neco mi ovlada ADSL modem

Zpráva

fido-dido · #1 Příspěvek od **fido-dido** » 02 pro 2009 21:44

ahoj

mam problem ze neco mi ovlada ADSL modem. (modem slouzi i pro dalsi tri pocitace). pokud je pripojeny muj pocitac sam od sebe restartuje ADSL modem a to i pres to ze jsem z jineho pocitace znenil jmeno a heslo v MODEMU. Po restartu modemu se vyhradi pristu temer jenom pro muj pocitat (a mi internet jede normalne) a ostatni uzivatele maji hodne omezeny pristup na internet.
asi pred 14 dny jsem kvuli tohodle problemu formatoval C:
viz http://www.viry.cz/forum/viewtopic.php?f=30&t=93524
stim ze nejake data zustaly jeste na disku D: (zalohy)

14 dnu byl klid az ted se vse opakuje.
antivir je od pocatku nainstalovany NORTON antivirus a i spybot (nic nenasli)

dekuji moc za pomoc

Logfile of random's system information tool 1.06 (written by random/random)
Run by lukas at 2009-12-02 21:14:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 118 GB (91%) free of 130 GB
Total RAM: 1023 MB (19% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:14:29, on 2.12.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\lukas\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\lukas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.DLL
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 6042 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2009-08-04 1586472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\IPSBHO.DLL [2009-10-01 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
- []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-22 77824]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-08-02 7110656]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2005-08-02 86016]
"Creative WebCam Tray"=C:\Program Files\Creative\Shared Files\CAMTRAY.EXE [2004-07-30 245760]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-03-01 172792]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2009-04-24 203928]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-12-02 21:14:18 ----D---- C:\Program Files\trend micro
2009-12-02 21:14:17 ----D---- C:\rsit
2009-12-02 19:54:31 ----A---- C:\WINDOWS\ntbtlog.txt
2009-11-28 15:49:25 ----D---- C:\Program Files\rajce
2009-11-21 14:02:34 ----D---- C:\Program Files\Common Files\DirectX
2009-11-21 13:53:49 ----D---- C:\Program Files\Buka
2009-11-21 13:30:55 ----D---- C:\Program Files\Alcohol Soft
2009-11-21 12:32:10 ----D---- C:\Program Files\uTorrent
2009-11-21 12:30:39 ----D---- C:\Documents and Settings\lukas\Data aplikací\uTorrent
2009-11-21 12:05:06 ----D---- C:\Program Files\IrfanView
2009-11-20 18:37:41 ----D---- C:\Program Files\WinRAR
2009-11-20 18:20:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-11-20 18:20:11 ----D---- C:\Program Files\Common Files\Adobe
2009-11-20 18:20:11 ----D---- C:\Program Files\Adobe
2009-11-18 21:44:18 ----A---- C:\WINDOWS\NeroDigital.ini
2009-11-17 22:42:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\SBT
2009-11-17 22:42:21 ----D---- C:\Program Files\Snapshot Viewer
2009-11-17 22:33:52 ----A---- C:\WINDOWS\ODBC.INI
2009-11-17 22:32:45 ----D---- C:\Program Files\Common Files\Designer
2009-11-17 22:32:11 ----D---- C:\WINDOWS\ShellNew
2009-11-17 22:30:41 ----D---- C:\Program Files\Microsoft Office
2009-11-17 22:30:41 ----D---- C:\Documents and Settings\lukas\Data aplikací\Microsoft Web Folders
2009-11-17 21:15:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2009-11-17 21:15:17 ----D---- C:\Program Files\Realore
2009-11-17 20:26:37 ----D---- C:\Documents and Settings\lukas\Data aplikací\skypePM
2009-11-17 20:24:30 ----D---- C:\Documents and Settings\lukas\Data aplikací\Skype
2009-11-17 20:24:12 ----D---- C:\Program Files\Common Files\Skype
2009-11-17 20:24:10 ----RD---- C:\Program Files\Skype
2009-11-17 20:24:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-11-17 20:09:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2009-11-17 20:08:27 ----D---- C:\Documents and Settings\lukas\Data aplikací\ICQ
2009-11-17 20:07:47 ----D---- C:\Program Files\ICQ6.5
2009-11-17 19:14:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-11-17 19:14:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-11-17 19:02:55 ----D---- C:\Documents and Settings\lukas\Data aplikací\Mozilla
