Neshta.a vir prosím momoc

[vadimek]

Kód: Vybrat vše

https://www.virustotal.com/file/291c7bef6557ac8dba9e46d3d42fd76ca907d02d20fecd63a3d0b521fafa4860/analysis/

Logfile of random's system information tool 1.09 (written by random/random)
Run by Vadim at 2012-08-13 09:30:46
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 41 GB (82%) free of 50 GB
Total RAM: 1534 MB (58% free)


======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1336601894-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1336601894-839522115-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Vadim\Data aplikací\Mozilla\Firefox\Profiles\f3cdtclk.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.3.300.270 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-07-05 4018888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-07-03 98304]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]
"Google Update"=C:\Documents and Settings\Vadim\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-08-13 199592]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-07-13 17418928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2012-07-04 192512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Counter-Strike 1.6\csko.exe"="D:\Counter-Strike 1.6\csko.exe:*:Enabled:Half-Life Launcher"
"C:\Documents and Settings\Vadim\Plocha\Last-World\last-world.bin"="C:\Documents and Settings\Vadim\Plocha\Last-World\last-world.bin:*:Enabled:last-world"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.exe - open - C:\WINDOWS\svchost.com "%1" %*

======List of files/folders created in the last 1 month======

2012-08-13 09:30:47 ----D---- C:\Program Files\trend micro
2012-08-13 09:30:46 ----D---- C:\rsit
2012-08-12 20:56:32 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Macromedia
2012-08-12 20:56:32 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Adobe
2012-08-12 20:56:13 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-08-12 20:52:00 ----HD---- C:\WINDOWS\PIF
2012-08-12 20:25:35 ----D---- C:\Program Files\Metasploit
2012-08-12 20:21:05 ----A---- C:\WINDOWS\directx.sys
2012-08-12 20:19:11 ----A---- C:\WINDOWS\svchost.com
2012-08-12 20:08:17 ----D---- C:\Documents and Settings\Vadim\Data aplikací\WinRAR
2012-08-12 20:08:15 ----D---- C:\Program Files\WinRAR
2012-08-12 20:08:13 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Mozilla
2012-08-12 20:08:09 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-08-12 20:08:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2012-08-12 20:08:07 ----D---- C:\Program Files\Mozilla Firefox
2012-08-12 15:08:43 ----D---- C:\Documents and Settings\Vadim\Data aplikací\vlc
2012-08-12 15:07:53 ----D---- C:\Program Files\VideoLAN
2012-08-12 14:31:43 ----SHD---- C:\RECYCLER
2012-08-12 14:27:15 ----A---- C:\WINDOWS\system32\wmpns.dll
2012-08-12 13:33:55 ----D---- C:\WINDOWS\Sun
2012-08-12 13:33:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2012-08-12 13:33:23 ----D---- C:\Program Files\Common Files\Java
2012-08-12 13:32:48 ----D---- C:\Program Files\Oracle
2012-08-12 13:32:30 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Oracle
2012-08-12 13:32:26 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-08-12 13:32:25 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-08-12 13:32:25 ----A---- C:\WINDOWS\system32\javaws.exe
2012-08-12 13:32:22 ----A---- C:\WINDOWS\system32\javaw.exe
2012-08-12 13:32:22 ----A---- C:\WINDOWS\system32\java.exe
2012-08-12 13:32:06 ----D---- C:\Program Files\Java
2012-08-12 13:30:36 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Sun
2012-08-12 01:22:04 ----D---- C:\WINDOWS\system32\Lang
2012-08-12 01:21:45 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2012-08-12 01:21:44 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2012-08-12 01:21:42 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2012-08-12 01:21:38 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2012-08-12 01:21:37 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2012-08-12 01:21:36 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2012-08-12 01:21:35 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2012-08-12 01:21:34 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2012-08-12 01:21:33 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012-08-12 01:21:32 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2012-08-12 01:21:31 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012-08-12 01:15:15 ----R---- C:\WINDOWS\system32\ChCfg.exe
