Moderátor: Moderátoři
Kód: Vybrat vše
Logfile of random's system information tool 1.09 (written by random/random)
Run by Georg at 2013-02-28 18:14:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (25%) free of 19 GB
Total RAM: 1023 MB (37% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:14:41, on 28.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\chrome-win32\chrome.exe
C:\Documents and Settings\Georg\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Georg.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&CUI=UN25065539521379717&ctid=CT3176921
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer - Microsoft Windows XP 2009 Ultra Edition
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ICQ] "F:\Programy\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - F:\Programy\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - F:\Programy\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 10036 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-19 77576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-22 461216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-22 170912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2008-11-05 77312]
"DrvIcon"=C:\Program Files\Vista Components\Vista Drive Icon\DrvIcon.exe [2007-07-05 45056]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-01-27 947152]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-06-13 16377344]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-06-28 8466432]
"nwiz"=nwiz.exe /install []
"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2006-04-29 208896]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-06-28 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-12-19 41208]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-02 946352]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"SDTray"=C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-10-19 66560]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-01-08 18705664]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ICQ"=F:\Programy\ICQ7M\ICQ.exe [2013-02-23 127040]
C:\Documents and Settings\Georg\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-24 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-09-23 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-10-19 295424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"ForceClassicControlPanel"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\Georg\Data aplikací\uTorrent\uTorrent.exe"="C:\Documents and Settings\Georg\Data aplikací\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"F:\Nová složka (2)\csko.exe"="F:\Nová složka (2)\csko.exe:*:Enabled:Half-Life Launcher"
"F:\Nová složka (2)\hl.exe"="F:\Nová složka (2)\hl.exe:*:Enabled:Half-Life Launcher"
"F:\Programy\ICQ7M\ICQ.exe"="F:\Programy\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"F:\gry\WorldOfTanks.exe"="F:\gry\WorldOfTanks.exe:*:Enabled:World of Tanks"
"F:\gry\Far Cry 2\bin\FarCry2.exe"="F:\gry\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"F:\gry\Far Cry 2\bin\FC2Launcher.exe"="F:\gry\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"F:\gry\Far Cry 2\bin\FC2Editor.exe"="F:\gry\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"F:\gry\WOT\WorldOfTanks.exe"="F:\gry\WOT\WorldOfTanks.exe:*:Enabled:World of Tanks"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"F:\gry\Bin32\Crysis.exe"="F:\gry\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"F:\gry\Bin32\CrysisDedicatedServer.exe"="F:\gry\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"F:\gry\Mass Effect 2\Binaries\MassEffect2.exe"="F:\gry\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"F:\Programy\ICQ7M\ICQ.exe"="F:\Programy\ICQ7M\ICQ.exe:*:Enabled:ICQ7M"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-02-28 18:14:28 ----D---- C:\Program Files\trend micro
2013-02-28 18:14:25 ----D---- C:\rsit
2013-02-28 10:04:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-28 01:22:33 ----A---- C:\WINDOWS\wininit.ini
2013-02-28 00:43:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2013-02-28 00:43:43 ----A---- C:\WINDOWS\system32\sdnclean.exe
2013-02-28 00:43:33 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2013-02-27 12:35:15 ----D---- C:\WINDOWS\Prefetch
2013-02-27 12:21:32 ----HD---- C:\Program Files\WindowsUpdate
2013-02-27 12:07:09 ----HD---- C:\Program Files\Uninstall Information
2013-02-27 10:08:38 ----D---- C:\WINDOWS\Minidump
2013-02-27 07:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-02-25 22:12:55 ----D---- C:\Program Files\GameSpy
2013-02-25 18:27:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\RELOADED
2013-02-25 12:13:41 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-25 12:13:06 ----D---- C:\Program Files\Reference Assemblies
2013-02-25 12:11:44 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-02-25 12:11:44 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-02-25 12:11:43 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-02-25 00:44:16 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2013-02-24 16:36:15 ----RHD---- C:\Documents and Settings\Georg\Data aplikací\SecuROM
2013-02-24 16:32:07 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2013-02-24 00:07:47 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2013-02-24 00:05:55 ----N---- C:\WINDOWS\hpomdl07.dat
2013-02-24 00:05:25 ----A---- C:\WINDOWS\system32\hpzjsn01.dll
2013-02-24 00:05:23 ----A---- C:\WINDOWS\system32\hpovst08.dll
2013-02-24 00:05:23 ----A---- C:\WINDOWS\system32\hpotscl.dll
2013-02-24 00:05:22 ----A---- C:\WINDOWS\system32\hpgwiamd.dll
2013-02-24 00:05:08 ----A---- C:\WINDOWS\system32\hpzlnt12.dll
2013-02-24 00:05:06 ----A---- C:\WINDOWS\system32\hpzcon12.dll
2013-02-24 00:05:06 ----A---- C:\WINDOWS\system32\hpzcoi12.dll
2013-02-23 22:16:01 ----N---- C:\WINDOWS\hpomdl05.dat
2013-02-23 22:16:01 ----A---- C:\WINDOWS\hpoins05.dat
2013-02-23 17:48:04 ----D---- C:\Documents and Settings\Georg\Data aplikací\uTorrent
2013-02-23 17:17:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2013-02-23 16:20:56 ----D---- C:\Documents and Settings\Georg\Data aplikací\.minecraft
2013-02-23 16:00:51 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2013-02-23 16:00:42 ----D---- C:\Documents and Settings\Georg\Data aplikací\DAEMON Tools Lite
2013-02-23 16:00:37 ----D---- C:\Program Files\DAEMON Tools Lite
2013-02-23 15:58:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2013-02-23 05:13:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\GroupPolicy
2013-02-23 05:11:04 ----D---- C:\Program Files\Yamicsoft
2013-02-22 23:10:53 ----D---- C:\Documents and Settings\Georg\Data aplikací\Wargaming.net
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2013-02-22 22:53:50 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2013-02-22 22:53:43 ----A---- C:\WINDOWS\IsUninst.exe
2013-02-22 22:53:18 ----HD---- C:\Config.Msi
2013-02-22 22:52:57 ----A---- C:\WINDOWS\system32\drivers\HPZid412.sys
2013-02-22 20:39:10 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2013-02-22 20:37:44 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2013-02-22 18:35:24 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2013-02-22 18:35:24 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2013-02-22 18:35:23 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2013-02-22 18:35:23 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2013-02-22 18:35:22 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2013-02-22 18:35:22 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2013-02-22 18:35:22 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2013-02-22 18:35:21 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2013-02-22 18:35:21 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2013-02-22 18:35:21 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2013-02-22 18:35:20 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2013-02-22 18:35:20 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2013-02-22 18:35:19 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2013-02-22 18:35:19 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2013-02-22 18:35:18 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2013-02-22 18:35:18 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2013-02-22 18:35:17 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2013-02-22 18:35:17 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2013-02-22 18:35:16 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-02-22 18:35:16 