kbdaze.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdycc.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdur.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdru1.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdru.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdbu.dll
2012-05-07 00:10:02 ----RA---- D:\WINDOWS\system32\kbdblr.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhept.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhela3.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhela2.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe319.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe220.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdhe.dll
2012-05-07 00:10:00 ----RA---- D:\WINDOWS\system32\kbdgkl.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlv1.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlv.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlt1.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdlt.dll
2012-05-07 00:09:58 ----RA---- D:\WINDOWS\system32\kbdest.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdycl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdsl1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdsl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdro.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdpl1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdpl.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdhu1.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdhu.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\kbdcr.dll
2012-05-07 00:09:51 ----RA---- D:\WINDOWS\system32\KBDAL.DLL
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\irclass.dll
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\dgsetup.dll
2012-05-07 00:09:49 ----A---- D:\WINDOWS\system32\dgrpsetu.dll
2012-05-07 00:09:48 ----A---- D:\WINDOWS\system32\spxcoins.dll
2012-05-07 00:09:48 ----A---- D:\WINDOWS\system32\EqnClass.Dll
2012-05-07 00:09:46 ----A---- D:\WINDOWS\TASKMAN.EXE
2012-05-07 00:09:45 ----A---- D:\WINDOWS\system32\drivers\irenum.sys
2012-05-07 00:09:45 ----A---- D:\WINDOWS\system32\batt.dll
2012-05-07 00:09:44 ----A---- D:\WINDOWS\system32\storprop.dll
2012-05-07 00:09:44 ----A---- D:\WINDOWS\notepad.exe
2012-05-07 00:09:38 ----ASH---- D:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-05-07 00:09:24 ----D---- D:\WINDOWS\system32\CatRoot2
2012-05-07 00:09:24 ----D---- D:\WINDOWS\system32\CatRoot
2012-05-07 00:09:18 ----SD---- D:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-05-07 00:07:32 ----A---- D:\WINDOWS\system32\drivers\RtkHDAud.sys
2012-05-07 00:07:25 ----A---- D:\WINDOWS\SOUNDMAN.EXE
2012-05-07 00:07:25 ----A---- D:\WINDOWS\SkyTel.exe
2012-05-07 00:07:24 ----A---- D:\WINDOWS\RtlUpd.exe
2012-05-07 00:07:24 ----A---- D:\WINDOWS\RTLCPL.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\RTHDCPL.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\MicCal.exe
2012-05-07 00:07:23 ----A---- D:\WINDOWS\ALCWZRD.EXE
2012-05-07 00:07:23 ----A---- D:\WINDOWS\ALCMTR.EXE
2012-05-07 00:06:39 ----A---- D:\WINDOWS\system32\drivers\Rtnicxp.sys
2012-05-07 00:06:39 ----A---- D:\WINDOWS\system32\drivers\Rtenicxp.sys
2012-05-07 00:03:12 ----A---- D:\WINDOWS\system32\drivers\AmdK8.sys
2012-05-07 00:03:04 ----D---- D:\Documents and Settings
2012-05-07 00:03:03 ----SHD---- D:\System Volume Information
2012-05-07 00:03:03 ----A---- D:\WINDOWS\system32\FNTCACHE.DAT
2012-05-06 23:56:43 ----SD---- D:\WINDOWS\Downloaded Program Files
2012-05-06 23:56:43 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-05-06 23:56:43 ----RSD---- D:\WINDOWS\Fonts
2012-05-06 23:56:43 ----RD---- D:\WINDOWS\Web
2012-05-06 23:56:43 ----HD---- D:\WINDOWS\inf
2012-05-06 23:56:43 ----D---- D:\WINDOWS\WinSxS
2012-05-06 23:56:43 ----D---- D:\WINDOWS\WBEM
2012-05-06 23:56:43 ----D---- D:\WINDOWS\twain_32
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Temp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\wins
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\wbem
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\usmt
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\spool
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ShellExt
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\Setup
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ras
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\oobe
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\npp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\mui
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\inetsrv
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\IME
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\icsxml
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\ias
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\export
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\UMDF
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\etc
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers\disdn
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\drivers
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\dhcp
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\cs-cz
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\cs
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\config
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\3com_dmi
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\3076
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\2052
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1054
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1042
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1041
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1037
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1033
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1031
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1029
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1028
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32\1025
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system32
2012-05-06 23:56:43 ----D---- D:\WINDOWS\system
2012-05-06 23:56:43 ----D---- D:\WINDOWS\security
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Resources
2012-05-06 23:56:43 ----D---- D:\WINDOWS\repair
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Provisioning
2012-05-06 23:56:43 ----D---- D:\WINDOWS\pchealth
2012-05-06 23:56:43 ----D---- D:\WINDOWS\PeerNet
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Offline Web Pages
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Network Diagnostic
2012-05-06 23:56:43 ----D---- D:\WINDOWS\mui
2012-05-06 23:56:43 ----D---- D:\WINDOWS\msapps
2012-05-06 23:56:43 ----D---- D:\WINDOWS\msagent
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Media
2012-05-06 23:56:43 ----D---- D:\WINDOWS\L2Schemas
2012-05-06 23:56:43 ----D---- D:\WINDOWS\java
2012-05-06 23:56:43 ----D---- D:\WINDOWS\ime
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Help
2012-05-06 23:56:43 ----D---- D:\WINDOWS\ehome
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Driver Cache
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Debug
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Cursors
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Connection Wizard
2012-05-06 23:56:43 ----D---- D:\WINDOWS\Config
2012-05-06 23:56:43 ----D---- D:\WINDOWS\AppPatch
2012-05-06 23:56:43 ----D---- D:\WINDOWS\addins
2012-05-06 23:56:43 ----D---- D:\WINDOWS
2012-05-06 23:56:43 ----ASH---- D:\pagefile.sys
2012-05-06 23:20:48 ----D---- D:\Documents and Settings\Admin\Data aplikací\Macromedia
2012-05-06 23:20:48 ----D---- D:\Documents and Settings\Admin\Data aplikací\Adobe
2012-05-06 23:13:56 ----A---- D:\WINDOWS\system32\drivers\nvhda32.sys
2012-05-06 23:13:55 ----A---- D:\WINDOWS\system32\nvhdap32.dll
2012-05-06 23:13:55 ----A---- D:\WINDOWS\system32\nvcohda.dll
2012-05-06 23:13:50 ----D---- D:\NVIDIA
2012-05-06 23:09:10 ----A---- D:\WINDOWS\nsreg.dat
2012-05-06 23:09:07 ----D---- D:\Documents and Settings\Admin\Data aplikací\Mozilla
2012-05-06 23:01:58 ----D---- D:\WINDOWS\system32\Lang
2012-05-06 23:01:58 ----D---- D:\Documents and Settings\Admin\Data aplikací\Skype
2012-05-06 23:01:36 ----A---- D:\WINDOWS\system32\wmpns.dll
2012-05-06 23:01:35 ----D---- D:\Documents and Settings\Admin\Data aplikací\Identities
2012-05-06 23:01:32 ----HD---- D:\Program Files\Uninstall Information
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\TwnLib4.dll
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\imagXRA7.dll
2012-05-06 22:59:54 ----A---- D:\WINDOWS\system32\imagXR7.dll
2012-05-06 22:59:53 ----D---- D:\Program Files\Nero
2012-05-06 22:59:53 ----D---- D:\Program Files\Common Files\Nero
2012-05-06 22:59:53 ----D---- D:\Documents and Settings\All Users\Data aplikací\Nero
2012-05-06 22:59:53 ----A---- D:\WINDOWS\system32\imagXpr7.dll
2012-05-06 22:59:53 ----A---- D:\WINDOWS\system32\imagX7.dll
2012-05-06 22:59:37 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2012-05-06 22:59:29 ----HD---- D:\Program Files\InstallShield Installation Information
2012-05-06 22:59:29 ----D---- D:\Program Files\NVIDIA Corporation
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\msvcp71.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\MFC71.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\DSETUP.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\drivers\pfc.sys
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\drivers\nvport.sys
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\DolbyHph.dll
2012-05-06 22:59:29 ----A---- D:\WINDOWS\system32\atl71.dll
2012-05-06 22:59:27 ----A---- D:\WINDOWS\system32\msvcr71.dll
2012-05-06 22:59:24 ----D---- D:\Program Files\Common Files\InstallShield
2012-05-06 22:59:00 ----D---- D:\Documents and Settings\Admin\Data aplikací\Sun
2012-05-06 22:58:44 ----HDC---- D:\WINDOWS\$NtUninstallXPSEPSCLP$
2012-05-06 22:57:38 ----D---- D:\Program Files\MSBuild
2012-05-06 22:57:36 ----D---- D:\WINDOWS\system32\XPSViewer
2012-05-06 22:57:33 ----D---- D:\WINDOWS\system32\en-us
2012-05-06 22:57:33 ----D---- D:\Program Files\Reference Assemblies
2012-05-06 22:57:15 ----N---- D:\WINDOWS\system32\spmsg2.dll
2012-05-06 22:54:03 ----D---- D:\Program Files\WinRAR
2012-05-06 22:53:31 ----D---- D:\Program Files\OpenOffice.org 3
2012-05-06 22:52:54 ----D---- D:\Documents and Settings\All Users\Data aplikací\Adobe
2012-05-06 22:52:49 ----D---- D:\Program Files\Common Files\Adobe
2012-05-06 22:52:49 ----D---- D:\Program Files\Adobe
2012-05-06 22:52:11 ----D---- D:\Program Files\Common Files\Software Update Utility
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\vxblock.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxwave.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxsfs.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxmas.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxinsa64.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxhpinst.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxdrv.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxcpya64.exe