2012-08-12 01:14:53 ----D---- C:\WINDOWS\system32\RTCOM
2012-08-12 01:14:51 ----A---- C:\WINDOWS\system32\ksuser.dll
2012-08-12 01:14:51 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2012-08-12 01:14:22 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2012-08-12 01:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2012-08-12 01:14:17 ----R---- C:\WINDOWS\SoundMan.exe
2012-08-12 01:14:16 ----R---- C:\WINDOWS\SkyTel.exe
2012-08-12 01:14:14 ----R---- C:\WINDOWS\RtlUpd.exe
2012-08-12 01:14:13 ----R---- C:\WINDOWS\system32\drivers\RtkHDAud.Sys
2012-08-12 01:14:09 ----R---- C:\WINDOWS\RTLCPL.exe
2012-08-12 01:14:01 ----R---- C:\WINDOWS\RTHDCPL.exe
2012-08-12 01:14:00 ----R---- C:\WINDOWS\MicCal.exe
2012-08-12 01:13:55 ----R---- C:\WINDOWS\Alcmtr.exe
2012-08-12 01:13:54 ----R---- C:\WINDOWS\alcwzrd.exe
2012-08-12 01:13:53 ----D---- C:\Program Files\Realtek
2012-08-12 01:13:52 ----HD---- C:\Program Files\InstallShield Installation Information
2012-08-12 01:12:35 ----R---- C:\WINDOWS\RtlExUpd.dll
2012-08-12 01:12:31 ----D---- C:\Program Files\Common Files\InstallShield
2012-08-12 00:04:58 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Skype
2012-08-12 00:04:52 ----RD---- C:\Program Files\Skype
2012-08-12 00:04:52 ----D---- C:\Program Files\Common Files\Skype
2012-08-12 00:04:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-08-11 22:30:47 ----A---- C:\WINDOWS\system32\h323log.txt
2012-08-11 22:28:25 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2012-08-11 22:27:49 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2012-08-11 22:26:53 ----A---- C:\WINDOWS\system32\drivers\fetnd5.sys
2012-08-11 22:26:50 ----A---- C:\WINDOWS\system32\usbui.dll
2012-08-11 22:26:39 ----A---- C:\WINDOWS\system32\drivers\GAGP30KX.SYS
2012-08-11 22:25:43 ----A---- C:\WINDOWS\imsins.BAK
2012-08-11 22:25:41 ----SHD---- C:\WINDOWS\Installer
2012-08-11 22:25:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-08-11 22:25:40 ----D---- C:\Program Files\Common Files\ODBC
2012-08-11 22:25:40 ----A---- C:\WINDOWS\ODBCINST.INI
2012-08-11 22:25:37 ----D---- C:\Program Files\Common Files\SpeechEngines
2012-08-11 22:25:36 ----RD---- C:\Program Files
2012-08-11 22:25:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-08-11 22:25:36 ----D---- C:\Program Files\Common Files
2012-08-11 22:25:33 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2012-08-11 22:25:33 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2012-08-11 22:25:33 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2012-08-11 22:25:30 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2012-08-11 22:25:27 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2012-08-11 22:25:26 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2012-08-11 22:25:26 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2012-08-11 22:25:25 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2012-08-11 22:25:25 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2012-08-11 22:25:25 ----RA---- C:\WINDOWS\system32\kbdest.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdycl.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdsl.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdro.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdpl.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdhu.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\kbdcr.dll
2012-08-11 22:25:21 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2012-08-11 22:25:20 ----A---- C:\WINDOWS\system32\irclass.dll
2012-08-11 22:25:20 ----A---- C:\WINDOWS\system32\dgsetup.dll
2012-08-11 22:25:20 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2012-08-11 22:25:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-08-11 22:25:19 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2012-08-11 22:25:17 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2012-08-11 22:25:17 ----A---- C:\WINDOWS\TASKMAN.EXE
2012-08-11 22:25:16 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2012-08-11 22:25:16 ----A---- C:\WINDOWS\system32\batt.dll