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2013-02-22 18:35:16 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2013-02-22 18:35:15 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2013-02-22 18:35:14 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2013-02-22 18:35:14 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2013-02-22 18:35:14 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2013-02-22 18:35:14 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2013-02-22 18:35:13 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2013-02-22 18:35:13 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2013-02-22 18:35:12 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2013-02-22 18:35:12 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2013-02-22 18:35:12 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2013-02-22 18:35:11 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2013-02-22 18:35:11 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2013-02-22 18:35:10 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2013-02-22 18:35:10 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2013-02-22 18:35:10 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2013-02-22 18:35:09 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2013-02-22 18:35:09 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2013-02-22 18:35:09 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2013-02-22 18:35:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2013-02-22 18:35:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2013-02-22 18:35:08 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2013-02-22 18:35:07 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2013-02-22 18:35:07 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2013-02-22 18:35:07 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2013-02-22 18:35:06 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-02-22 18:35:06 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2013-02-22 18:35:05 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-02-22 18:35:05 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-02-22 18:35:04 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-02-22 18:35:04 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-02-22 18:35:04 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-02-22 18:35:03 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2013-02-22 18:35:02 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2013-02-22 18:35:02 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2013-02-22 18:35:02 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2013-02-22 18:35:01 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2013-02-22 18:35:00 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2013-02-22 18:35:00 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2013-02-22 18:35:00 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2013-02-22 18:34:59 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2013-02-22 18:34:59 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2013-02-22 18:34:59 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2013-02-22 18:34:58 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2013-02-22 18:34:58 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2013-02-22 18:34:57 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2013-02-22 18:34:57 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2013-02-22 18:34:56 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2013-02-22 18:34:56 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2013-02-22 18:34:55 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2013-02-22 18:34:55 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2013-02-22 18:34:54 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2013-02-22 18:34:53 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2013-02-22 18:34:53 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2013-02-22 18:34:53 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2013-02-22 18:34:52 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2013-02-22 18:34:52 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2013-02-22 18:34:52 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-02-22 18:34:51 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2013-02-22 18:34:51 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2013-02-22 18:34:50 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2013-02-22 18:34:47 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2013-02-22 18:34:47 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2013-02-22 18:34:47 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2013-02-22 18:34:46 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2013-02-22 18:34:46 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2013-02-22 18:34:45 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2013-02-22 18:34:43 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2013-02-22 18:33:13 ----D---- C:\WINDOWS\Logs
2013-02-22 13:51:29 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-22 13:51:18 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-22 13:51:18 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-22 13:51:18 ----A---- C:\WINDOWS\system32\java.exe
2013-02-21 14:48:17 ----D---- C:\WINDOWS\system32\NtmsData
2013-02-17 20:58:53 ----D---- C:\WINDOWS\system32\en-US
2013-02-16 20:25:29 ----D---- C:\Documents and Settings\Georg\Data aplikací\vlc
2013-02-16 15:08:54 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2013-02-16 15:04:41 ----D---- C:\Program Files\HP
2013-02-16 11:36:28 ----A---- C:\WINDOWS\IE4 Error Log.txt
2013-02-16 00:58:36 ----D---- C:\Documents and Settings\Georg\Data aplikací\ICQ
2013-02-15 01:46:06 ----D---- C:\Documents and Settings\Georg\Data aplikací\Apple Computer
2013-02-15 01:44:21 ----D---- C:\Program Files\Common Files\Apple
2013-02-15 01:43:59 ----D---- C:\Program Files\Apple Software Update
2013-02-14 21:29:42 ----SD---- C:\WINDOWS\Tasks
2013-02-14 21:20:16 ----D---- C:\Program Files\Common Files\DESIGNER
2013-02-14 21:19:29 ----D---- C:\Program Files\MSBuild
2013-02-14 21:18:57 ----D---- C:\Program Files\Microsoft Visual Studio
2013-02-14 09:12:58 ----D---- C:\Program Files\Conduit
2013-02-14 09:03:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tarma Installer
2013-02-13 14:13:48 ----D---- C:\Program Files\Runtime Software
2013-02-12 09:26:08 ----D---- C:\Program Files\Adobe
2013-02-12 09:12:46 ----A---- C:\WINDOWS\system32\MRT.exe
2013-02-12 02:38:18 ----D---- C:\WINDOWS\ie8updates
2013-02-12 00:03:23 ----D---- C:\WINDOWS\Sun
2013-02-12 00:03:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2013-02-12 00:02:57 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-02-12 00:02:57 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-02-11 22:18:19 ----D---- C:\Documents and Settings\Georg\Data aplikací\Media Player Classic
2013-02-11 22:18:13 ----D---- C:\Documents and Settings\Georg\Data aplikací\WinRAR
2013-02-11 22:10:56 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-02-11 22:00:57 ----N---- C:\WINDOWS\system32\iacenc.dll
2013-02-11 21:43:38 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2013-02-11 21:43:01 ----D---- C:\WINDOWS\system32\Lang
2013-02-11 21:10:07 ----D---- C:\Program Files\Google
2013-02-11 21:03:08 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-02-11 20:59:25 ----D---- C:\Program Files\Microsoft Security Client
2013-02-11 20:56:26 ----D---- C:\Documents and Settings\Georg\Data aplikací\Macromedia
2013-02-11 20:55:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-11 20:44:49 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-02-11 20:44:49 ----A---- C:\WINDOWS\system32\drivers\rt2870.sys
2013-02-11 20:44:36 ----A---- C:\WINDOWS\system32\RaCoInst.dat
2013-02-11 20:44:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\TP-LINK Driver
2013-02-11 20:43:25 ----A---- C:\WINDOWS\system32\d3d9caps.dat
2013-02-11 20:40:29 ----D---- C:\Documents and Settings\Georg\Data aplikací\Adobe
2013-02-11 20:39:03 ----RA---- C:\WINDOWS\system32\athuw.sys
2013-02-11 20:39:02 ----D---- C:\WINDOWS\Options
2013-02-11 20:38:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\TP-LINK
2013-02-11 20:14:40 ----A---- C:\WINDOWS\system32\h323log.txt
2013-02-11 20:12:46 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2013-02-11 20:12:20 ----A---- C:\WINDOWS\system32\drivers\RTL8139.sys
2013-02-11 20:11:25 ----A---- C:\WINDOWS\system32\usbui.dll
2013-02-11 20:09:24 ----A---- C:\WINDOWS\system32\wmpns.dll