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\pxafs.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\px.dll
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\drivers\cdralw2k.sys
2012-05-06 22:51:46 ----N---- D:\WINDOWS\system32\drivers\cdr4_xp.sys
2012-05-06 22:51:44 ----D---- D:\Program Files\Winamp
2012-05-06 22:51:44 ----D---- D:\Documents and Settings\Admin\Data aplikací\Winamp
2012-05-06 22:51:38 ----D---- D:\Documents and Settings\All Users\Data aplikací\Google
2012-05-06 22:51:35 ----D---- D:\Program Files\Google
2012-05-06 22:51:24 ----D---- D:\Documents and Settings\All Users\Data aplikací\Skype
2012-05-06 22:51:16 ----D---- D:\Program Files\Mozilla Firefox
2012-05-06 22:51:07 ----A---- D:\WPI_Log.txt
2012-05-06 22:48:19 ----SD---- D:\Documents and Settings\Admin\Data aplikací\Microsoft
2012-05-06 22:48:19 ----ASH---- D:\Documents and Settings\Admin\Data aplikací\desktop.ini
2012-05-06 22:46:25 ----D---- D:\WINDOWS\SoftwareDistribution
2012-05-06 22:46:10 ----SD---- D:\WINDOWS\system32\Microsoft
2012-05-06 22:46:10 ----D---- D:\WINDOWS\Prefetch
2012-05-06 22:46:10 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-05-06 22:44:58 ----AS---- D:\WINDOWS\bootstat.dat
2012-05-06 22:41:40 ----D---- D:\WINDOWS\system32\xircom
2012-05-06 22:41:40 ----D---- D:\Program Files\xerox
2012-05-06 22:41:40 ----D---- D:\Program Files\microsoft frontpage
2012-05-06 22:40:56 ----N---- D:\WINDOWS\system32\drivers\pxhelp20.sys
2012-05-06 22:40:12 ----D---- D:\Program Files\Windows Plus
2012-05-06 22:40:11 ----A---- D:\WINDOWS\system32\mypixdx.scr
2012-05-06 22:40:09 ----A---- D:\WINDOWS\system32\nature.scr
2012-05-06 22:40:07 ----A---- D:\WINDOWS\system32\davinci.scr
2012-05-06 22:40:05 ----A---- D:\WINDOWS\system32\space.scr
2012-05-06 22:40:03 ----A---- D:\WINDOWS\system32\wpgldfsh.scr
2012-05-06 22:39:24 ----A---- D:\WINDOWS\system32\mhn.dll
2012-05-06 22:39:24 ----A---- D:\WINDOWS\system32\drivers\mhndrv.sys
2012-05-06 22:39:20 ----A---- D:\WINDOWS\system32\igdetect.dll
2012-05-06 22:39:12 ----D---- D:\Program Files\Common Files\Steam
2012-05-06 22:39:11 ----D---- D:\Program Files\Steam
2012-05-06 22:38:16 ----A---- D:\WINDOWS\system32\Bliss.scr
2012-05-06 22:37:30 ----RSD---- D:\WINDOWS\assembly
2012-05-06 22:37:30 ----D---- D:\WINDOWS\system32\URTTemp
2012-05-06 22:37:30 ----D---- D:\WINDOWS\Microsoft.NET
2012-05-06 22:37:15 ----D---- D:\Documents and Settings\All Users\Data aplikací\boost_interprocess
2012-05-06 22:37:05 ----HDC---- D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2012-05-06 22:37:00 ----D---- D:\Program Files\Alky for Applications
2012-05-06 22:36:34 ----N---- D:\WINDOWS\system32\imapi2fs.dll
2012-05-06 22:36:34 ----N---- D:\WINDOWS\system32\imapi2.dll
2012-05-06 22:36:22 ----A---- D:\WINDOWS\system32\spupdsvc.exe
2012-05-06 22:35:59 ----D---- D:\Program Files\Common Files\Skype
2012-05-06 22:35:58 ----RD---- D:\Program Files\Skype
2012-05-06 22:35:46 ----N---- D:\WINDOWS\system32\spmsg.dll
2012-05-06 22:35:45 ----HD---- D:\WINDOWS\$hf_mig$
2012-05-06 22:35:38 ----A---- D:\WINDOWS\control.ini
2012-05-06 22:35:25 ----A---- D:\WINDOWS\system32\mapi32.dll
2012-05-06 22:34:29 ----HD---- D:\Program Files\WindowsUpdate
2012-05-06 22:34:26 ----D---- D:\Program Files\Online Services
2012-05-06 22:34:09 ----D---- D:\WINDOWS\system32\DirectX
2012-05-06 22:34:00 ----A---- D:\WINDOWS\system32\atrace.dll
2012-05-06 22:33:57 ----A---- D:\WINDOWS\system32\desktop.ini
2012-05-06 22:33:57 ----A---- D:\WINDOWS\desktop.ini
2012-05-06 22:33:49 ----A---- D:\WINDOWS\system32\nmevtmsg.dll
2012-05-06 22:33:47 ----D---- D:\Program Files\Common Files\Services
2012-05-06 22:33:47 ----A---- D:\WINDOWS\system32\acctres.dll
2012-05-06 22:33:44 ----SD---- D:\WINDOWS\Tasks
2012-05-06 22:33:44 ----A---- D:\WINDOWS\system32\icfgnt5.dll
2012-05-06 22:33:42 ----D---- D:\Program Files\Common Files\MSSoap
2012-05-06 22:33:37 ----D---- D:\WINDOWS\srchasst
2012-05-06 22:33:36 ----D---- D:\WINDOWS\system32\Macromed
2012-05-06 22:33:34 ----A---- D:\WINDOWS\system32\wuweb.dll
2012-05-06 22:33:34 ----A---- D:\WINDOWS\system32\wucltui.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wups.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauserv.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuaueng1.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuaueng.dll
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauclt1.exe
2012-05-06 22:33:33 ----A---- D:\WINDOWS\system32\wuauclt.exe
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\wuapi.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\qmgrprxy.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\qmgr.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx4.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx3.dll
2012-05-06 22:33:32 ----A---- D:\WINDOWS\system32\bitsprx2.dll
2012-05-06 22:33:27 ----D---- D:\Program Files\Movie Maker
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrslv.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrdm.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\safrcdlg.dll
2012-05-06 22:33:03 ----A---- D:\WINDOWS\system32\racpldlg.dll
2012-05-06 22:32:58 ----A---- D:\WINDOWS\system32\fltMc.exe
2012-05-06 22:32:58 ----A---- D:\WINDOWS\system32\fltlib.dll
2012-05-06 22:32:57 ----D---- D:\WINDOWS\system32\Restore
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srsvc.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srrstr.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\srclient.dll
2012-05-06 22:32:57 ----A---- D:\WINDOWS\system32\drivers\fltMgr.sys
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\mnmdd.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\isrdbg32.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\ils.dll
2012-05-06 22:32:56 ----A---- D:\WINDOWS\system32\drivers\sr.sys
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\nmmkcert.dll
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\msconf.dll
2012-05-06 22:32:55 ----A---- D:\WINDOWS\system32\mnmsrvc.exe
2012-05-06 22:32:51 ----D---- D:\Program Files\NetMeeting
2012-05-06 22:32:51 ----A---- D:\WINDOWS\system32\msoert2.dll
2012-05-06 22:32:51 ----A---- D:\WINDOWS\system32\msoeacct.dll
2012-05-06 22:32:49 ----A---- D:\WINDOWS\system32\inetres.dll
2012-05-06 22:32:49 ----A---- D:\WINDOWS\system32\inetcomm.dll
2012-05-06 22:32:46 ----D---- D:\Program Files\Outlook Express
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\schedsvc.dll
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\mstinit.exe
2012-05-06 22:32:46 ----A---- D:\WINDOWS\system32\mstask.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\isign32.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\inetcfg.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\icwphbk.dll
2012-05-06 22:32:45 ----A---- D:\WINDOWS\system32\icwdial.dll
2012-05-06 22:32:37 ----D---- D:\Program Files\Common Files\System
2012-05-06 22:32:36 ----D---- D:\Program Files\Internet Explorer
2012-05-06 22:32:12 ----A---- D:\WINDOWS\system32\emptyregdb.dat
2012-05-06 22:32:06 ----D---- D:\Program Files\ComPlus Applications
2012-05-06 22:32:05 ----A---- D:\WINDOWS\vbaddin.ini
2012-05-06 22:32:05 ----A---- D:\WINDOWS\vb.ini
2012-05-06 22:32:01 ----D---- D:\WINDOWS\Registration
2012-05-06 22:30:38 ----D---- D:\Program Files\VistaExperience.org
2012-05-06 22:29:12 ----D---- D:\Program Files\Windows Sidebar
2012-05-06 22:29:05 ----D---- D:\Program Files\Windows Media Connect 2
2012-05-06 22:29:04 ----D---- D:\Program Files\Windows Media Player
2012-05-06 22:29:03 ----D---- D:\Program Files\Messenger
2012-05-06 22:28:59 ----D---- D:\Program Files\MSN Gaming Zone
2012-05-06 22:28:59 ----A---- D:\WINDOWS\system32\write.exe
2012-05-06 22:28:48 ----A---- D:\WINDOWS\system32\sndvol32.exe
2012-05-06 22:28:48 ----A---- D:\WINDOWS\system32\hticons.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\winchat.exe
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avwav.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avtapi.dll
2012-05-06 22:28:47 ----A---- D:\WINDOWS\system32\avmeter.dll
2012-05-06 22:28:39 ----A---- D:\WINDOWS\system32\getuname.dll
2012-05-06 22:28:38 ----A---- D:\WINDOWS\system32\charmap.exe
2012-05-06 22:28:38 ----A---- D:\WINDOWS\system32\calc.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\winmine.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\sol.exe
2012-05-06 22:28:37 ----A---- D:\WINDOWS\system32\mshearts.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\usrlogon.cmd
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tsshutdn.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tslabels.ini
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tskill.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tsdiscon.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\tscon.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\reset.exe
2012-05-06 22:28:36 ----A---- D:\WINDOWS\system32\freecell.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\shadow.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\rwinsta.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\regini.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\rdpcfgex.dll
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\qwinsta.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\qappsrv.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\msg.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\logoff.exe
2012-05-06 22:28:35 ----A---- D:\WINDOWS\system32\cdmodem.dll
2012-05-06 22:28:34 ----A---- D:\WINDOWS\system32\msdtcprf.ini
2012-05-06 22:28:27 ----A---- D:\WINDOWS\system32\wmimgmt.msc
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\sndrec32.exe
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\mplay32.exe
2012-05-06 22:28:26 ----A---- D:\WINDOWS\system32\accwiz.exe
2012-05-06 22:28:25 ----D---- D:\Program Files\Windows NT
2012-05-06 22:28:25 ----A---- D:\WINDOWS\system32\hypertrm.dll
2012-05-06 22:28:24 ----A---- D:\WINDOWS\system32\mspaint.exe
2012-05-06 22:28:24 ----A---- D:\WINDOWS\system32\clipbrd.exe
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\spider.exe
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\drivers\tdtcp.sys
2012-05-06 22:28:23 ----A---- D:\WINDOWS\system32\drivers\tdpipe.sys
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\tsgqec.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\tscfgwmi.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\rhttpaa.dll
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\drivers\rdpwd.sys
2012-05-06 22:28:22 ----A---- D:\WINDOWS\system32\aaclient.dll
2012-05-06 22:28:21 ----A---- D:\WINDOWS\system32\mstscax.dll
2012-05-06 22:28:21 ----A---- D:\WINDOWS\system32\mstsc.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\termsrv.dll