2012-08-11 22:25:16 ----A---- C:\WINDOWS\NOTEPAD.EXE
2012-08-11 22:25:14 ----A---- C:\WINDOWS\system32\storprop.dll
2012-08-11 22:25:06 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-08-11 22:23:56 ----RA---- C:\WINDOWS\SET21.tmp
2012-08-11 22:23:24 ----RA---- C:\WINDOWS\SET8.tmp
2012-08-11 22:23:22 ----RA---- C:\WINDOWS\SET4.tmp
2012-08-11 22:23:20 ----RA---- C:\WINDOWS\SET3.tmp
2012-08-11 22:23:15 ----D---- C:\WINDOWS\system32\CatRoot2
2012-08-11 22:23:15 ----D---- C:\WINDOWS\system32\CatRoot
2012-08-11 22:23:09 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-08-11 22:22:48 ----A---- C:\WINDOWS\setuplog.txt
2012-08-11 22:22:46 ----D---- C:\Documents and Settings
2012-08-11 22:22:45 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2012-08-11 22:21:30 ----SH---- C:\boot.ini
2012-08-11 22:17:41 ----SHD---- C:\System Volume Information
2012-08-11 22:15:33 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-08-11 22:15:33 ----RSD---- C:\WINDOWS\Fonts
2012-08-11 22:15:33 ----RD---- C:\WINDOWS\Web
2012-08-11 22:15:33 ----HD---- C:\WINDOWS\inf
2012-08-11 22:15:33 ----D---- C:\WINDOWS\WinSxS
2012-08-11 22:15:33 ----D---- C:\WINDOWS\twain_32
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Temp
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\wins
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\wbem
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\usmt
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\spool
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\ShellExt
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\Setup
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\ras
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\oobe
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\npp
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\mui
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\inetsrv
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\IME
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\icsxml
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\ias
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\export
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\drivers\etc
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\drivers\disdn
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\drivers
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\dhcp
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\config
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\3com_dmi
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\3076
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\2052
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1054
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1042
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1041
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1037
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1033
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1031
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1029
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1028
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32\1025
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system32
2012-08-11 22:15:33 ----D---- C:\WINDOWS\system
2012-08-11 22:15:33 ----D---- C:\WINDOWS\security
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Resources
2012-08-11 22:15:33 ----D---- C:\WINDOWS\repair
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Provisioning
2012-08-11 22:15:33 ----D---- C:\WINDOWS\pchealth
2012-08-11 22:15:33 ----D---- C:\WINDOWS\PeerNet
2012-08-11 22:15:33 ----D---- C:\WINDOWS\mui
2012-08-11 22:15:33 ----D---- C:\WINDOWS\msapps
2012-08-11 22:15:33 ----D---- C:\WINDOWS\msagent
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Media
2012-08-11 22:15:33 ----D---- C:\WINDOWS\java
2012-08-11 22:15:33 ----D---- C:\WINDOWS\ime
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Help
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Driver Cache
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Debug
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Cursors
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Connection Wizard
2012-08-11 22:15:33 ----D---- C:\WINDOWS\Config
2012-08-11 22:15:33 ----D---- C:\WINDOWS\AppPatch