2013-02-11 20:09:21 ----D---- C:\Documents and Settings\Georg\Data aplikací\Identities
2013-02-11 20:08:56 ----A---- C:\WINDOWS\imsins.BAK
2013-02-11 20:08:52 ----SHD---- C:\WINDOWS\Installer
2013-02-11 20:08:52 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-11 20:08:51 ----D---- C:\Program Files\Common Files\ODBC
2013-02-11 20:08:51 ----A---- C:\WINDOWS\ODBCINST.INI
2013-02-11 20:08:46 ----D---- C:\Program Files\Common Files\SpeechEngines
2013-02-11 20:08:45 ----RD---- C:\Program Files
2013-02-11 20:08:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-11 20:08:45 ----D---- C:\Program Files\Common Files
2013-02-11 20:08:38 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2013-02-11 20:08:38 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2013-02-11 20:08:38 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2013-02-11 20:08:35 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2013-02-11 20:08:35 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2013-02-11 20:08:35 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdur.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdru.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2013-02-11 20:08:34 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2013-02-11 20:08:30 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2013-02-11 20:08:27 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2013-02-11 20:08:27 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2013-02-11 20:08:27 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2013-02-11 20:08:27 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2013-02-11 20:08:27 ----RA---- C:\WINDOWS\system32\kbdest.dll
2013-02-11 20:08:15 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2013-02-11 20:08:15 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2013-02-11 20:08:15 ----RA---- C:\WINDOWS\system32\kbdro.dll
2013-02-11 20:08:15 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2013-02-11 20:08:14 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2013-02-11 20:08:11 ----A---- C:\WINDOWS\system32\spxcoins.dll
2013-02-11 20:08:11 ----A---- C:\WINDOWS\system32\irclass.dll
2013-02-11 20:08:11 ----A---- C:\WINDOWS\system32\dgsetup.dll
2013-02-11 20:08:11 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2013-02-11 20:08:10 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2013-02-11 20:08:07 ----A---- C:\WINDOWS\TASKMAN.EXE
2013-02-11 20:08:06 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2013-02-11 20:08:06 ----A---- C:\WINDOWS\system32\batt.dll
2013-02-11 20:08:05 ----A---- C:\WINDOWS\system32\storprop.dll
2013-02-11 20:07:55 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2013-02-11 20:07:45 ----RA---- C:\WINDOWS\SET8.tmp
2013-02-11 20:07:42 ----RA---- C:\WINDOWS\SET4.tmp
2013-02-11 20:07:40 ----RA---- C:\WINDOWS\SET3.tmp
2013-02-11 20:07:36 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-11 20:07:35 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-11 20:07:30 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-02-11 20:06:02 ----A---- C:\WINDOWS\system32\TwnLib4.dll
2013-02-11 20:06:02 ----A---- C:\WINDOWS\system32\imagXRA7.dll
2013-02-11 20:06:02 ----A---- C:\WINDOWS\system32\imagXR7.dll
2013-02-11 20:06:02 ----A---- C:\WINDOWS\system32\imagXpr7.dll
2013-02-11 20:06:01 ----A---- C:\WINDOWS\system32\imagX7.dll
2013-02-11 20:05:59 ----D---- C:\Program Files\Nero
2013-02-11 20:05:59 ----D---- C:\Program Files\Common Files\Nero
2013-02-11 20:05:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2013-02-11 20:04:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2013-02-11 20:04:19 ----A---- C:\WINDOWS\system32\msvcp71.dll
2013-02-11 20:04:19 ----A---- C:\WINDOWS\system32\MFC71.dll
2013-02-11 20:04:19 ----A---- C:\WINDOWS\system32\DSETUP.dll
2013-02-11 20:04:19 ----A---- C:\WINDOWS\system32\atl71.dll
2013-02-11 20:04:18 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-11 20:04:18 ----D---- C:\Program Files\NVIDIA Corporation
2013-02-11 20:04:18 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2013-02-11 20:04:18 ----A---- C:\WINDOWS\system32\drivers\nvport.sys
2013-02-11 20:04:18 ----A---- C:\WINDOWS\system32\DolbyHph.dll
2013-02-11 20:04:10 ----RA---- C:\WINDOWS\system32\msvcr71.dll
2013-02-11 20:04:05 ----D---- C:\Program Files\Common Files\InstallShield
2013-02-11 20:03:57 ----D---- C:\Program Files\Total Commander
2013-02-11 20:03:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-02-11 20:03:25 ----D---- C:\Program Files\Common Files\Adobe
2013-02-11 20:02:53 ----D---- C:\Program Files\WinRAR
2013-02-11 19:59:10 ----A---- C:\WINDOWS\system32\msonpmon.dll
2013-02-11 19:57:49 ----D---- C:\Program Files\Microsoft Works
2013-02-11 19:57:05 ----D---- C:\Program Files\Microsoft.NET
2013-02-11 19:54:36 ----D---- C:\WINDOWS\SHELLNEW
2013-02-11 19:54:26 ----D---- C:\Program Files\Microsoft Office
2013-02-11 19:54:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2013-02-11 19:54:04 ----RHD---- C:\MSOCache
2013-02-11 19:50:20 ----HDC---- C:\WINDOWS\ie8
2013-02-11 19:50:19 ----A---- C:\WINDOWS\system32\msdbg2.dll
2013-02-11 19:49:41 ----A---- C:\WINDOWS\system32\drivers\L8042Kbd.sys
2013-02-11 19:45:59 ----D---- C:\Program Files\Java
2013-02-11 19:45:58 ----D---- C:\Program Files\Common Files\Java
2013-02-11 19:45:54 ----D---- C:\Documents and Settings\Georg\Data aplikací\Sun
2013-02-11 19:44:11 ----D---- C:\Documents and Settings
2013-02-11 19:44:10 ----SHD---- C:\System Volume Information
2013-02-11 19:44:09 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-02-11 19:42:53 ----SH---- C:\boot.ini
2013-02-11 19:42:25 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2013-02-11 19:41:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-02-11 19:41:12 ----SD---- C:\Documents and Settings\Georg\Data aplikací\Microsoft
2013-02-11 19:41:12 ----ASH---- C:\Documents and Settings\Georg\Data aplikací\desktop.ini
2013-02-11 19:39:53 ----D---- C:\WINDOWS\IIS Temporary Compressed Files
2013-02-11 19:38:41 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-02-11 19:38:41 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-11 19:38:41 ----RSD---- C:\WINDOWS\Fonts
2013-02-11 19:38:41 ----RD---- C:\WINDOWS\Web
2013-02-11 19:38:41 ----HD---- C:\WINDOWS\inf
2013-02-11 19:38:41 ----D---- C:\WINDOWS\WinSxS
2013-02-11 19:38:41 ----D---- C:\WINDOWS\WBEM
2013-02-11 19:38:41 ----D---- C:\WINDOWS\twain_32
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Temp
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\wins
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\wbem
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\usmt
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\spool
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\ShellExt
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\Setup
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\ras
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\oobe
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\npp
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\mui
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\inetsrv
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\IME
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\icsxml
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\ias
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\export
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\drivers\etc
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\drivers\disdn
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\drivers
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\dhcp
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\cs-cz
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\cs
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\config
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\3com_dmi
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\3076
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\2052
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1054
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1042
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1041
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1037
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1033
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1031
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1029
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1028
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32\1025