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\sessmgr.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\remotepg.dll
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdshost.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdsaddin.exe
2012-05-06 22:28:20 ----A---- D:\WINDOWS\system32\rdchost.dll
2012-05-06 22:28:19 ----D---- D:\WINDOWS\system32\MsDtc
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpwsx.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpsnd.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\rdpclip.exe
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\qprocess.exe
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\msdtcuiu.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\icaapi.dll
2012-05-06 22:28:19 ----A---- D:\WINDOWS\system32\cfgbkend.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\xolehlp.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\mtxoci.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\msdtctm.dll
2012-05-06 22:28:18 ----A---- D:\WINDOWS\system32\msdtcprx.dll
2012-05-06 22:28:17 ----A---- D:\WINDOWS\system32\msdtclog.dll
2012-05-06 22:28:17 ----A---- D:\WINDOWS\system32\msdtc.exe
2012-05-06 22:28:16 ----D---- D:\WINDOWS\system32\Com
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\stclient.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxlegih.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxex.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\mtxdm.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\dcomcnfg.exe
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\comrepl.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\comaddin.dll
2012-05-06 22:28:16 ----A---- D:\WINDOWS\system32\colbact.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\clbcatex.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrvut.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrvps.dll
2012-05-06 22:28:15 ----A---- D:\WINDOWS\system32\catsrv.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comuid.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comsvcs.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\comsnap.dll
2012-05-06 22:28:14 ----A---- D:\WINDOWS\system32\clbcatq.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\servdeps.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\mmfutil.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\licwmi.dll
2012-05-06 22:28:06 ----A---- D:\WINDOWS\system32\cmprops.dll
2012-05-06 22:28:02 ----A---- D:\WINDOWS\system32\drivers\termdd.sys
2012-05-06 22:28:01 ----A---- D:\WINDOWS\system32\drivers\rdpdr.sys
2012-05-06 22:11:59 ----D---- D:\Documents and Settings\Admin\Data aplikací\Avira
2012-05-06 21:48:24 ----D---- D:\Documents and Settings\Admin\Data aplikací\minecraft2
2012-05-06 21:45:34 ----D---- D:\Hry
2012-05-06 21:40:07 ----SHD---- D:\RECYCLER
2012-05-06 21:34:13 ----D---- D:\Documents and Settings\All Users\Data aplikací\Sun
2012-05-06 21:33:54 ----A---- D:\WINDOWS\system32\npdeployJava1.dll
2012-05-06 21:33:54 ----A---- D:\WINDOWS\system32\deployJava1.dll
2012-05-06 21:33:44 ----D---- D:\Program Files\Java
2012-05-06 21:20:10 ----D---- D:\Program Files\Mozilla Maintenance Service
2012-05-06 21:20:10 ----D---- D:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-05-06 21:05:35 ----A---- D:\WINDOWS\system32\drivers\ssmdrv.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avkmgr.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avipbb.sys
2012-05-06 21:05:33 ----A---- D:\WINDOWS\system32\drivers\avgntflt.sys
2012-05-06 21:05:32 ----D---- D:\Program Files\Avira
2012-05-06 21:05:32 ----D---- D:\Documents and Settings\All Users\Data aplikací\Avira
2012-05-06 21:03:33 ----D---- D:\Documents and Settings\Admin\Data aplikací\skypePM
2012-05-06 21:03:33 ----A---- D:\Documents and Settings\All Users\Data aplikací\ezsid.dat
======List of files/folders modified in the last 3 months======
2012-06-08 21:43:45 ----A---- D:\WINDOWS\win.ini
2012-06-08 21:43:45 ----A---- D:\WINDOWS\system.ini
2012-05-27 16:44:26 ----A---- D:\WINDOWS\system32\ir32_32.dll
2012-05-06 22:35:12 ----ASH---- D:\WINDOWS\fonts\desktop.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; D:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; D:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-08 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); D:\WINDOWS\system32\drivers\sfdrv01.sys [2006-05-10 51200]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); D:\WINDOWS\system32\drivers\sfhlp02.sys [2006-05-10 6656]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); D:\WINDOWS\system32\drivers\sfsync04.sys [2006-05-10 52224]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-12-14 77568]
R1 AmdK8;AMD Processor Driver; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 36864]
R1 avipbb;avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-05-09 137928]
R1 avkmgr;avkmgr; D:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-16 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; D:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-05-07 242240]
R1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\D:\WINDOWS\system32\Drivers\nvport.sys []
R1 SCDEmu;SCDEmu; D:\WINDOWS\system32\drivers\SCDEmu.sys [2012-05-31 113104]
R1 ssmdrv;ssmdrv; D:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 avgntflt;avgntflt; D:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-05-09 83392]
R3 aracpi;aracpi; D:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-12-27 22784]
R3 arhidfltr;MS Ar HID Filter Driver; D:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-12-27 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; D:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-12-27 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; D:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-12-27 4992]
R3 Arp1394;Protokol 1394 ARP Client; D:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-12-27 60800]
R3 ARPolicy;ARPolicy; D:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-12-27 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-04-17 4707328]
R3 MBAMProtector;MBAMProtector; \??\D:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-12-27 12160]
R3 NIC1394;1394 Net Driver; D:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-12-27 61824]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-30 10279520]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; D:\WINDOWS\system32\drivers\nvhda32.sys [2009-11-12 57320]
R3 pfc;Padus ASPI Shell; D:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2007-11-21 104320]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-01-04 105856]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbprint;Třída USB Printer; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-12-14 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-12-14 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirService;Avira Realtime Protection; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-09 110032]
R2 AntiVirSchedulerService;Avira Scheduler; D:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-09 86224]
R2 ARSVC;ARSVC; D:\WINDOWS\arservice.exe [2008-12-27 58880]
R2 ehRecvr;Služba přijímače aplikace Media Center; D:\WINDOWS\eHome\ehRecvr.exe [2008-12-22 238592]
R2 ehSched;Služba plánování aplikace Media Center; D:\WINDOWS\eHome\ehSched.exe [2008-12-22 103424]
R2 FileZilla Server;FileZilla Server FTP server; D:\Program Files\FileZilla Server\FileZilla Server.exe [2012-02-26 632320]
R2 MBAMService;MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 McrdSvc;Media Center Extender Service; D:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NMSAccess;NMSAccess; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 nvsvc;NVIDIA Display Driver Service; D:\WINDOWS\system32\nvsvc32.exe [2010-01-31 154216]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2012-06-21 76888]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); D:\Program Files\CyberLink\Shared files\RichVideo.exe [2012-04-24 254512]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0; D:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-06-27 935008]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 sfrem01;SF FrontLine Drivers Auto Removal (v1); D:\WINDOWS\system32\sfrem01.exe [2006-05-10 353912]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-16 113120]
S3 Steam Client Service;Steam Client Service; D:\Program Files\Common Files\Steam\SteamService.exe [2012-05-31 529232]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Zdravim a pekny den preji 
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Ještě jsem zapomněl. Po startu se mi ukázala tabulka že je problém s rundll32 tak nějak.
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Kontrola -- Datum: 06/29/2012 15:03:57
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 5 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-21-854245398-1788223648-682003330-1004[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> FOUND
[] HKLM\[...]\Windows : () -> ACCESS DENIED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[] HKLM\[...]\Windows : () -> ACCESS DENIED
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xB8776DBC)
SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xB8776D76)
SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xB8776DC6)
SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xB8776D6C)
SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xB8776D7B)
SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xB8776D85)
SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xB8776DB7)
SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xB8776D8A)
SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xB8776D58)
SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xB8776D5D)
SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (Unknown @ 0xB8776DDF)
SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xB8776D94)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (Unknown @ 0xB8776DD0)
SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xB8776D8F)
SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xB8776DCB)
SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (Unknown @ 0xB8776DD5)
SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xB8776D80)
SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (Unknown @ 0xB8776DDA)
SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xB8776D67)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xB8776DEE)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xB8776DF3)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3360320AS +++++
--- User ---
[MBR] d5a9ac01517adbb17b103017d599bc46
[BSP] 6ff7e8e7112f9a6f45fe85ef5b2cc87c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 243391 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Mám dát nahoře tlačítko smazat?