2012-08-11 22:15:33 ----D---- C:\WINDOWS\addins
2012-08-11 22:15:33 ----D---- C:\WINDOWS
2012-08-11 22:15:33 ----ASH---- C:\pagefile.sys
2012-08-11 21:27:07 ----D---- C:\Documents and Settings\Vadim\Data aplikací\ATI
2012-08-11 21:27:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ativva6x.dat
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\atitvo32.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\atimpc32.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\atibtmon.exe
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2012-08-11 21:15:25 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ativvamv.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ativva5x.dat
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atioglxx.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ATIODE.exe
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atikvmag.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atiicdxx.dat
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ati3duag.dll
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2012-08-11 21:15:24 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2012-08-11 21:15:21 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-08-11 21:13:22 ----RSD---- C:\WINDOWS\assembly
2012-08-11 21:13:08 ----D---- C:\WINDOWS\Microsoft.NET
2012-08-11 21:12:44 ----D---- C:\Program Files\ATI Technologies
2012-08-11 21:12:41 ----D---- C:\Program Files\ATI
2012-08-11 21:11:56 ----D---- C:\AMD
2012-08-11 20:57:07 ----D---- C:\Documents and Settings\Vadim\Data aplikací\Identities
2012-08-11 20:57:05 ----HD---- C:\Program Files\Uninstall Information
2012-08-11 20:56:56 ----SD---- C:\Documents and Settings\Vadim\Data aplikací\Microsoft
2012-08-11 20:56:56 ----ASH---- C:\Documents and Settings\Vadim\Data aplikací\desktop.ini
2012-08-11 20:56:24 ----A---- C:\WINDOWS\system32\wpa.bak
2012-08-11 20:42:30 ----D---- C:\WINDOWS\SoftwareDistribution
2012-08-11 20:42:22 ----D---- C:\WINDOWS\Prefetch
2012-08-11 20:42:21 ----SD---- C:\WINDOWS\system32\Microsoft
2012-08-11 20:42:21 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-08-11 20:39:01 ----AS---- C:\WINDOWS\bootstat.dat
2012-08-11 20:37:25 ----D---- C:\WINDOWS\system32\xircom
2012-08-11 20:37:25 ----D---- C:\Program Files\xerox
2012-08-11 20:37:25 ----D---- C:\Program Files\microsoft frontpage
2012-08-11 20:37:15 ----HD---- C:\WINDOWS\$hf_mig$
2012-08-11 20:37:03 ----RASH---- C:\MSDOS.SYS
2012-08-11 20:37:03 ----RASH---- C:\IO.SYS
2012-08-11 20:37:03 ----A---- C:\WINDOWS\control.ini
2012-08-11 20:37:03 ----A---- C:\CONFIG.SYS
2012-08-11 20:37:03 ----A---- C:\AUTOEXEC.BAT
2012-08-11 20:36:49 ----A---- C:\WINDOWS\OEWABLog.txt
2012-08-11 20:36:45 ----A---- C:\WINDOWS\system32\mapi32.dll
2012-08-11 20:35:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-08-11 20:35:47 ----RD---- C:\WINDOWS\Offline Web Pages
2012-08-11 20:35:38 ----HD---- C:\Program Files\WindowsUpdate
2012-08-11 20:35:34 ----D---- C:\Program Files\Online Services
2012-08-11 20:35:16 ----D---- C:\WINDOWS\system32\DirectX
2012-08-11 20:34:52 ----A---- C:\WINDOWS\system32\atrace.dll
2012-08-11 20:34:49 ----A---- C:\WINDOWS\system32\desktop.ini
2012-08-11 20:34:49 ----A---- C:\WINDOWS\desktop.ini
2012-08-11 20:34:41 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2012-08-11 20:34:40 ----A---- C:\WINDOWS\system32\acctres.dll
2012-08-11 20:34:39 ----D---- C:\Program Files\Common Files\Services
2012-08-11 20:34:36 ----SD---- C:\WINDOWS\Tasks
2012-08-11 20:34:36 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2012-08-11 20:34:35 ----D---- C:\Program Files\Common Files\MSSoap
2012-08-11 20:34:30 ----D---- C:\WINDOWS\srchasst
2012-08-11 20:34:29 ----D---- C:\WINDOWS\system32\Macromed
2012-08-11 20:34:26 ----A---- C:\WINDOWS\system32\wuweb.dll
2012-08-11 20:34:26 ----A---- C:\WINDOWS\system32\wucltui.dll
2012-08-11 20:34:26 ----A---- C:\WINDOWS\system32\wuauserv.dll
2012-08-11 20:34:26 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2012-08-11 20:34:25 ----A---- C:\WINDOWS\system32\wups.dll
2012-08-11 20:34:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2012-08-11 20:34:25 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2012-08-11 20:34:25 ----A---- C:\WINDOWS\system32\wuauclt.exe