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system32
2013-02-11 19:38:41 ----D---- C:\WINDOWS\system
2013-02-11 19:38:41 ----D---- C:\WINDOWS\SoftwareDistribution
2013-02-11 19:38:41 ----D---- C:\WINDOWS\security
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Resources
2013-02-11 19:38:41 ----D---- C:\WINDOWS\repair
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Provisioning
2013-02-11 19:38:41 ----D---- C:\WINDOWS\pchealth
2013-02-11 19:38:41 ----D---- C:\WINDOWS\PeerNet
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Offline Web Pages
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Network Diagnostic
2013-02-11 19:38:41 ----D---- C:\WINDOWS\mui
2013-02-11 19:38:41 ----D---- C:\WINDOWS\msapps
2013-02-11 19:38:41 ----D---- C:\WINDOWS\msagent
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Media
2013-02-11 19:38:41 ----D---- C:\WINDOWS\L2Schemas
2013-02-11 19:38:41 ----D---- C:\WINDOWS\java
2013-02-11 19:38:41 ----D---- C:\WINDOWS\ime
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Help
2013-02-11 19:38:41 ----D---- C:\WINDOWS\ehome
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Driver Cache
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Debug
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Cursors
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Connection Wizard
2013-02-11 19:38:41 ----D---- C:\WINDOWS\Config
2013-02-11 19:38:41 ----D---- C:\WINDOWS\AppPatch
2013-02-11 19:38:41 ----D---- C:\WINDOWS\addins
2013-02-11 19:38:41 ----D---- C:\WINDOWS
2013-02-11 19:38:41 ----ASH---- C:\pagefile.sys
2013-02-11 19:37:51 ----AS---- C:\WINDOWS\bootstat.dat
2013-02-11 19:35:50 ----D---- C:\WINDOWS\system32\xircom
2013-02-11 19:35:50 ----D---- C:\Program Files\xerox
2013-02-11 19:35:50 ----D---- C:\Program Files\microsoft frontpage
2013-02-11 19:35:24 ----D---- C:\Program Files\Microsoft Games
2013-02-11 19:35:14 ----N---- C:\WINDOWS\system32\Xpize.scr
2013-02-11 19:35:14 ----N---- C:\WINDOWS\system32\Vista Media.scr
2013-02-11 19:35:14 ----D---- C:\Program Files\Vista Components
2013-02-11 19:35:14 ----A---- C:\WINDOWS\system32\ribbons.scr
2013-02-11 19:35:14 ----A---- C:\WINDOWS\system32\Mystify.scr
2013-02-11 19:35:14 ----A---- C:\WINDOWS\system32\bubbles.scr
2013-02-11 19:35:13 ----A---- C:\WINDOWS\system32\aurora.scr
2013-02-11 19:34:58 ----D---- C:\Program Files\Alky for Applications
2013-02-11 19:33:10 ----D---- C:\WINDOWS\system32\URTTemp
2013-02-11 19:33:05 ----RSD---- C:\WINDOWS\assembly
2013-02-11 19:32:19 ----D---- C:\Program Files\Microsoft Silverlight
2013-02-11 19:30:42 ----D---- C:\WINDOWS\system32\PreInstall
2013-02-11 19:30:17 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-11 19:30:12 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-02-11 19:30:12 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2013-02-11 19:29:53 ----RASH---- C:\MSDOS.SYS
2013-02-11 19:29:53 ----RASH---- C:\IO.SYS
2013-02-11 19:29:53 ----A---- C:\WINDOWS\control.ini
2013-02-11 19:29:53 ----A---- C:\CONFIG.SYS
2013-02-11 19:29:53 ----A---- C:\AUTOEXEC.BAT
2013-02-11 19:29:37 ----A---- C:\WINDOWS\system32\mapi32.dll
2013-02-11 19:27:34 ----D---- C:\Program Files\Online Services
2013-02-11 19:27:08 ----D---- C:\WINDOWS\system32\DirectX
2013-02-11 19:26:57 ----A---- C:\WINDOWS\system32\atrace.dll
2013-02-11 19:26:54 ----A---- C:\WINDOWS\system32\desktop.ini
2013-02-11 19:26:53 ----A---- C:\WINDOWS\desktop.ini
2013-02-11 19:26:44 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2013-02-11 19:26:42 ----A---- C:\WINDOWS\system32\acctres.dll
2013-02-11 19:26:41 ----D---- C:\Program Files\Common Files\Services
2013-02-11 19:26:36 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2013-02-11 19:26:35 ----D---- C:\Program Files\Common Files\MSSoap
2013-02-11 19:26:29 ----D---- C:\WINDOWS\srchasst
2013-02-11 19:26:28 ----D---- C:\WINDOWS\system32\Macromed
2013-02-11 19:26:24 ----A---- C:\WINDOWS\system32\wuweb.dll
2013-02-11 19:26:24 ----A---- C:\WINDOWS\system32\wucltui.dll
2013-02-11 19:26:24 ----A---- C:\WINDOWS\system32\wuauserv.dll
2013-02-11 19:26:24 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2013-02-11 19:26:23 ----A---- C:\WINDOWS\system32\wups.dll
2013-02-11 19:26:23 ----A---- C:\WINDOWS\system32\wuaueng.dll
2013-02-11 19:26:23 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2013-02-11 19:26:23 ----A---- C:\WINDOWS\system32\wuauclt.exe
2013-02-11 19:26:23 ----A---- C:\WINDOWS\system32\wuapi.dll
2013-02-11 19:26:22 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2013-02-11 19:26:22 ----A---- C:\WINDOWS\system32\qmgr.dll
2013-02-11 19:26:22 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2013-02-11 19:26:22 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2013-02-11 19:26:22 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2013-02-11 19:25:48 ----A---- C:\WINDOWS\system32\safrslv.dll
2013-02-11 19:25:48 ----A---- C:\WINDOWS\system32\safrdm.dll
2013-02-11 19:25:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2013-02-11 19:25:48 ----A---- C:\WINDOWS\system32\racpldlg.dll
2013-02-11 19:25:44 ----A---- C:\WINDOWS\system32\fltlib.dll
2013-02-11 19:25:43 ----D---- C:\WINDOWS\system32\Restore
2013-02-11 19:25:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2013-02-11 19:25:43 ----A---- C:\WINDOWS\system32\fltMc.exe
2013-02-11 19:25:43 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2013-02-11 19:25:42 ----A---- C:\WINDOWS\system32\srsvc.dll
2013-02-11 19:25:42 ----A---- C:\WINDOWS\system32\srclient.dll
2013-02-11 19:25:42 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2013-02-11 19:25:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2013-02-11 19:25:41 ----A---- C:\WINDOWS\system32\mnmdd.dll
2013-02-11 19:25:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2013-02-11 19:25:41 ----A---- C:\WINDOWS\system32\ils.dll
2013-02-11 19:25:40 ----A---- C:\WINDOWS\system32\msconf.dll
2013-02-11 19:25:40 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2013-02-11 19:25:37 ----D---- C:\Program Files\NetMeeting
2013-02-11 19:25:36 ----A---- C:\WINDOWS\system32\msoert2.dll
2013-02-11 19:25:36 ----A---- C:\WINDOWS\system32\msoeacct.dll
2013-02-11 19:25:35 ----A---- C:\WINDOWS\system32\inetres.dll
2013-02-11 19:25:34 ----A---- C:\WINDOWS\system32\inetcomm.dll
2013-02-11 19:25:32 ----D---- C:\Program Files\Outlook Express
2013-02-11 19:25:32 ----A---- C:\WINDOWS\system32\schedsvc.dll
2013-02-11 19:25:32 ----A---- C:\WINDOWS\system32\mstinit.exe
2013-02-11 19:25:32 ----A---- C:\WINDOWS\system32\mstask.dll
2013-02-11 19:25:31 ----A---- C:\WINDOWS\system32\isign32.dll
2013-02-11 19:25:31 ----A---- C:\WINDOWS\system32\inetcfg.dll
2013-02-11 19:25:31 ----A---- C:\WINDOWS\system32\icwphbk.dll
2013-02-11 19:25:31 ----A---- C:\WINDOWS\system32\icwdial.dll
2013-02-11 19:25:21 ----D---- C:\Program Files\Common Files\System
2013-02-11 19:25:20 ----D---- C:\Program Files\Internet Explorer
2013-02-11 19:24:41 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2013-02-11 19:24:32 ----A---- C:\WINDOWS\vbaddin.ini
2013-02-11 19:24:32 ----A---- C:\WINDOWS\vb.ini
2013-02-11 19:24:28 ----D---- C:\WINDOWS\Registration
2013-02-11 19:24:22 ----SD---- C:\WINDOWS\system32\Microsoft
2013-02-11 19:24:22 ----D---- C:\WINDOWS\system32\Cache
2013-02-11 19:22:34 ----D---- C:\Program Files\VistaExperience.org
2013-02-11 19:20:42 ----D---- C:\Program Files\Windows Sidebar
2013-02-11 19:20:30 ----A---- C:\WINDOWS\system32\wpgldfsh.scr
2013-02-11 19:20:29 ----A---- C:\WINDOWS\system32\space.scr
2013-02-11 19:20:28 ----A---- C:\WINDOWS\system32\nature.scr
2013-02-11 19:20:28 ----A---- C:\WINDOWS\system32\mypixdx.scr
2013-02-11 19:20:27 ----A---- C:\WINDOWS\system32\davinci.scr
2013-02-11 19:20:06 ----D---- C:\Program Files\Windows Plus
2013-02-11 19:19:55 ----A---- C:\WINDOWS\system32\drivers\pxhelp20.sys
2013-02-11 19:19:49 ----D---- C:\Program Files\Windows Media Connect 2
2013-02-11 19:19:05 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-11 19:19:00 ----A---- C:\WINDOWS\system32\drivers\mhndrv.sys
2013-02-11 19:19:00 ----A---- C:\WINDOWS\system32\Bliss.scr
2013-02-11 19:18:15 ----D---- C:\Program Files\Windows Media Player
2013-02-11 19:18:15 ----D---- C:\Program Files\Movie Maker
2013-02-11 19:18:14 ----A---- C:\WINDOWS\system32\mhn.dll
2013-02-11 19:18:14 ----A---- C:\WINDOWS\system32\igdetect.dll
2013-02-11 19:17:23 ----D---- C:\Program Files\Messenger
2013-02-11 19:17:18 ----A---- C:\WINDOWS\system32\w3svapi.dll
2013-02-11 19:17:18 ----A---- C:\WINDOWS\system32\w3ctrs.ini