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Kontrola -- Datum: 06/29/2012 15:03:57
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 5 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-21-854245398-1788223648-682003330-1004[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> FOUND
[] HKLM\[...]\Windows : () -> ACCESS DENIED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[] HKLM\[...]\Windows : () -> ACCESS DENIED
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xB8776DBC)
SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xB8776D76)
SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xB8776DC6)
SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xB8776D6C)
SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xB8776D7B)
SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xB8776D85)
SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xB8776DB7)
SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xB8776D8A)
SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xB8776D58)
SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xB8776D5D)
SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (Unknown @ 0xB8776DDF)
SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xB8776D94)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (Unknown @ 0xB8776DD0)
SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xB8776D8F)
SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xB8776DCB)
SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (Unknown @ 0xB8776DD5)
SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xB8776D80)
SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (Unknown @ 0xB8776DDA)
SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xB8776D67)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xB8776DEE)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xB8776DF3)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3360320AS +++++
--- User ---
[MBR] d5a9ac01517adbb17b103017d599bc46
[BSP] 6ff7e8e7112f9a6f45fe85ef5b2cc87c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 243391 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Mám dát nahoře tlačítko smazat?
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Spustte znovu RogueKiller
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Proxy a Zprava - otevre se log, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Zde je log z hledání a smazání:
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Odebrat -- Datum: 06/29/2012 15:41:41
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 4 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> DELETED
[] HKLM\[...]\Windows : () -> ACCESS DENIED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[] HKLM\[...]\Windows : () -> ACCESS DENIED
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xB8776DBC)
SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xB8776D76)
SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xB8776DC6)
SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xB8776D6C)
SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xB8776D7B)
SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xB8776D85)
SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xB8776DB7)
SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xB8776D8A)
SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xB8776D58)
SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xB8776D5D)
SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (Unknown @ 0xB8776DDF)
SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xB8776D94)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (Unknown @ 0xB8776DD0)
SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xB8776D8F)
SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xB8776DCB)
SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (Unknown @ 0xB8776DD5)
SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xB8776D80)
SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (Unknown @ 0xB8776DDA)
SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xB8776D67)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xB8776DEE)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xB8776DF3)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3360320AS +++++
--- User ---
[MBR] d5a9ac01517adbb17b103017d599bc46
[BSP] 6ff7e8e7112f9a6f45fe85ef5b2cc87c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 243391 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
Zde je log z opravy host:
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Oprava HOSTS -- Datum: 06/29/2012 15:42:27
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
Zde je log z opravy proxy:
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Oprava Proxy -- Datum: 06/29/2012 15:42:59
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Odebrat -- Datum: 06/29/2012 15:41:41
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 4 ¤¤¤
[BLACKLIST DLL] HKCU\[...]\Run : MSIDLL (rundll32.exe msipfh32.dll,aaIoezw) -> DELETED
[] HKLM\[...]\Windows : () -> ACCESS DENIED
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[] HKLM\[...]\Windows : () -> ACCESS DENIED
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
SSDT[25] : NtClose @ 0x805BC530 -> HOOKED (Unknown @ 0xB8776DBC)
SSDT[41] : NtCreateKey @ 0x806240F0 -> HOOKED (Unknown @ 0xB8776D76)
SSDT[50] : NtCreateSection @ 0x805AB3C8 -> HOOKED (Unknown @ 0xB8776DC6)
SSDT[53] : NtCreateThread @ 0x805D1018 -> HOOKED (Unknown @ 0xB8776D6C)
SSDT[63] : NtDeleteKey @ 0x8062458C -> HOOKED (Unknown @ 0xB8776D7B)
SSDT[65] : NtDeleteValueKey @ 0x8062475C -> HOOKED (Unknown @ 0xB8776D85)
SSDT[68] : NtDuplicateObject @ 0x805BE008 -> HOOKED (Unknown @ 0xB8776DB7)
SSDT[98] : NtLoadKey @ 0x80626314 -> HOOKED (Unknown @ 0xB8776D8A)
SSDT[122] : NtOpenProcess @ 0x805CB440 -> HOOKED (Unknown @ 0xB8776D58)
SSDT[128] : NtOpenThread @ 0x805CB6CC -> HOOKED (Unknown @ 0xB8776D5D)
SSDT[177] : NtQueryValueKey @ 0x80622314 -> HOOKED (Unknown @ 0xB8776DDF)
SSDT[193] : NtReplaceKey @ 0x806261C4 -> HOOKED (Unknown @ 0xB8776D94)
SSDT[200] : NtRequestWaitReplyPort @ 0x805A2D76 -> HOOKED (Unknown @ 0xB8776DD0)
SSDT[204] : NtRestoreKey @ 0x80625AD0 -> HOOKED (Unknown @ 0xB8776D8F)
SSDT[213] : NtSetContextThread @ 0x805D173A -> HOOKED (Unknown @ 0xB8776DCB)
SSDT[237] : NtSetSecurityObject @ 0x805C062E -> HOOKED (Unknown @ 0xB8776DD5)
SSDT[247] : NtSetValueKey @ 0x80622662 -> HOOKED (Unknown @ 0xB8776D80)
SSDT[255] : NtSystemDebugControl @ 0x806180BA -> HOOKED (Unknown @ 0xB8776DDA)
SSDT[257] : NtTerminateProcess @ 0x805D29E2 -> HOOKED (Unknown @ 0xB8776D67)
S_SSDT[549] : Unknown -> HOOKED (Unknown @ 0xB8776DEE)
S_SSDT[552] : Unknown -> HOOKED (Unknown @ 0xB8776DF3)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST3360320AS +++++
--- User ---
[MBR] d5a9ac01517adbb17b103017d599bc46
[BSP] 6ff7e8e7112f9a6f45fe85ef5b2cc87c : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 243391 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt
Zde je log z opravy host:
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Oprava HOSTS -- Datum: 06/29/2012 15:42:27
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt
Zde je log z opravy proxy:
RogueKiller V7.6.1 [06/28/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: Admin [Práva správce]
Mód: Oprava Proxy -- Datum: 06/29/2012 15:42:59
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] arpwrmsg.exe -- D:\WINDOWS\ARPWRMSG.EXE -> KILLED [TermProc]
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[6].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt ;
RKreport[6].txt
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Pokud ho havet blokuje, pouzijte jeden z nasledujicich
motji píše: Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe
Rkill SCR:
http://download.bleepingcomputer.com/grinler/rkill.scr
Rkill PIF:
http://download.bleepingcomputer.com/grinler/rkill.pif - Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- Ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
ComboFix:
ComboFix 12-06-28.03 - Admin 29.06.2012 13:47:01.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2815.1801 [GMT 4,5:30]
Spuštěný z: d:\documents and settings\Admin\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
d:\documents and settings\Admin\WINDOWS
d:\program files\Complitly
d:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
d:\program files\Complitly\FireFoxUninstaller.exe
d:\program files\Complitly\chrome\ComplitlyChrome.crx
d:\program files\Complitly\InstTracker.exe
d:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
d:\program files\Complitly\support@Complitly.com\chrome.manifest
d:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
d:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
d:\program files\Complitly\support@Complitly.com\chrome\content\options.js
d:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
d:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
d:\program files\Complitly\support@Complitly.com\install.rdf
d:\program files\Complitly\System.Data.SQLite.dll
d:\program files\Complitly\unins000.dat
d:\program files\Complitly\unins000.exe
d:\windows\iun6002.exe
d:\windows\system32\OLD4.tmp
d:\windows\system32\SET32F.tmp
d:\windows\system32\SET330.tmp
d:\windows\system32\SET331.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-28 do 2012-06-29 )))))))))))))))))))))))))))))))
.
.
2012-06-29 09:31 . 2012-06-29 09:32 -------- d-----w- D:\rsit
2012-06-28 09:01 . 2012-06-28 09:01 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\ArmA 2 OA
2012-06-28 08:48 . 2012-06-28 09:17 -------- d-----w- d:\program files\ArmA 2
2012-06-28 02:33 . 2012-06-28 02:33 -------- d--h--r- d:\documents and settings\Admin\Data aplikací\SecuROM
2012-06-27 04:59 . 2012-06-27 04:59 -------- d-----w- d:\documents and settings\Admin\Data aplikací\PowerISO
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\documents and settings\Admin\Data aplikací\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\program files\Common Files\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\program files\AVG Secure Search
2012-06-27 04:57 . 2012-06-27 04:58 -------- d-----w- d:\program files\PowerISO
2012-06-27 04:53 . 2012-06-27 04:53 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Spirited_Machine
2012-06-27 04:52 . 2012-06-27 04:52 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Spirited Machine
2012-06-27 04:52 . 2012-06-27 04:52 -------- d-----w- d:\program files\Spirited Machine
2012-06-27 03:44 . 2012-06-27 03:44 -------- d--h--w- d:\windows\msdownld.tmp
2012-06-26 10:33 . 2012-06-26 10:33 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AVSoft_Corp._(VN)
2012-06-26 10:33 . 2012-06-26 10:33 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\DefaultDomain_Path_wgjiatswwmdqczwymby1lvbrnf5yhp5r
2012-06-26 10:31 . 2012-06-26 10:31 -------- d-----w- d:\program files\AV Music Morpher Gold
2012-06-26 10:06 . 2012-06-26 10:06 -------- d-----w- d:\program files\Dart Karaoke Studio CDG
2012-06-26 10:06 . 2003-03-19 02:42 1047552 ----a-w- d:\windows\system32\MFC71U.DLL
2012-06-26 10:02 . 2012-06-26 10:02 -------- d-----w- d:\program files\Karaoke Anything!