2012-08-11 20:34:25 ----A---- C:\WINDOWS\system32\wuapi.dll
2012-08-11 20:34:24 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2012-08-11 20:34:24 ----A---- C:\WINDOWS\system32\qmgr.dll
2012-08-11 20:34:24 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2012-08-11 20:34:24 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2012-08-11 20:34:20 ----D---- C:\Program Files\Movie Maker
2012-08-11 20:34:15 ----A---- C:\WINDOWS\system32\safrslv.dll
2012-08-11 20:34:15 ----A---- C:\WINDOWS\system32\safrdm.dll
2012-08-11 20:34:15 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2012-08-11 20:34:15 ----A---- C:\WINDOWS\system32\racpldlg.dll
2012-08-11 20:34:11 ----A---- C:\WINDOWS\system32\fltMc.exe
2012-08-11 20:34:11 ----A---- C:\WINDOWS\system32\fltlib.dll
2012-08-11 20:34:11 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2012-08-11 20:34:10 ----D---- C:\WINDOWS\system32\Restore
2012-08-11 20:34:10 ----A---- C:\WINDOWS\system32\srsvc.dll
2012-08-11 20:34:10 ----A---- C:\WINDOWS\system32\srrstr.dll
2012-08-11 20:34:10 ----A---- C:\WINDOWS\system32\srclient.dll
2012-08-11 20:34:10 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2012-08-11 20:34:09 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2012-08-11 20:34:09 ----A---- C:\WINDOWS\system32\mnmdd.dll
2012-08-11 20:34:09 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2012-08-11 20:34:09 ----A---- C:\WINDOWS\system32\ils.dll
2012-08-11 20:34:08 ----A---- C:\WINDOWS\system32\msconf.dll
2012-08-11 20:34:08 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2012-08-11 20:34:05 ----D---- C:\Program Files\NetMeeting
2012-08-11 20:34:05 ----A---- C:\WINDOWS\system32\msoert2.dll
2012-08-11 20:34:05 ----A---- C:\WINDOWS\system32\msoeacct.dll
2012-08-11 20:34:04 ----A---- C:\WINDOWS\system32\inetres.dll
2012-08-11 20:34:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2012-08-11 20:34:01 ----D---- C:\Program Files\Outlook Express
2012-08-11 20:34:01 ----A---- C:\WINDOWS\system32\schedsvc.dll
2012-08-11 20:34:01 ----A---- C:\WINDOWS\system32\mstinit.exe
2012-08-11 20:34:01 ----A---- C:\WINDOWS\system32\mstask.dll
2012-08-11 20:34:00 ----A---- C:\WINDOWS\system32\isign32.dll
2012-08-11 20:34:00 ----A---- C:\WINDOWS\system32\inetcfg.dll
2012-08-11 20:34:00 ----A---- C:\WINDOWS\system32\icwphbk.dll
2012-08-11 20:34:00 ----A---- C:\WINDOWS\system32\icwdial.dll
2012-08-11 20:33:53 ----D---- C:\Program Files\Common Files\System
2012-08-11 20:33:52 ----D---- C:\Program Files\Internet Explorer
2012-08-11 20:33:50 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2012-08-11 20:33:41 ----D---- C:\Program Files\ComPlus Applications
2012-08-11 20:33:39 ----A---- C:\WINDOWS\vbaddin.ini
2012-08-11 20:33:39 ----A---- C:\WINDOWS\vb.ini
2012-08-11 20:33:35 ----D---- C:\WINDOWS\Registration
2012-08-11 20:33:09 ----D---- C:\Program Files\Windows Media Player
2012-08-11 20:33:05 ----D---- C:\Program Files\Messenger
2012-08-11 20:33:01 ----D---- C:\Program Files\MSN Gaming Zone
2012-08-11 20:33:01 ----A---- C:\WINDOWS\system32\write.exe
2012-08-11 20:32:49 ----A---- C:\WINDOWS\system32\sndvol32.exe
2012-08-11 20:32:49 ----A---- C:\WINDOWS\system32\hticons.dll
2012-08-11 20:32:49 ----A---- C:\WINDOWS\system32\avwav.dll
2012-08-11 20:32:49 ----A---- C:\WINDOWS\system32\avtapi.dll
2012-08-11 20:32:49 ----A---- C:\WINDOWS\system32\avmeter.dll
2012-08-11 20:32:48 ----A---- C:\WINDOWS\system32\winchat.exe
2012-08-11 20:32:39 ----A---- C:\WINDOWS\system32\charmap.exe
2012-08-11 20:32:39 ----A---- C:\WINDOWS\system32\getuname.dll
2012-08-11 20:32:39 ----A---- C:\WINDOWS\system32\calc.exe
2012-08-11 20:32:38 ----A---- C:\WINDOWS\system32\winmine.exe
2012-08-11 20:32:38 ----A---- C:\WINDOWS\system32\sol.exe
2012-08-11 20:32:38 ----A---- C:\WINDOWS\system32\mshearts.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\tslabels.ini
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\tskill.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\tscon.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\shadow.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\rwinsta.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\reset.exe