2013-02-11 19:17:18 ----A---- C:\WINDOWS\system32\w3ctrs.dll
2013-02-11 19:17:18 ----A---- C:\WINDOWS\system32\axperf.ini
2013-02-11 19:17:18 ----A---- C:\WINDOWS\system32\aspperf.dll
2013-02-11 19:17:17 ----A---- C:\WINDOWS\system32\wamregps.dll
2013-02-11 19:17:17 ----A---- C:\WINDOWS\system32\iisrstap.dll
2013-02-11 19:17:17 ----A---- C:\WINDOWS\system32\iisreset.exe
2013-02-11 19:17:17 ----A---- C:\WINDOWS\system32\ftpsapi2.dll
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\infoctrs.ini
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\infoctrs.dll
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\inetsloc.dll
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\iismui.dll
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\convlog.exe
2013-02-11 19:17:16 ----A---- C:\WINDOWS\system32\admxprox.dll
2013-02-11 19:17:11 ----D---- C:\Program Files\MSN Gaming Zone
2013-02-11 19:17:11 ----A---- C:\WINDOWS\system32\write.exe
2013-02-11 19:16:53 ----A---- C:\WINDOWS\system32\sndvol32.exe
2013-02-11 19:16:53 ----A---- C:\WINDOWS\system32\hticons.dll
2013-02-11 19:16:52 ----A---- C:\WINDOWS\system32\avwav.dll
2013-02-11 19:16:52 ----A---- C:\WINDOWS\system32\avtapi.dll
2013-02-11 19:16:52 ----A---- C:\WINDOWS\system32\avmeter.dll
2013-02-11 19:16:51 ----A---- C:\WINDOWS\system32\winchat.exe
2013-02-11 19:16:39 ----A---- C:\WINDOWS\system32\charmap.exe
2013-02-11 19:16:39 ----A---- C:\WINDOWS\system32\getuname.dll
2013-02-11 19:16:38 ----A---- C:\WINDOWS\system32\sol.exe
2013-02-11 19:16:37 ----A---- C:\WINDOWS\system32\winmine.exe
2013-02-11 19:16:37 ----A---- C:\WINDOWS\system32\mshearts.exe
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\tslabels.ini
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\tskill.exe
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\reset.exe
2013-02-11 19:16:36 ----A---- C:\WINDOWS\system32\freecell.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\tscon.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\shadow.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\rwinsta.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\regini.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\qwinsta.exe
2013-02-11 19:16:35 ----A---- C:\WINDOWS\system32\qappsrv.exe
2013-02-11 19:16:34 ----A---- C:\WINDOWS\system32\msg.exe
2013-02-11 19:16:34 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2013-02-11 19:16:34 ----A---- C:\WINDOWS\system32\logoff.exe
2013-02-11 19:16:34 ----A---- C:\WINDOWS\system32\cdmodem.dll
2013-02-11 19:16:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2013-02-11 19:16:21 ----A---- C:\WINDOWS\system32\smtpapi.dll
2013-02-11 19:16:21 ----A---- C:\WINDOWS\system32\rwnh.dll
2013-02-11 19:16:20 ----A---- C:\WINDOWS\system32\infoadmn.dll
2013-02-11 19:16:20 ----A---- C:\WINDOWS\system32\iismap.dll
2013-02-11 19:16:20 ----A---- C:\WINDOWS\system32\iisext.dll
2013-02-11 19:16:20 ----A---- C:\WINDOWS\system32\exstrace.dll
2013-02-11 19:16:20 ----A---- C:\WINDOWS\system32\adsiis.dll
2013-02-11 19:16:19 ----A---- C:\WINDOWS\system32\iisRtl.dll
2013-02-11 19:16:19 ----A---- C:\WINDOWS\system32\admwprox.dll
2013-02-11 19:16:17 ----A---- C:\WINDOWS\system32\staxmem.dll
2013-02-11 19:16:16 ----A---- C:\WINDOWS\system32\accwiz.exe
2013-02-11 19:16:15 ----A---- C:\WINDOWS\system32\sndrec32.exe
2013-02-11 19:16:15 ----A---- C:\WINDOWS\system32\mplay32.exe
2013-02-11 19:16:15 ----A---- C:\WINDOWS\system32\hypertrm.dll
2013-02-11 19:16:12 ----D---- C:\Program Files\Windows NT
2013-02-11 19:16:12 ----A---- C:\WINDOWS\system32\clipbrd.exe
2013-02-11 19:16:11 ----A---- C:\WINDOWS\system32\spider.exe
2013-02-11 19:16:10 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2013-02-11 19:16:10 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2013-02-11 19:16:10 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2013-02-11 19:16:10 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2013-02-11 19:16:09 ----A---- C:\WINDOWS\system32\tsgqec.dll
2013-02-11 19:16:09 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2013-02-11 19:16:09 ----A---- C:\WINDOWS\system32\aaclient.dll
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\sessmgr.exe
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\rdshost.exe
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2013-02-11 19:16:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\rdchost.dll
2013-02-11 19:16:07 ----A---- C:\WINDOWS\system32\qprocess.exe
2013-02-11 19:16:06 ----D---- C:\WINDOWS\system32\MsDtc
2013-02-11 19:16:06 ----A---- C:\WINDOWS\system32\mtxoci.dll
2013-02-11 19:16:06 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2013-02-11 19:16:06 ----A---- C:\WINDOWS\system32\icaapi.dll
2013-02-11 19:16:06 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2013-02-11 19:16:05 ----A---- C:\WINDOWS\system32\xolehlp.dll
2013-02-11 19:16:05 ----A---- C:\WINDOWS\system32\msdtctm.dll
2013-02-11 19:16:05 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2013-02-11 19:16:05 ----A---- C:\WINDOWS\system32\msdtclog.dll
2013-02-11 19:16:05 ----A---- C:\WINDOWS\system32\msdtc.exe
2013-02-11 19:16:04 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2013-02-11 19:16:04 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2013-02-11 19:16:03 ----D---- C:\WINDOWS\system32\Com
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\stclient.dll
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\mtxex.dll
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\mtxdm.dll
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\comrepl.dll
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\comaddin.dll
2013-02-11 19:16:03 ----A---- C:\WINDOWS\system32\colbact.dll
2013-02-11 19:16:02 ----A---- C:\WINDOWS\system32\comsvcs.dll
2013-02-11 19:16:02 ----A---- C:\WINDOWS\system32\clbcatex.dll
2013-02-11 19:16:02 ----A---- C:\WINDOWS\system32\catsrvut.dll
2013-02-11 19:16:02 ----A---- C:\WINDOWS\system32\catsrvps.dll
2013-02-11 19:16:02 ----A---- C:\WINDOWS\system32\catsrv.dll
2013-02-11 19:16:01 ----A---- C:\WINDOWS\system32\comuid.dll
2013-02-11 19:16:01 ----A---- C:\WINDOWS\system32\comsnap.dll
2013-02-11 19:16:01 ----A---- C:\WINDOWS\system32\clbcatq.dll
2013-02-11 19:15:53 ----A---- C:\WINDOWS\system32\servdeps.dll
2013-02-11 19:15:52 ----A---- C:\WINDOWS\system32\mmfutil.dll
2013-02-11 19:15:52 ----A---- C:\WINDOWS\system32\licwmi.dll
2013-02-11 19:15:52 ----A---- C:\WINDOWS\system32\cmprops.dll
2013-02-11 19:15:46 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2013-02-11 19:15:46 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2013-02-11 19:15:45 ----D---- C:\WINDOWS\system32\Logfiles
2013-02-11 19:15:45 ----D---- C:\Inetpub
2013-02-11 19:05:06 ----A---- C:\WINDOWS\msicpl.ini
2013-02-11 18:49:09 ----D---- C:\WINDOWS\nview
2013-02-11 18:49:08 ----A---- C:\WINDOWS\system32\nvudisp.exe
2013-02-11 18:48:36 ----RA---- C:\WINDOWS\system32\MadCHook.dll
2013-02-11 18:48:35 ----RA---- C:\WINDOWS\system32\smdll.dll
2013-02-11 18:48:33 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2013-02-11 18:48:30 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2013-02-11 18:48:27 ----RA---- C:\WINDOWS\system32\HookMAp.dll
2013-02-11 18:48:27 ----RA---- C:\WINDOWS\system32\Auxiliary.dll
2013-02-11 18:48:26 ----RA---- C:\WINDOWS\system32\HookShield.dll
2013-02-11 18:48:25 ----RA---- C:\WINDOWS\system32\sysinfoX64.sys
2013-02-11 18:48:25 ----RA---- C:\WINDOWS\system32\sysinfo.sys
2013-02-11 18:48:25 ----RA---- C:\WINDOWS\system32\sysinfo.dll
2013-02-11 18:48:24 ----RA---- C:\WINDOWS\system32\WinSys2.exe
2013-02-11 18:48:24 ----RA---- C:\WINDOWS\system32\WinSys.exe
2013-02-11 18:48:23 ----RA---- C:\WINDOWS\system32\sw24.exe
2013-02-11 18:48:23 ----RA---- C:\WINDOWS\system32\sw20.exe
2013-02-11 18:48:22 ----RA---- C:\WINDOWS\system32\Nvgpio.dll
2013-02-11 18:48:20 ----RA---- C:\WINDOWS\system32\msicpl.dll
2013-02-11 18:47:01 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2013-02-11 18:46:21 ----A---- C:\WINDOWS\NeroDigital.ini
2013-02-11 18:42:55 ----SHD---- C:\RECYCLER
2013-02-11 18:36:47 ----D---- C:\Documents and Settings\Georg\Data aplikací\Skype
2013-02-11 18:33:47 ----RA---- C:\WINDOWS\system32\drivers\Rtnicxp.sys
2013-02-11 18:33:45 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-02-11 18:33:44 ----RA---- C:\WINDOWS\system32\drivers\Rtenicxp.sys
2013-02-11 18:33:27 ----D---- C:\Program Files\Common Files\Skype
2013-02-11 18:33:04 ----RD---- C:\Program Files\Skype