2012-06-25 18:58 . 2012-06-25 18:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\CRE
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\program files\Conduit
2012-06-25 18:57 . 2012-06-25 19:37 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Conduit
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\documents and settings\Admin\Data aplikací\uTorrent Turbo Booster
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Complitly
2012-06-25 17:08 . 2012-06-25 17:08 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\SIX_Projects
2012-06-25 17:06 . 2012-06-28 09:15 -------- d-----w- d:\documents and settings\Admin\Data aplikací\six-updater
2012-06-25 17:06 . 2012-06-25 17:06 -------- d-----w- d:\documents and settings\Admin\Data aplikací\six-zsync
2012-06-25 17:05 . 2012-06-25 17:05 -------- d-----w- d:\program files\SIX Projects
2012-06-24 17:30 . 2012-05-22 11:17 405176 ----a-w- d:\windows\system32\Newtonsoft.Json.Net20.dll
2012-06-24 17:30 . 2012-06-24 17:30 -------- d-----w- d:\program files\Common Files\DVDVideoSoft
2012-06-24 17:30 . 2012-06-24 17:30 -------- d-----w- d:\program files\DVDVideoSoft
2012-06-24 17:29 . 2012-06-24 17:30 -------- d-----w- d:\documents and settings\Admin\Data aplikací\DVDVideoSoft
2012-06-24 17:24 . 2012-06-24 17:24 -------- d-----w- d:\program files\YTD YouTube Downloader & Converter
2012-06-23 14:19 . 2012-06-23 14:19 177664 ----a-w- d:\windows\system32\msipfh32.dll
2012-06-23 14:14 . 2012-06-23 14:14 -------- d--h--w- d:\windows\PIF
2012-06-23 12:46 . 2008-07-06 12:06 89088 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
2012-06-23 12:45 . 2008-07-06 12:06 89088 -c----w- d:\windows\system32\dllcache\SET345.tmp
2012-06-23 12:45 . 2008-07-06 12:06 575488 -c----w- d:\windows\system32\dllcache\SET343.tmp
2012-06-23 12:45 . 2008-07-06 10:50 597504 -c----w- d:\windows\system32\dllcache\SET344.tmp
2012-06-23 12:45 . 2008-07-06 10:50 597504 ------w- d:\windows\system32\Spool\prtprocs\w32x86\SET327.tmp
2012-06-23 12:45 . 2012-06-23 12:46 -------- d-----w- D:\b64b0dd5c246d309d23e0db23c129e
2012-06-23 12:45 . 2008-07-06 12:06 1676288 -c----w- d:\windows\system32\dllcache\SET342.tmp
2012-06-23 12:33 . 2012-06-23 13:48 -------- d-----w- d:\program files\Common Files\Blizzard Entertainment
2012-06-23 11:59 . 2012-06-23 12:08 -------- d-----w- d:\program files\TmUnitedForever
2012-06-21 15:19 . 2012-06-23 13:49 139048 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2012-06-21 15:19 . 2012-06-23 13:49 282296 ----a-w- d:\windows\system32\PnkBstrB.exe
2012-06-21 15:19 . 2012-06-23 13:33 282296 ----a-w- d:\windows\system32\PnkBstrB.ex0
2012-06-21 15:19 . 2012-06-23 13:49 282296 ----a-w- d:\windows\system32\PnkBstrB.xtr
2012-06-21 15:18 . 2012-06-21 15:18 76888 ----a-w- d:\windows\system32\PnkBstrA.exe
2012-06-21 15:18 . 2012-06-21 15:18 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\PunkBuster
2012-06-20 15:13 . 2012-06-20 15:13 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Sun
2012-06-19 19:36 . 2012-06-19 19:36 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Nero
2012-06-18 18:45 . 2012-06-18 18:45 -------- d-----w- d:\documents and settings\Admin\Data aplikací\InfraRecorder
2012-06-18 18:45 . 2012-06-18 18:45 -------- d-----w- d:\program files\InfraRecorder
2012-06-18 18:38 . 2012-06-18 18:38 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Canneverbe Limited
2012-06-18 18:38 . 2009-11-12 09:18 7168 ----a-w- d:\windows\system32\drivers\StarOpen.sys
2012-06-18 18:38 . 2012-06-18 18:38 -------- d-----w- d:\program files\CDBurnerXP
2012-06-17 16:54 . 2012-06-28 13:18 -------- d-----w- d:\documents and settings\Admin\Data aplikací\.minecraft
2012-06-17 16:49 . 2012-06-17 16:53 -------- d-----w- d:\documents and settings\Admin\Data aplikací\minecraft
2012-06-16 07:17 . 2012-06-29 11:10 -------- d-----w- d:\documents and settings\Admin\Data aplikací\vlc
2012-06-16 07:15 . 2012-06-16 07:15 -------- d-----w- d:\program files\VideoLAN
2012-06-16 01:43 . 2012-06-16 01:43 -------- d-----w- d:\program files\The KMPlayer
2012-06-13 10:20 . 2012-06-13 22:11 -------- d-----w- d:\program files\Call of Duty 4 - Modern Warfare
2012-06-12 13:52 . 2012-06-29 09:24 6660 ----a-w- d:\windows\system32\PerfStringBackup.TMP
2012-06-12 11:02 . 2012-06-16 15:55 85472 ----a-w- d:\program files\Mozilla Firefox\components\browsercomps.dll
2012-06-11 09:58 . 2012-06-11 09:58 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Malwarebytes
2012-06-11 09:58 . 2012-06-11 09:58 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-06-11 09:58 . 2012-04-04 11:26 22344 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-06-10 15:36 . 2012-06-10 15:36 512 ----a-w- D:\PhysicalMBR.bin
2012-06-10 14:58 . 2012-06-10 14:58 -------- d-sh--w- d:\documents and settings\Administrator\IETldCache
2012-06-10 13:05 . 2012-06-10 13:05 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AliensVsPredator
2012-06-10 11:03 . 2012-06-29 09:32 -------- d-----w- d:\program files\trend micro
2012-06-09 07:26 . 2012-06-09 07:26 -------- d-----w- d:\program files\Common Files\Java
2012-06-09 07:25 . 2012-06-09 07:25 -------- d-----w- d:\program files\Oracle
2012-06-09 07:25 . 2012-06-09 07:25 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Oracle
2012-06-09 07:07 . 2012-06-09 07:07 404640 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-09 05:58 . 2012-06-09 05:58 -------- d-sh--w- d:\documents and settings\Admin\IECompatCache
2012-06-08 18:00 . 2012-06-08 18:00 -------- d-----w- d:\program files\CCleaner
2012-06-08 17:58 . 2012-06-13 10:47 -------- d-----w- d:\program files\Electronic Arts
2012-06-06 11:53 . 2012-06-06 11:53 -------- d-----w- d:\program files\GotCLIP Downloader
2012-06-06 10:25 . 2012-06-01 15:39 770384 ----a-w- d:\program files\Mozilla Firefox\msvcr100.dll
2012-06-06 10:25 . 2012-06-01 15:39 421200 ----a-w- d:\program files\Mozilla Firefox\msvcp100.dll
2012-06-03 19:11 . 2012-06-03 19:11 -------- d-----w- d:\documents and settings\NetworkService\Data aplikací\CyberLink
2012-06-03 14:32 . 2012-06-03 14:37 -------- d-----w- d:\documents and settings\All Users\CyberLink
2012-06-03 14:32 . 2012-06-03 14:32 -------- d-----w- d:\documents and settings\Admin\Data aplikací\CyberLink
2012-06-03 14:31 . 2012-06-03 14:31 -------- d-----w- d:\program files\SmartSound Software
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Apple Computer
2012-06-03 14:26 . 2012-06-03 14:29 -------- d-----w- d:\program files\CyberLink
2012-06-03 13:53 . 2012-06-03 14:21 592056056 ----a-w- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
2012-06-03 11:03 . 2012-06-03 11:03 -------- d-----r- d:\documents and settings\LocalService\Oblíbené položky
2012-06-03 10:35 . 2012-06-03 12:16 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Sony
2012-06-02 13:42 . 2012-06-03 09:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\WMTools Downloaded Files
2012-06-02 09:54 . 2012-06-02 10:33 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Audacity
2012-06-02 09:54 . 2012-06-02 09:54 -------- d-----w- d:\program files\Audacity
2012-06-01 22:32 . 2012-06-03 05:30 -------- d-----w- D:\Fraps
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\documents and settings\All Users\Data aplikac
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\program files\Origin Games
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Origin
2012-06-01 13:41 . 2012-06-01 13:43 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Origin
2012-06-01 13:40 . 2012-06-01 13:43 -------- d-----w- d:\program files\Origin
2012-06-01 13:34 . 2012-06-01 13:34 1112 ----a-w- d:\windows\system32\ealregsnapshot1.reg
2012-06-01 13:34 . 2012-06-25 17:05 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Downloaded Installations
2012-05-31 13:04 . 2012-05-31 13:04 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Toribash
2012-05-31 13:02 . 2012-05-31 13:02 -------- d-----w- d:\program files\Taksi
2012-05-31 12:42 . 2001-11-12 02:34 679936 ----a-w- d:\windows\system32\D3DX81ab.dll
2012-05-31 12:42 . 2012-05-31 12:43 -------- d-----w- d:\program files\Quobi
2012-05-31 11:12 . 2012-06-21 15:18 -------- d-----w- d:\windows\system32\LogFiles
2012-05-31 04:10 . 2012-05-31 04:10 113104 ----a-w- d:\windows\system32\drivers\scdemu.sys
2012-05-30 16:49 . 2012-06-21 13:40 -------- d-----w- d:\program files\Call of Duty Moders Warfare 3
2012-05-30 15:09 . 2012-05-30 15:09 -------- d-----w- D:\GAMES
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-29 02:44 . 2012-05-29 02:44 107888 ----a-w- d:\windows\system32\CmdLineExt.dll
2012-05-27 16:20 . 2012-05-27 16:20 4608 ----a-w- d:\windows\system32\w95inf32.dll
2012-05-27 16:20 . 2012-05-27 16:20 2272 ----a-w- d:\windows\system32\w95inf16.dll
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\NewShortcut1_8FE4D08663BD44EB882CC7EA5A1EF016.exe
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\HUD.exe_8FE4D08663BD44EB882CC7EA5A1EF016.exe
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\ARPPRODUCTICON.exe
2012-05-27 12:14 . 2012-05-27 12:14 744960 ----a-w- d:\windows\system32\IR41_32.DLL
2012-05-27 12:14 . 2001-10-25 13:00 199168 ----a-w- d:\windows\system32\ir32_32.dll
2012-05-23 01:49 . 2012-05-23 01:46 43520 ----a-w- d:\windows\system32\CmdLineExt03.dll
2012-05-08 21:40 . 2012-05-06 16:35 83392 ----a-w- d:\windows\system32\drivers\avgntflt.sys
2012-05-08 21:40 . 2012-05-06 16:35 137928 ----a-w- d:\windows\system32\drivers\avipbb.sys
2012-05-07 07:59 . 2012-05-07 07:59 242240 ----a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2012-05-07 05:49 . 2012-05-07 05:49 419488 ----a-w- d:\windows\system32\FlashPlayerApp.exe
2012-05-06 17:18 . 2012-05-27 08:29 278561 ----a-w- d:\documents and settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe
2012-04-04 14:17 . 2012-05-06 17:03 143872 ----a-w- d:\windows\system32\javacpl.cpl
2012-04-04 14:17 . 2012-05-06 17:03 772504 ----a-w- d:\windows\system32\npdeployJava1.dll
2012-04-04 14:17 . 2012-05-06 17:03 687504 ----a-w- d:\windows\system32\deployJava1.dll
2012-06-16 15:55 . 2012-06-12 11:02 85472 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-19 12:23 . A23DF7213FE43F712F27A74DBCA5222B . 1593856 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
.