2012-08-11 20:32:37 ----A---- C:\WINDOWS\system32\freecell.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\regini.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\qwinsta.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\qappsrv.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\msg.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\logoff.exe
2012-08-11 20:32:36 ----A---- C:\WINDOWS\system32\cdmodem.dll
2012-08-11 20:32:35 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2012-08-11 20:32:35 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\stclient.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\mtxex.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\mtxdm.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\comsnap.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\comrepl.dll
2012-08-11 20:32:34 ----A---- C:\WINDOWS\system32\comaddin.dll
2012-08-11 20:32:28 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2012-08-11 20:32:27 ----A---- C:\WINDOWS\system32\sndrec32.exe
2012-08-11 20:32:27 ----A---- C:\WINDOWS\system32\mplay32.exe
2012-08-11 20:32:27 ----A---- C:\WINDOWS\system32\accwiz.exe
2012-08-11 20:32:26 ----D---- C:\Program Files\Windows NT
2012-08-11 20:32:26 ----A---- C:\WINDOWS\system32\mspaint.exe
2012-08-11 20:32:26 ----A---- C:\WINDOWS\system32\hypertrm.dll
2012-08-11 20:32:25 ----A---- C:\WINDOWS\system32\spider.exe
2012-08-11 20:32:25 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2012-08-11 20:32:25 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2012-08-11 20:32:25 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2012-08-11 20:32:25 ----A---- C:\WINDOWS\system32\clipbrd.exe
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\remotepg.dll
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\rdshost.exe
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\mstscax.dll
2012-08-11 20:32:24 ----A---- C:\WINDOWS\system32\mstsc.exe
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\termsrv.dll
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\sessmgr.exe
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\rdpclip.exe
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\rdchost.dll
2012-08-11 20:32:23 ----A---- C:\WINDOWS\system32\qprocess.exe
2012-08-11 20:32:22 ----D---- C:\WINDOWS\system32\MsDtc
2012-08-11 20:32:22 ----A---- C:\WINDOWS\system32\mtxoci.dll
2012-08-11 20:32:22 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2012-08-11 20:32:22 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2012-08-11 20:32:22 ----A---- C:\WINDOWS\system32\icaapi.dll
2012-08-11 20:32:22 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2012-08-11 20:32:21 ----A---- C:\WINDOWS\system32\xolehlp.dll
2012-08-11 20:32:21 ----A---- C:\WINDOWS\system32\msdtctm.dll
2012-08-11 20:32:21 ----A---- C:\WINDOWS\system32\msdtclog.dll
2012-08-11 20:32:21 ----A---- C:\WINDOWS\system32\msdtc.exe
2012-08-11 20:32:20 ----D---- C:\WINDOWS\system32\Com
2012-08-11 20:32:20 ----A---- C:\WINDOWS\system32\colbact.dll
2012-08-11 20:32:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2012-08-11 20:32:19 ----A---- C:\WINDOWS\system32\clbcatex.dll
2012-08-11 20:32:19 ----A---- C:\WINDOWS\system32\catsrvut.dll
2012-08-11 20:32:19 ----A---- C:\WINDOWS\system32\catsrv.dll
2012-08-11 20:32:18 ----A---- C:\WINDOWS\system32\comuid.dll
2012-08-11 20:32:18 ----A---- C:\WINDOWS\system32\comsvcs.dll
2012-08-11 20:32:18 ----A---- C:\WINDOWS\system32\clbcatq.dll
2012-08-11 20:32:12 ----A---- C:\WINDOWS\system32\servdeps.dll
2012-08-11 20:32:12 ----A---- C:\WINDOWS\system32\mmfutil.dll
2012-08-11 20:32:12 ----A---- C:\WINDOWS\system32\licwmi.dll
2012-08-11 20:32:12 ----A---- C:\WINDOWS\system32\cmprops.dll
2012-08-11 20:32:08 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2012-08-11 20:32:08 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-08-11 22:25:35 ----A---- C:\WINDOWS\system.ini
2012-08-11 20:37:03 ----A---- C:\WINDOWS\win.ini
2012-08-11 20:36:35 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-04 46464]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2012-07-04 7874560]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2006-03-02 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2012-07-04 643072]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]
R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]