2013-02-11 18:32:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-02-11 18:08:18 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2013-02-11 18:08:13 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2013-02-11 18:08:08 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2013-02-11 18:08:03 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2013-02-11 18:07:58 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2013-02-11 18:07:53 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2013-02-11 18:07:49 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2013-02-11 18:07:40 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2013-02-11 18:07:33 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2013-02-11 18:07:28 ----R---- C:\WINDOWS\system32\ChCfg.exe
2013-02-11 18:07:28 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2013-02-11 18:07:22 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2013-02-11 18:06:47 ----D---- C:\WINDOWS\system32\RTCOM
2013-02-11 18:06:28 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-02-11 18:06:28 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2013-02-11 18:06:19 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2013-02-11 18:06:08 ----R---- C:\WINDOWS\SoundMan.exe
2013-02-11 18:06:07 ----R---- C:\WINDOWS\SkyTel.exe
2013-02-11 18:06:04 ----R---- C:\WINDOWS\RtlUpd.exe
2013-02-11 18:05:56 ----R---- C:\WINDOWS\RTLCPL.exe
2013-02-11 18:05:44 ----R---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2013-02-11 18:05:36 ----R---- C:\WINDOWS\RTHDCPL.exe
2013-02-11 18:05:19 ----R---- C:\WINDOWS\MicCal.exe
2013-02-11 18:05:10 ----R---- C:\WINDOWS\Alcmtr.exe
2013-02-11 18:05:07 ----R---- C:\WINDOWS\alcwzrd.exe
2013-02-11 18:05:01 ----D---- C:\Program Files\Realtek
2013-02-11 18:04:18 ----A---- C:\WINDOWS\HideWin.exe
2013-02-11 18:04:17 ----R---- C:\WINDOWS\RtlExUpd.dll
======List of files/folders modified in the last 1 month======
2013-02-23 22:23:47 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2013-02-14 21:12:17 ----A---- C:\WINDOWS\win.ini
2013-02-11 20:08:44 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-01-20 195296]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-05-12 20576]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-09-23 77568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-02-23 242240]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2008-11-05 22784]
R3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2008-11-05 19200]
R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2008-11-05 5376]
R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2008-11-05 4992]
R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2008-11-05 10112]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-22 4432384]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-06-28 6807328]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 rt2870;TP-LINK Wireless USB Adapter; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2010-06-25 827488]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 GMSIPCI;GMSIPCI; \??\K:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-12-16 51120]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-22 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-12-16 21744]
S3 MHNDRV;Ovladač platformy MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-12-14 85120]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-04-14 94592]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-09-23 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-09-23 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2008-11-05 58880]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ehRecvr;Služba přijímače aplikace Media Center; C:\WINDOWS\eHome\ehRecvr.exe [2008-10-10 238592]
R2 ehSched;Služba plánování aplikace Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-02-22 170912]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-01-27 20456]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624]
R2 W3SVC;Publikování na webu; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-28 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-10 136120]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-06 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-06-28 155716]
-----------------EOF-----------------
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
pote spustte aplikaci pod uctem s administratorskym opravnenim
hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.
v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se
jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine
aplikace ani nic jineho
behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)
upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,
pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k
nezadoucim kolizim s rezidentem antispyware
Kód: Vybrat vše
ComboFix 13-02-26.01 - Georg 28.02.2013 18:42:16.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.658 [GMT 4,5:30]
Spuštěný z: c:\documents and settings\Georg\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\msmqinst.log
c:\windows\regopt.log
c:\windows\system32\Cache
c:\windows\system32\TZLog.log
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 13:44 . 2013-02-28 13:44 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2008-04-14 07:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 11:29 . 2012-03-20 16:14 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-07 07:24 . 2008-10-19 06:37 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 07:23 . 2008-08-14 12:56 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 10:09 . 2008-10-17 14:02 1876224 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2008-10-27 00:01 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2008-10-16 19:33 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2008-09-22 15:47 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2008-10-16 19:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2008-09-22 15:46 385024 ------w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2008-04-14 07:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 21:37 . 2012-12-12 21:37 4472832 ----a-w- c:\windows\system32\GPhotos.scr
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-10-19 06:35 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-10-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-10-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-10-19 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
[-] 2008-10-19 . 0AB43CE7EFFAD6B4914AE3C1B489AAA1 . 66560 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-11-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"ICQ"="f:\programy\ICQ7M\ICQ.exe" [2013-02-23 127040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-11-05 77312]
"DrvIcon"="c:\program files\Vista Components\Vista Drive Icon\DrvIcon.exe" [2007-07-04 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"WinSys2"="c:\windows\system32\winsys2.exe" [2006-04-29 208896]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-02 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-10-19 66560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\Georg\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Georg\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"f:\\Programy\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"f:\\gry\\Far Cry 2\\bin\\FarCry2.exe"=
"f:\\gry\\Far Cry 2\\bin\\FC2Launcher.exe"=
"f:\\gry\\Far Cry 2\\bin\\FC2Editor.exe"=
"f:\\gry\\WOT\\WorldOfTanks.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"f:\\gry\\Bin32\\Crysis.exe"=
"f:\\gry\\Bin32\\CrysisDedicatedServer.exe"=
"f:\\gry\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [23.2.2013 16:00 242240]
R1 MpKslbc32cdaf;MpKslbc32cdaf;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{961386A4-F643-4B43-A9BC-3839FEB7716D}\MpKslbc32cdaf.sys [28.2.2013 18:37 29904]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [28.2.2013 0:43 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [28.2.2013 0:43 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [28.2.2013 0:43 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLBC32CDAF
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 00:02 128512 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 21:15]
.
2013-02-28 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-02-27 09:38]
.
2013-02-28 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 06:41]
.
2013-02-28 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 06:41]
.
2013-02-27 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-02-27 09:37]
.