[-] 2008-12-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
.
[-] 2008-12-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
.
[-] 2008-12-19 . D39127310CBAD1485EC5001A4ED1D853 . 1486336 . . [6.00.2900.5512] . . d:\windows\explorer.exe
.
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
.
[-] 2008-12-19 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
.
[-] 2008-12-26 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-27 04:58 2074208 ----a-w- d:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "d:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-06-27 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2008-04-11 1276416]
"Steam"="d:\program files\Steam\steam.exe" [2012-05-06 1242448]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"BitTorrent"="d:\program files\BitTorrent\BitTorrent.exe" [2012-05-30 6380400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-12-26 77312]
"ehTray"="d:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2010-01-30 13666920]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"vProt"="d:\program files\AVG Secure Search\vprot.exe" [2012-06-27 1107552]
"PWRISOVM.EXE"="d:\program files\PowerISO\PWRISOVM.EXE" [2012-05-31 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-12-19 40960]
.
d:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\
GIGABYTE Gamer HUD Lite.lnk - d:\program files\GIGABYTE\Gamer HUD Lite\HUD.exe [2010-2-25 1678848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2012-05-08 09:25 1091320 ----a-w- d:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
2012-02-26 14:42 1044992 ----a-w- d:\program files\FileZilla Server\FileZilla Server Interface.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"d:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"d:\\Documents and Settings\\Admin\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\SuperMNC\\Binaries\\Win32\\SuperMNCGameClient.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Sierra\\Empire Earth - The Art of Conquest\\EE-AOC.exe"=
"d:\\Documents and Settings\\Admin\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"d:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Program Files\\Stronghold Crusader\\Stronghold Crusader.exe"=
"d:\\Program Files\\Sierra\\Empire Earth\\Empire Earth.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Call of Duty Modern Warfare 2\\iw4sp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Call of Duty Modern Warfare 2\\iw4mp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP_Launcher.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP_DX11.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Game.exe"=
"d:\\Program Files\\TmUnitedForever\\TmForever.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\ArmA 2\\arma2OA.exe"=
.
R1 avkmgr;avkmgr;d:\windows\system32\drivers\avkmgr.sys [6.5.2012 21:05 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [7.5.2012 12:29 242240]
R2 AntiVirSchedulerService;Avira Scheduler;d:\program files\Avira\AntiVir Desktop\sched.exe [6.5.2012 21:05 86224]
R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.6.2012 14:28 654408]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;d:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [27.6.2012 9:28 935008]
R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [11.6.2012 14:28 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [6.5.2012 23:13 57320]
S3 MozillaMaintenance;Mozilla Maintenance Service;d:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6.5.2012 21:20 113120]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - SCDEMU
*NewlyCreated* - TRUESIGHT
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 00:02 128512 ----a-w- d:\windows\system32\advpack.dll
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://isearch.avg.com/?cid={29B71858-D53B-4A3D-A6A2-EF1BAB7FF883}&mid=c39cb244f62f47d0a27ed16c57851f7c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=st011&pr=sa&d=2012-06-27 09:28&v=11.1.0.12&sap=hp
IE: Free YouTube to MP3 Converter - d:\documents and settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1 10.19.56.33 88.86.107.86
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - d:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - d:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bb9e6f774-6259-41d1-826c-0ab6a6b25e66%7D&mid=c39cb244f62f47d0a27ed16c57851f7c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=st011&v=11.1.0.12&lang=cs&pr=sa&d=2012-06-27%2009%3A28%3A35&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - d:\program files\Ask.com\GenericAskToolbar.dll
HKLM-Run-nwiz - nwiz.exe
AddRemove-ArnA 2: Combined Operations - d:\program files\ArmA 2\uninstall.exe
AddRemove-BattlEye - d:\program files\ArmA 2Expansion\BattlEye\UnInstallBE.exe
AddRemove-Karaoke Anything!1.0 - d:\windows\iun6002.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - d:\program files\Complitly\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-29 13:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1048)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1104)
d:\windows\system32\setupapi.dll
.
Celkový čas: 2012-06-29 13:54:24
ComboFix-quarantined-files.txt 2012-06-29 09:24
.
Před spuštěním: Volných bajtů: 64 864 161 792
Po spuštění: Volných bajtů: 65 283 334 144
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0F34EECA97D6F2887155AC8133254838
RKill:
This log file is located at D:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 29.06.2012 at 13:39:08.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\rundll32.exe
D:\WINDOWS\System32\runonce.exe
Rkill completed on 29.06.2012 at 13:39:13.
ComboFix 12-06-28.03 - Admin 29.06.2012 13:47:01.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2815.1801 [GMT 4,5:30]
Spuštěný z: d:\documents and settings\Admin\Plocha\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
d:\documents and settings\Admin\WINDOWS
d:\program files\Complitly
d:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe
d:\program files\Complitly\FireFoxUninstaller.exe
d:\program files\Complitly\chrome\ComplitlyChrome.crx
d:\program files\Complitly\InstTracker.exe
d:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js
d:\program files\Complitly\support@Complitly.com\chrome.manifest
d:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png
d:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul
d:\program files\Complitly\support@Complitly.com\chrome\content\options.js
d:\program files\Complitly\support@Complitly.com\chrome\content\options.xul
d:\program files\Complitly\support@Complitly.com\chrome\content\utils.js
d:\program files\Complitly\support@Complitly.com\install.rdf
d:\program files\Complitly\System.Data.SQLite.dll
d:\program files\Complitly\unins000.dat
d:\program files\Complitly\unins000.exe
d:\windows\iun6002.exe
d:\windows\system32\OLD4.tmp
d:\windows\system32\SET32F.tmp
d:\windows\system32\SET330.tmp
d:\windows\system32\SET331.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-28 do 2012-06-29 )))))))))))))))))))))))))))))))
.
.
2012-06-29 09:31 . 2012-06-29 09:32 -------- d-----w- D:\rsit
2012-06-28 09:01 . 2012-06-28 09:01 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\ArmA 2 OA
2012-06-28 08:48 . 2012-06-28 09:17 -------- d-----w- d:\program files\ArmA 2
2012-06-28 02:33 . 2012-06-28 02:33 -------- d--h--r- d:\documents and settings\Admin\Data aplikací\SecuROM
2012-06-27 04:59 . 2012-06-27 04:59 -------- d-----w- d:\documents and settings\Admin\Data aplikací\PowerISO
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\documents and settings\Admin\Data aplikací\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\program files\Common Files\AVG Secure Search
2012-06-27 04:58 . 2012-06-27 04:58 -------- d-----w- d:\program files\AVG Secure Search
2012-06-27 04:57 . 2012-06-27 04:58 -------- d-----w- d:\program files\PowerISO
2012-06-27 04:53 . 2012-06-27 04:53 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Spirited_Machine
2012-06-27 04:52 . 2012-06-27 04:52 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Spirited Machine
2012-06-27 04:52 . 2012-06-27 04:52 -------- d-----w- d:\program files\Spirited Machine
2012-06-27 03:44 . 2012-06-27 03:44 -------- d--h--w- d:\windows\msdownld.tmp
2012-06-26 10:33 . 2012-06-26 10:33 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AVSoft_Corp._(VN)
2012-06-26 10:33 . 2012-06-26 10:33 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\DefaultDomain_Path_wgjiatswwmdqczwymby1lvbrnf5yhp5r
2012-06-26 10:31 . 2012-06-26 10:31 -------- d-----w- d:\program files\AV Music Morpher Gold
2012-06-26 10:06 . 2012-06-26 10:06 -------- d-----w- d:\program files\Dart Karaoke Studio CDG
2012-06-26 10:06 . 2003-03-19 02:42 1047552 ----a-w- d:\windows\system32\MFC71U.DLL
2012-06-26 10:02 . 2012-06-26 10:02 -------- d-----w- d:\program files\Karaoke Anything!