-----------------EOF-----------------

[JaRon]

stiahni a uloz na plochu ComboFix

potom spust pod uctom s administratorskym opravnenim


akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie

Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.

po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)

[vadimek]

ComboFix 12-08-10.02 - Vadim 13.08.2012 9:52.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1534.1102 [GMT 2:00]
Spuštěný z: c:\docume~1\Vadim\Plocha\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\directx.sys
c:\windows\regopt.log
c:\windows\svchost.com
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-13 do 2012-08-13 )))))))))))))))))))))))))))))))
.
.
2012-08-13 07:30 . 2012-08-13 07:30 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-14 00:15 . 2012-08-12 18:08 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Counter-Strike 1.6\\csko.exe"=
"c:\\Documents and Settings\\Vadim\\Plocha\\Last-World\\last-world.bin"=
.
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Data aplikací\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5.7.2012 18:41 3048136]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.7.2012 13:28 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [12.8.2012 20:56 250056]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [12.8.2012 20:08 113120]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-12 19:04]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 10.0.0.138 192.168.11.1
FF - ProfilePath - c:\documents and settings\Vadim\Data aplikací\Mozilla\Firefox\Profiles\f3cdtclk.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-13 09:54
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(696)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2012-08-13 09:55:44
ComboFix-quarantined-files.txt 2012-08-13 07:55
.
Před spuštěním: Volných bajtů: 42 713 300 992
Po spuštění: Volných bajtů: 43 775 918 080
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - B22B07837841BC5A204DCB23EB5A3BDE

[JaRon]

vypada to nadejne
prescanuj PC s AVPTool a potom doinstaluj SP3

[motji]

Jak to tu vypadá?

[motji]

Dobrý den,
pro neaktivitu je toto téma uzamknuto.
Pokud ho budete chtít odemknout, kontaktujte mě na email nebo některého z mých kolegů.
Děkujeme za pochopení