2013-02-27 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-02-27 09:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN25065539521379717&ctid=CT3176921
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - f:\programy\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 193.179.143.3 193.179.143.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Sidebar - c:\program files\Windows Sidebar\sidebar.exe
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F} - e:\getdataback for ntfs\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 18:48
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0a,df,5a,d9,0e,be,f8,d7,e3,6e,b5,ad,b7,34,32,60,12,b2,df,8c,c2,8d,3c,
e0,b8,5c,54,de,3a,e6,57,82,4a,aa,a2,74,38,7c,92,fc,37,6d,aa,ad,a4,ad,0f,a9,\
"??"=hex:67,0c,0f,a2,c2,cc,a3,ad,92,cb,96,41,c8,88,7c,78
.
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\SecuROM\License information*]
"datasecu"=hex:1f,00,70,96,95,e8,5c,2a,87,49,a9,08,30,e1,b4,25,f1,d0,62,59,9c,
d6,53,eb,83,93,90,5b,c9,cf,43,f4,a0,da,0c,51,91,b7,4a,d9,ca,c4,c8,fa,b6,a6,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(700)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(756)
c:\windows\system32\setupapi.dll
.
Celkový čas: 2013-02-28 18:50:29
ComboFix-quarantined-files.txt 2013-02-28 14:20
.
Před spuštěním: 4 981 137 408
Po spuštění: 5 056 077 824
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - FFE8ECAE2D28003425229E01724CBA2E
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se psutí a vykoná příkazy ze skriptu.KillAll::
Collect::
c:\windows\system32\winsys2.exe
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"=-
Regnull::
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\SecuROM\License information*]
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
Reboot::
Kód: Vybrat vše
ComboFix 13-02-26.01 - Georg 28.02.2013 20:15:21.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.609 [GMT 4,5:30]
Spuštěný z: c:\documents and settings\Georg\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Georg\Plocha\CFScript.txt..txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
file zipped: c:\windows\system32\winsys2.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-28 do 2013-02-28 )))))))))))))))))))))))))))))))
.
.
2013-02-28 13:44 . 2013-02-28 13:44 -------- d-----w- C:\rsit
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-26 03:55 . 2008-04-14 07:51 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 11:29 . 2012-03-20 16:14 195296 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-07 07:24 . 2008-10-19 06:37 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 07:23 . 2008-08-14 12:56 2029568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 10:09 . 2008-10-17 14:02 1876224 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2008-10-27 00:01 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:20 . 2008-10-16 19:33 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:19 . 2008-09-22 15:47 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:19 . 2008-10-16 19:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40 . 2008-09-22 15:46 385024 ------w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2008-04-14 07:37 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-12 21:37 . 2012-12-12 21:37 4472832 ----a-w- c:\windows\system32\GPhotos.scr
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-10-19 06:35 . A825F4181AEC077D8DCA1053DC015265 . 1542656 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
.
[-] 2008-10-19 . 12A799AD9415AE9C8ABCC5F75E9CF034 . 557056 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
.
[-] 2008-10-19 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
.
[-] 2008-10-19 . DD7E25E20AEBD672DAE7E1D911C2D824 . 1589760 . . [6.00.2900.5512] . . c:\windows\explorer.exe
.
[-] 2008-04-14 . C2DCB09A1EA98F248DD9A5DE195B3DF3 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
.
[-] 2008-10-19 . 0AB43CE7EFFAD6B4914AE3C1B489AAA1 . 66560 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
.
[-] 2008-11-05 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"ICQ"="f:\programy\ICQ7M\ICQ.exe" [2013-02-23 127040]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-10-19 66560]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2008-11-05 77312]
"DrvIcon"="c:\program files\Vista Components\Vista Drive Icon\DrvIcon.exe" [2007-07-04 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 947152]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 16377344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-06-28 8466432]
"nwiz"="nwiz.exe" [2007-06-28 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-06-28 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-12-19 41208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-02 946352]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-10-19 66560]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
c:\documents and settings\Georg\Nabídka Start\Programy\Po spuštění\
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Georg\\Data aplikací\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"f:\\Programy\\ICQ7M\\ICQ.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"f:\\gry\\Far Cry 2\\bin\\FarCry2.exe"=
"f:\\gry\\Far Cry 2\\bin\\FC2Launcher.exe"=
"f:\\gry\\Far Cry 2\\bin\\FC2Editor.exe"=
"f:\\gry\\WOT\\WorldOfTanks.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"f:\\gry\\Bin32\\Crysis.exe"=
"f:\\gry\\Bin32\\CrysisDedicatedServer.exe"=
"f:\\gry\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [23.2.2013 16:00 242240]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [28.2.2013 0:43 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [28.2.2013 0:43 1369624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [28.2.2013 0:43 168384]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [8.1.2013 12:55 161536]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{D58F39FF-953E-4F45-898F-59F243B9A523}]
2009-03-08 00:02 128512 ----a-w- c:\windows\system32\advpack.dll
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 21:15]
.
2013-02-28 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-02-27 09:38]
.
2013-02-28 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 06:41]
.
2013-02-28 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-01-27 06:41]
.
2013-02-27 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-02-27 09:37]
.
2013-02-27 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-02-27 09:37]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN25065539521379717&ctid=CT3176921
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - f:\programy\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 193.179.143.3 193.179.143.5
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-28 20:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-746137067-854245398-1547161642-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(760)
c:\windows\system32\setupapi.dll
.
- - - - - - - > 'explorer.exe'(3148)
c:\windows\system32\SHDOCVW.dll
c:\windows\system32\COMRes.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\arservice.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\windows\system32\HPZipm12.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\windows\ARPWRMSG.EXE
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Celkový čas: 2013-02-28 20:27:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-28 15:57
ComboFix2.txt 2013-02-28 14:20
.
Před spuštěním: 5 054 259 200
Po spuštění: 5 049 020 416
.
- - End Of File - - 70C4881307A61C60CAB9329A0ED20059
Nahr nˇ probŘhlo ŁspŘçnŘ
Kód: Vybrat vše
----------------------------------------------------------------------------
CrystalDiskInfo 5.4.0 Shizuku Edition (C) 2008-2013 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows XP Media Center 2005 SP3 [5.1 Build 2600] (x86)
Date : 2013/02/28 23:02:50
-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ Primární kanál IDE (0)
- HL-DT-ST DVD-RAM GSA-H55N
- Maxtor 6E040L0
- Sekundární kanál IDE (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- Primární kanál IDE (0)
+ Sekundární kanál IDE (1)
- WDC WD2500JS-22NCB1
-- Disk List ---------------------------------------------------------------
(1) Maxtor 6E040L0 : 41,1 GB [0/0/0, pd1]
(2) WDC WD2500JS-22NCB1 : 250,0 GB [1/2/1, pd1] - wd
----------------------------------------------------------------------------
(1) Maxtor 6E040L0
----------------------------------------------------------------------------
Model : Maxtor 6E040L0
Firmware : NAR61590
Serial Number : E16D1NPE
Disk Size : 41,1 GB (8,4/41,1/----)
Buffer Size : 2048 KB
Queue Depth : 1
# of Sectors : 80293248
Rotation Rate : Neznámy údaj
Interface : Parallel ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA/ATAPI-7 T13 1532D version 0
Transfer Mode : Ultra DMA/133
Power On Hours : 612 hod. (?)