2012-06-25 18:58 . 2012-06-25 18:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\CRE
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\program files\Conduit
2012-06-25 18:57 . 2012-06-25 19:37 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Conduit
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\documents and settings\Admin\Data aplikací\uTorrent Turbo Booster
2012-06-25 18:57 . 2012-06-25 18:57 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Complitly
2012-06-25 17:08 . 2012-06-25 17:08 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\SIX_Projects
2012-06-25 17:06 . 2012-06-28 09:15 -------- d-----w- d:\documents and settings\Admin\Data aplikací\six-updater
2012-06-25 17:06 . 2012-06-25 17:06 -------- d-----w- d:\documents and settings\Admin\Data aplikací\six-zsync
2012-06-25 17:05 . 2012-06-25 17:05 -------- d-----w- d:\program files\SIX Projects
2012-06-24 17:30 . 2012-05-22 11:17 405176 ----a-w- d:\windows\system32\Newtonsoft.Json.Net20.dll
2012-06-24 17:30 . 2012-06-24 17:30 -------- d-----w- d:\program files\Common Files\DVDVideoSoft
2012-06-24 17:30 . 2012-06-24 17:30 -------- d-----w- d:\program files\DVDVideoSoft
2012-06-24 17:29 . 2012-06-24 17:30 -------- d-----w- d:\documents and settings\Admin\Data aplikací\DVDVideoSoft
2012-06-24 17:24 . 2012-06-24 17:24 -------- d-----w- d:\program files\YTD YouTube Downloader & Converter
2012-06-23 14:19 . 2012-06-23 14:19 177664 ----a-w- d:\windows\system32\msipfh32.dll
2012-06-23 14:14 . 2012-06-23 14:14 -------- d--h--w- d:\windows\PIF
2012-06-23 12:46 . 2008-07-06 12:06 89088 ----a-w- d:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll.new
2012-06-23 12:45 . 2008-07-06 12:06 89088 -c----w- d:\windows\system32\dllcache\SET345.tmp
2012-06-23 12:45 . 2008-07-06 12:06 575488 -c----w- d:\windows\system32\dllcache\SET343.tmp
2012-06-23 12:45 . 2008-07-06 10:50 597504 -c----w- d:\windows\system32\dllcache\SET344.tmp
2012-06-23 12:45 . 2008-07-06 10:50 597504 ------w- d:\windows\system32\Spool\prtprocs\w32x86\SET327.tmp
2012-06-23 12:45 . 2012-06-23 12:46 -------- d-----w- D:\b64b0dd5c246d309d23e0db23c129e
2012-06-23 12:45 . 2008-07-06 12:06 1676288 -c----w- d:\windows\system32\dllcache\SET342.tmp
2012-06-23 12:33 . 2012-06-23 13:48 -------- d-----w- d:\program files\Common Files\Blizzard Entertainment
2012-06-23 11:59 . 2012-06-23 12:08 -------- d-----w- d:\program files\TmUnitedForever
2012-06-21 15:19 . 2012-06-23 13:49 139048 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2012-06-21 15:19 . 2012-06-23 13:49 282296 ----a-w- d:\windows\system32\PnkBstrB.exe
2012-06-21 15:19 . 2012-06-23 13:33 282296 ----a-w- d:\windows\system32\PnkBstrB.ex0
2012-06-21 15:19 . 2012-06-23 13:49 282296 ----a-w- d:\windows\system32\PnkBstrB.xtr
2012-06-21 15:18 . 2012-06-21 15:18 76888 ----a-w- d:\windows\system32\PnkBstrA.exe
2012-06-21 15:18 . 2012-06-21 15:18 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\PunkBuster
2012-06-20 15:13 . 2012-06-20 15:13 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Sun
2012-06-19 19:36 . 2012-06-19 19:36 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Nero
2012-06-18 18:45 . 2012-06-18 18:45 -------- d-----w- d:\documents and settings\Admin\Data aplikací\InfraRecorder
2012-06-18 18:45 . 2012-06-18 18:45 -------- d-----w- d:\program files\InfraRecorder
2012-06-18 18:38 . 2012-06-18 18:38 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Canneverbe Limited
2012-06-18 18:38 . 2009-11-12 09:18 7168 ----a-w- d:\windows\system32\drivers\StarOpen.sys
2012-06-18 18:38 . 2012-06-18 18:38 -------- d-----w- d:\program files\CDBurnerXP
2012-06-17 16:54 . 2012-06-28 13:18 -------- d-----w- d:\documents and settings\Admin\Data aplikací\.minecraft
2012-06-17 16:49 . 2012-06-17 16:53 -------- d-----w- d:\documents and settings\Admin\Data aplikací\minecraft
2012-06-16 07:17 . 2012-06-29 11:10 -------- d-----w- d:\documents and settings\Admin\Data aplikací\vlc
2012-06-16 07:15 . 2012-06-16 07:15 -------- d-----w- d:\program files\VideoLAN
2012-06-16 01:43 . 2012-06-16 01:43 -------- d-----w- d:\program files\The KMPlayer
2012-06-13 10:20 . 2012-06-13 22:11 -------- d-----w- d:\program files\Call of Duty 4 - Modern Warfare
2012-06-12 13:52 . 2012-06-29 09:24 6660 ----a-w- d:\windows\system32\PerfStringBackup.TMP
2012-06-12 11:02 . 2012-06-16 15:55 85472 ----a-w- d:\program files\Mozilla Firefox\components\browsercomps.dll
2012-06-11 09:58 . 2012-06-11 09:58 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Malwarebytes
2012-06-11 09:58 . 2012-06-11 09:58 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2012-06-11 09:58 . 2012-04-04 11:26 22344 ----a-w- d:\windows\system32\drivers\mbam.sys
2012-06-10 15:36 . 2012-06-10 15:36 512 ----a-w- D:\PhysicalMBR.bin
2012-06-10 14:58 . 2012-06-10 14:58 -------- d-sh--w- d:\documents and settings\Administrator\IETldCache
2012-06-10 13:05 . 2012-06-10 13:05 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\AliensVsPredator
2012-06-10 11:03 . 2012-06-29 09:32 -------- d-----w- d:\program files\trend micro
2012-06-09 07:26 . 2012-06-09 07:26 -------- d-----w- d:\program files\Common Files\Java
2012-06-09 07:25 . 2012-06-09 07:25 -------- d-----w- d:\program files\Oracle
2012-06-09 07:25 . 2012-06-09 07:25 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Oracle
2012-06-09 07:07 . 2012-06-09 07:07 404640 ----a-w- d:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-09 05:58 . 2012-06-09 05:58 -------- d-sh--w- d:\documents and settings\Admin\IECompatCache
2012-06-08 18:00 . 2012-06-08 18:00 -------- d-----w- d:\program files\CCleaner
2012-06-08 17:58 . 2012-06-13 10:47 -------- d-----w- d:\program files\Electronic Arts
2012-06-06 11:53 . 2012-06-06 11:53 -------- d-----w- d:\program files\GotCLIP Downloader
2012-06-06 10:25 . 2012-06-01 15:39 770384 ----a-w- d:\program files\Mozilla Firefox\msvcr100.dll
2012-06-06 10:25 . 2012-06-01 15:39 421200 ----a-w- d:\program files\Mozilla Firefox\msvcp100.dll
2012-06-03 19:11 . 2012-06-03 19:11 -------- d-----w- d:\documents and settings\NetworkService\Data aplikací\CyberLink
2012-06-03 14:32 . 2012-06-03 14:37 -------- d-----w- d:\documents and settings\All Users\CyberLink
2012-06-03 14:32 . 2012-06-03 14:32 -------- d-----w- d:\documents and settings\Admin\Data aplikací\CyberLink
2012-06-03 14:31 . 2012-06-03 14:31 -------- d-----w- d:\program files\SmartSound Software
2012-06-03 14:29 . 2012-06-03 14:29 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Apple Computer
2012-06-03 14:26 . 2012-06-03 14:29 -------- d-----w- d:\program files\CyberLink
2012-06-03 13:53 . 2012-06-03 14:21 592056056 ----a-w- D:\CyberLink.1703_GM5_Trial_VDE120314-02.exe
2012-06-03 11:03 . 2012-06-03 11:03 -------- d-----r- d:\documents and settings\LocalService\Oblíbené položky
2012-06-03 10:35 . 2012-06-03 12:16 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Sony
2012-06-02 13:42 . 2012-06-03 09:58 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\WMTools Downloaded Files
2012-06-02 09:54 . 2012-06-02 10:33 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Audacity
2012-06-02 09:54 . 2012-06-02 09:54 -------- d-----w- d:\program files\Audacity
2012-06-01 22:32 . 2012-06-03 05:30 -------- d-----w- D:\Fraps
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\documents and settings\All Users\Data aplikac
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\program files\Origin Games
2012-06-01 13:41 . 2012-06-01 13:41 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Origin
2012-06-01 13:41 . 2012-06-01 13:43 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Origin
2012-06-01 13:40 . 2012-06-01 13:43 -------- d-----w- d:\program files\Origin
2012-06-01 13:34 . 2012-06-01 13:34 1112 ----a-w- d:\windows\system32\ealregsnapshot1.reg
2012-06-01 13:34 . 2012-06-25 17:05 -------- d-----w- d:\documents and settings\Admin\Local Settings\Data aplikací\Downloaded Installations
2012-05-31 13:04 . 2012-05-31 13:04 -------- d-----w- d:\documents and settings\Admin\Data aplikací\Toribash
2012-05-31 13:02 . 2012-05-31 13:02 -------- d-----w- d:\program files\Taksi
2012-05-31 12:42 . 2001-11-12 02:34 679936 ----a-w- d:\windows\system32\D3DX81ab.dll
2012-05-31 12:42 . 2012-05-31 12:43 -------- d-----w- d:\program files\Quobi
2012-05-31 11:12 . 2012-06-21 15:18 -------- d-----w- d:\windows\system32\LogFiles
2012-05-31 04:10 . 2012-05-31 04:10 113104 ----a-w- d:\windows\system32\drivers\scdemu.sys
2012-05-30 16:49 . 2012-06-21 13:40 -------- d-----w- d:\program files\Call of Duty Moders Warfare 3
2012-05-30 15:09 . 2012-05-30 15:09 -------- d-----w- D:\GAMES
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-29 02:44 . 2012-05-29 02:44 107888 ----a-w- d:\windows\system32\CmdLineExt.dll
2012-05-27 16:20 . 2012-05-27 16:20 4608 ----a-w- d:\windows\system32\w95inf32.dll
2012-05-27 16:20 . 2012-05-27 16:20 2272 ----a-w- d:\windows\system32\w95inf16.dll
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\NewShortcut1_8FE4D08663BD44EB882CC7EA5A1EF016.exe
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\HUD.exe_8FE4D08663BD44EB882CC7EA5A1EF016.exe
2012-05-27 15:57 . 2012-05-27 15:57 40960 ----a-r- d:\documents and settings\Admin\Data aplikací\Microsoft\Installer\{8FE4D086-63BD-44EB-882C-C7EA5A1EF016}\ARPPRODUCTICON.exe
2012-05-27 12:14 . 2012-05-27 12:14 744960 ----a-w- d:\windows\system32\IR41_32.DLL
2012-05-27 12:14 . 2001-10-25 13:00 199168 ----a-w- d:\windows\system32\ir32_32.dll
2012-05-23 01:49 . 2012-05-23 01:46 43520 ----a-w- d:\windows\system32\CmdLineExt03.dll
2012-05-08 21:40 . 2012-05-06 16:35 83392 ----a-w- d:\windows\system32\drivers\avgntflt.sys
2012-05-08 21:40 . 2012-05-06 16:35 137928 ----a-w- d:\windows\system32\drivers\avipbb.sys
2012-05-07 07:59 . 2012-05-07 07:59 242240 ----a-w- d:\windows\system32\drivers\dtsoftbus01.sys
2012-05-07 05:49 . 2012-05-07 05:49 419488 ----a-w- d:\windows\system32\FlashPlayerApp.exe
2012-05-06 17:18 . 2012-05-27 08:29 278561 ----a-w- d:\documents and settings\Admin\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Minecraft.exe
2012-04-04 14:17 . 2012-05-06 17:03 143872 ----a-w- d:\windows\system32\javacpl.cpl
2012-04-04 14:17 . 2012-05-06 17:03 772504 ----a-w- d:\windows\system32\npdeployJava1.dll
2012-04-04 14:17 . 2012-05-06 17:03 687504 ----a-w- d:\windows\system32\deployJava1.dll
2012-06-16 15:55 . 2012-06-12 11:02 85472 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-12-19 12:23 . A23DF7213FE43F712F27A74DBCA5222B . 1593856 . . [2001.12.4414.700] . . d:\windows\system32\comres.dll
.