Power On Count : 3428 krát
Temparature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM
APM Level : 0000h [OFF]
AAM Level : C0FEh [ON]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
03 219 218 _63 000000003596 Čas na roztočení ploten
04 252 252 __0 000000000E40 Počet spuštění/zastavení
05 253 253 _63 000000000000 Počet přemapovaných sektorů
06 253 253 100 000000000000 Počet dosáhnutí konce při čtení
07 253 252 __0 000000000000 Počet chybných hledání
08 253 237 187 000000008375 Čas potřebný na vyhledání
09 201 201 __0 000000008FA2 Hodin v činnosti
0A 253 251 157 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 253 252 223 000000000000 Počet pokusů o překalibrování
0C 245 245 __0 000000000D64 Počet cyklů zapnutí zařízení
C0 250 250 __0 000000000C4D Počet vypnutí disku
C1 249 249 __0 000000004D0B Počet cyklů načítání/vymazání
C2 253 253 __0 00000000002C Teplota
C3 253 252 __0 000000000485 Počet oprav chybného čtení
C4 253 253 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 253 253 __0 000000000000 Počet podezřelých sektorů
C6 253 253 __0 000000000000 Počet neopravitelných sektorů
C7 199 199 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 253 252 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 252 __0 000000000000 Počet chyb při čtení programů z disku
CA 253 252 __0 000000000000 Počet chyb při směrování údajů
CB 253 252 180 000000000000 Počet chyb v kódech na opravu chyb
CC 253 252 __0 000000000000 Počet softvérově opravených chyb v opravných kódech
CD 253 252 __0 000000000000 Počet chyb způsobených vysokou teplotou
CF 253 251 __0 000000000000 Množství napětí potřebného na roztočení disku
D0 253 252 __0 000000000000 Počet vyslaných impulzů na roztočení disku při nedostatečném napájení
D1 188 184 __0 000000000000 Výkon při vyhledávaní na disku při interních testech disku
63 253 253 __0 000000000000 Neznámý
64 253 253 __0 000000000000 Neznámý
65 253 253 __0 000000000000 Neznámý
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 4531 3644 314E 5045 2020 2020 2020 2020 2020 2020
020: 0003 1000 0039 4E41 5236 3135 3930 4D61 7874 6F72
030: 2036 4530 3430 4C30 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: 2D80 04C9 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 00FE 001E 7C6B 7B09 4003 7C69 3A01 4003 207F 0000
090: 0000 0000 FFFE 603B C0FE 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 36A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 27 00 DB DA 96 35 00 00 00 00 00 04 32
010: 00 FC FC 40 0E 00 00 00 00 00 05 33 00 FD FD 00
020: 00 00 00 00 00 00 06 01 00 FD FD 00 00 00 00 00
030: 00 00 07 0A 00 FD FC 00 00 00 00 00 00 00 08 27
040: 00 FD ED 75 83 00 00 00 00 00 09 32 00 C9 C9 A2
050: 8F 00 00 00 00 00 0A 2B 00 FD FB 00 00 00 00 00
060: 00 00 0B 2B 00 FD FC 00 00 00 00 00 00 00 0C 32
070: 00 F5 F5 64 0D 00 00 00 00 00 C0 32 00 FA FA 4D
080: 0C 00 00 00 00 00 C1 32 00 F9 F9 0B 4D 00 00 00
090: 00 00 C2 32 00 FD FD 2C 00 00 00 00 00 00 C3 0A
0A0: 00 FD FC 85 04 00 00 00 00 00 C4 08 00 FD FD 00
0B0: 00 00 00 00 00 00 C5 08 00 FD FD 00 00 00 00 00
0C0: 00 00 C6 08 00 FD FD 00 00 00 00 00 00 00 C7 08
0D0: 00 C7 C7 00 00 00 00 00 00 00 C8 0A 00 FD FC 00
0E0: 00 00 00 00 00 00 C9 0A 00 FD FC 00 00 00 00 00
0F0: 00 00 CA 0A 00 FD FC 00 00 00 00 00 00 00 CB 0B
100: 00 FD FC 00 00 00 00 00 00 00 CC 0A 00 FD FC 00
110: 00 00 00 00 00 00 CD 0A 00 FD FC 00 00 00 00 00
120: 00 00 CF 2A 00 FD FB 00 00 00 00 00 00 00 D0 2A
130: 00 FD FC 00 00 00 00 00 00 00 D1 24 00 BC B8 00
140: 00 00 00 00 00 00 63 04 00 FD FD 00 00 00 00 00
150: 00 00 64 04 00 FD FD 00 00 00 00 00 00 00 65 04
160: 00 FD FD 00 00 00 00 00 00 00 82 00 FD 03 01 5B
170: 03 00 01 00 02 11 00 00 00 00 00 00 00 00 00 00
180: 00 00 3B 00 00 00 30 FC CF 03 29 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 2C 00 53 FB AC 04 30 00
1B0: 01 00 80 2D C9 04 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 7B
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 03 3F 00 00 00 00 00 00 00 00 00 00 04 00
010: 00 00 00 00 00 00 00 00 00 00 05 3F 00 00 00 00
020: 00 00 00 00 00 00 06 64 00 00 00 00 00 00 00 00
030: 00 00 07 00 00 00 00 00 00 00 00 00 00 00 08 BB
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 9D 00 00 00 00 00 00 00 00
060: 00 00 0B DF 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
0E0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0F0: 00 00 CA 00 00 00 00 00 00 00 00 00 00 00 CB B4
100: 00 00 00 00 00 00 00 00 00 00 CC 00 00 00 00 00
110: 00 00 00 00 00 00 CD 00 00 00 00 00 00 00 00 00
120: 00 00 CF 00 00 00 00 00 00 00 00 00 00 00 D0 00
130: 00 00 00 00 00 00 00 00 00 00 D1 00 00 00 00 00
140: 00 00 00 00 00 00 63 00 00 00 00 00 00 00 00 00
150: 00 00 64 00 00 00 00 00 00 00 00 00 00 00 65 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 61
----------------------------------------------------------------------------
(2) WDC WD2500JS-22NCB1
----------------------------------------------------------------------------
Model : WDC WD2500JS-22NCB1
Firmware : 10.02E02
Serial Number : WD-WCANKK444252
Disk Size : 250,0 GB (8,4/137,4/250,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 488397168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 13548 hod.
Power On Count : 2655 krát
Temparature : 35 C (95 F)
Health Status : Pozor
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 00000000098B Počet chyb čtení
03 188 187 _21 0000000015E0 Čas na roztočení ploten
04 _98 _98 __0 000000000AF9 Počet spuštění/zastavení
05 176 176 140 0000000000BC Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _82 _82 __0 0000000034EC Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 _51 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000A5F Počet cyklů zapnutí zařízení
BE _65 _46 _45 000000000023 Teplota toku vzduchu
C2 115 _96 __0 000000000023 Teplota
C4 157 157 __0 00000000002B Počet udalostí s číslem realokování sektorů
C5 200 198 __0 000000000001 Počet podezřelých sektorů
C6 200 197 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 196 _51 000000000002 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 414E 4B4B 3434 3432 3532
020: 0000 4000 0032 3130 2E30 3245 3032 5744 4320 5744
030: 3235 3030 4A53 2D32 324E 4342 3120 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 00FE 0000 746B 7F61 4023 7469 3C41 4023 207F 0000
090: 0000 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 5970 1D1C 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 0000
130: 0000 0000 0000 1663 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5BA5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 C8 C8 8B 09 00 00 00 00 00 03 03
010: 00 BC BB E0 15 00 00 00 00 00 04 32 00 62 62 F9
020: 0A 00 00 00 00 00 05 33 00 B0 B0 BC 00 00 00 00
030: 00 00 07 0F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 52 52 EC 34 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0B 12 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 5F 0A 00 00 00 00 00 BE 22
070: 00 41 2E 23 00 00 00 00 00 00 C2 22 00 73 60 23
080: 00 00 00 00 00 00 C4 32 00 9D 9D 2B 00 00 00 00
090: 00 00 C5 12 00 C8 C6 01 00 00 00 00 00 00 C6 10
0A0: 00 C8 C5 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
0B0: 00 00 00 00 00 00 C8 09 00 C8 C4 02 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 00 1E 01 7B
170: 03 00 01 00 02 5A 06 00 00 00 00 00 00 00 00 00
180: 00 00 01 06 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 C8 C8 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 C8 C8 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 33 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BE 2D
070: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
080: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
090: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0A0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0B0: 00 00 00 00 00 00 C8 33 C8 C8 C8 C8 C8 C8 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 77
Přispějete na provoz fóra?