[-] 2008-12-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . d:\windows\system32\winlogon.exe
.
[-] 2008-12-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . d:\windows\system32\user32.dll
.
[-] 2008-12-19 . D39127310CBAD1485EC5001A4ED1D853 . 1486336 . . [6.00.2900.5512] . . d:\windows\explorer.exe
.
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . d:\windows\regedit.exe
.
[-] 2008-12-19 . 94927BB89A6825C4A5952A2BF78F027B . 40960 . . [5.1.2600.5512] . . d:\windows\system32\ctfmon.exe
.
[-] 2008-12-26 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . d:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-27 04:58 2074208 ----a-w- d:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "d:\program files\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-06-27 2074208]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2008-04-11 1276416]
"Steam"="d:\program files\Steam\steam.exe" [2012-05-06 1242448]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"BitTorrent"="d:\program files\BitTorrent\BitTorrent.exe" [2012-05-30 6380400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-12-26 77312]
"ehTray"="d:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"avgnt"="d:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2010-01-30 13666920]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"vProt"="d:\program files\AVG Secure Search\vprot.exe" [2012-06-27 1107552]
"PWRISOVM.EXE"="d:\program files\PowerISO\PWRISOVM.EXE" [2012-05-31 336992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2008-12-19 40960]
.
d:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\
GIGABYTE Gamer HUD Lite.lnk - d:\program files\GIGABYTE\Gamer HUD Lite\HUD.exe [2010-2-25 1678848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2012-05-08 09:25 1091320 ----a-w- d:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface]
2012-02-26 14:42 1044992 ----a-w- d:\program files\FileZilla Server\FileZilla Server Interface.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"d:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"d:\\Documents and Settings\\Admin\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\SuperMNC\\Binaries\\Win32\\SuperMNCGameClient.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Sierra\\Empire Earth - The Art of Conquest\\EE-AOC.exe"=
"d:\\Documents and Settings\\Admin\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
"d:\\WINDOWS\\system32\\dplaysvr.exe"=
"d:\\Program Files\\Stronghold Crusader\\Stronghold Crusader.exe"=
"d:\\Program Files\\Sierra\\Empire Earth\\Empire Earth.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Call of Duty Modern Warfare 2\\iw4sp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Call of Duty Modern Warfare 2\\iw4mp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP_Launcher.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP_DX11.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\Aliens vs Predator\\AvP.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Game.exe"=
"d:\\Program Files\\TmUnitedForever\\TmForever.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\ArmA 2\\arma2OA.exe"=
.
R1 avkmgr;avkmgr;d:\windows\system32\drivers\avkmgr.sys [6.5.2012 21:05 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;d:\windows\system32\drivers\dtsoftbus01.sys [7.5.2012 12:29 242240]
R2 AntiVirSchedulerService;Avira Scheduler;d:\program files\Avira\AntiVir Desktop\sched.exe [6.5.2012 21:05 86224]
R2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11.6.2012 14:28 654408]
R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;d:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [27.6.2012 9:28 935008]
R3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [11.6.2012 14:28 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [6.5.2012 23:13 57320]
S3 MozillaMaintenance;Mozilla Maintenance Service;d:\program files\Mozilla Maintenance Service\maintenanceservice.exe [6.5.2012 21:20 113120]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - SCDEMU
*NewlyCreated* - TRUESIGHT
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 00:02 128512 ----a-w- d:\windows\system32\advpack.dll
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://isearch.avg.com/?cid={29B71858-D53B-4A3D-A6A2-EF1BAB7FF883}&mid=c39cb244f62f47d0a27ed16c57851f7c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=cs&ds=st011&pr=sa&d=2012-06-27 09:28&v=11.1.0.12&sap=hp
IE: Free YouTube to MP3 Converter - d:\documents and settings\Admin\Data aplikací\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.1.1 10.19.56.33 88.86.107.86
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - d:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll
FF - ProfilePath - d:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\v03yqg63.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7Bb9e6f774-6259-41d1-826c-0ab6a6b25e66%7D&mid=c39cb244f62f47d0a27ed16c57851f7c-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&ds=st011&v=11.1.0.12&lang=cs&pr=sa&d=2012-06-27%2009%3A28%3A35&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - d:\program files\Ask.com\GenericAskToolbar.dll
HKLM-Run-nwiz - nwiz.exe
AddRemove-ArnA 2: Combined Operations - d:\program files\ArmA 2\uninstall.exe
AddRemove-BattlEye - d:\program files\ArmA 2Expansion\BattlEye\UnInstallBE.exe
AddRemove-Karaoke Anything!1.0 - d:\windows\iun6002.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - d:\program files\Complitly\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-29 13:53
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1048)
d:\windows\system32\SETUPAPI.dll
d:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1104)
d:\windows\system32\setupapi.dll
.
Celkový čas: 2012-06-29 13:54:24
ComboFix-quarantined-files.txt 2012-06-29 09:24
.
Před spuštěním: Volných bajtů: 64 864 161 792
Po spuštění: Volných bajtů: 65 283 334 144
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 0F34EECA97D6F2887155AC8133254838
RKill:
This log file is located at D:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Rkill was run on 29.06.2012 at 13:39:08.
Operating System: Microsoft Windows XP
Processes terminated by Rkill or while it was running:
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\rundll32.exe
D:\WINDOWS\System32\runonce.exe
Rkill completed on 29.06.2012 at 13:39:13.
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
- d:\windows\system32\winlogon.exe
d:\windows\system32\user32.dll
d:\windows\explorer.exe
d:\windows\regedit.exe
d:\windows\system32\ctfmon.exe
d:\windows\system32\comres.dll - Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Otestoval jsem všechny adresy k cílovým souborům a všechny jsou čisté.
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Ještě bych chtěl připomenout, že je pc i internetový prohlížeč firefox dosti pomalý. Má žena hraje hru Farmerama a ze začátku byla rychlá (co se týče načítání hry) ale teď je to o dost pomalejší. Budu rád za každou pomoc.
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Trvate na antiviru avg ? U nas neni moc obliben - vyssi zatez systemu, slabsi detekce. Ja bych byl pro zmenu, ale vy rozhodnete"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
AVG antivirus jsem měl nainstalován před dávnou dobou, nejspíše zůstali ještě nějaké pozůstatky. Můžeme klidně odstranit.
Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Pouzijte tohle http://download.avg.com/filedir/util/su ... 1_1184.exe Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
- Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
- Zaskrtnete okenko Pro vsechny uzivatele
- Zaskrtnete okenko Kontrola na havet "LOP"
- Zaskrtnete okenko Kontrola na havet "Purity"
- Stari souboru zmente z 30 dnu na 7 dnu
- Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize
Kód: Vybrat vše
CREATERESTOREPOINT netsvcs drivers32 savembr:0 /md5start atapi.sys autochk.exe cdrom.sys explorer.exe hal.dll scecli.dll svchost.exe tcpip.sys userinit.exe winlogon.exe /md5stop %systemroot%*.* /U /s %SYSTEMDRIVE%\*.exe %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %systemroot%\system32\drivers\*.sys /3 %systemroot%\system32\*.* /3 %SYSTEMDRIVE%\*.exe HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 %PROGRAMFILES%\Opera\opera.exe /md5 %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 %SystemDrive%\PhysicalMBR.bin /md5 *crack* /s *keygen* /s *loader* /s- Kliknete na tlacitko Prohledat
- Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Trojský kůň (Graftor.910514) Prosím o pomoc
Spustil jsem OTL, teď budu čekat. Jen bych chtěl upozornit, že na mě opět vyskočila hláška od Aviry se stejným virem jako byl předtím, tak jsem dal "remove". Doufam, že to nevadí.
Přispějete na provoz fóra?