2009-11-17 19:02:50 ----D---- C:\Program Files\Mozilla Firefox
2009-11-17 18:29:09 ----D---- C:\Documents and Settings\lukas\Data aplikací\Macromedia
2009-11-17 18:29:04 ----D---- C:\Documents and Settings\lukas\Data aplikací\Adobe
2009-11-17 18:29:03 ----D---- C:\Documents and Settings\lukas\Data aplikací\Tific
2009-11-17 18:28:52 ----D---- C:\Program Files\Symantec
2009-11-17 18:28:52 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-11-17 18:28:52 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-11-17 18:28:43 ----D---- C:\Program Files\Windows Sidebar
2009-11-17 18:28:43 ----D---- C:\Program Files\Norton AntiVirus
2009-11-17 18:28:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2009-11-17 18:27:52 ----D---- C:\Program Files\NortonInstaller
2009-11-17 18:27:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2009-11-17 17:45:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Martau
2009-11-17 17:41:45 ----D---- C:\Program Files\Total Uninstall 3
2009-11-17 17:31:52 ----D---- C:\Documents and Settings\lukas\Data aplikací\Ahead
2009-11-17 17:31:05 ----D---- C:\Program Files\Nero
2009-11-17 17:31:05 ----D---- C:\Program Files\Common Files\Ahead
2009-11-17 17:31:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2009-11-17 17:30:31 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-11-17 17:30:29 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-11-17 17:20:14 ----D---- C:\totalcmd
2009-11-17 17:20:14 ----A---- C:\WINDOWS\wincmd.ini
2009-11-17 17:18:24 ----SHD---- C:\RECYCLER
2009-11-17 17:17:38 ----D---- C:\Documents and Settings\lukas\Data aplikací\Creative
2009-11-17 17:16:20 ----N---- C:\WINDOWS\Ctregrun.exe
2009-11-17 17:14:52 ----RA---- C:\WINDOWS\system32\P0630Vfw.dll
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\system32\P0630Sti.dll
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\system32\P0630Srv.exe
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\system32\P0630Pin.dll
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\system32\P0630Hwx.dll
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\system32\CtCamMgr.dll
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\P0630Cfg.exe
2009-11-17 17:14:51 ----RA---- C:\WINDOWS\CtDrvIns.exe
2009-11-17 17:14:49 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-11-17 17:13:41 ----D---- C:\Program Files\Creative
2009-11-17 17:11:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2009-11-17 17:10:10 ----A---- C:\WINDOWS\LEXSTAT.INI
2009-11-17 17:09:45 ----A---- C:\WINDOWS\unin0405.exe
2009-11-17 17:07:05 ----D---- C:\WINDOWS\nview
2009-11-17 17:07:05 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nwiz.exe
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrses.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2009-11-17 17:07:00 ----A---- C:\WINDOWS\system32\nvwimg.dll
2009-11-17 17:06:59 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2009-11-17 17:06:59 ----A---- C:\WINDOWS\system32\nvwddi.dll
2009-11-17 17:06:59 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2009-11-17 17:06:59 ----A---- C:\WINDOWS\system32\nvshell.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nview.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvhwvid.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvcodins.dll
2009-11-17 17:06:58 ----A---- C:\WINDOWS\system32\nvcod.dll
2009-11-17 17:06:57 ----A---- C:\WINDOWS\system32\nvappbar.exe
2009-11-17 17:06:56 ----A---- C:\WINDOWS\system32\nvmctray.dll
2009-11-17 17:06:56 ----A---- C:\WINDOWS\system32\keystone.exe
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrszht.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrstr.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrssv.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrssl.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrssk.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrsru.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrspt.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrspl.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrsno.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvcpl.dll
2009-11-17 17:06:55 ----A---- C:\WINDOWS\system32\nvcolor.exe
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsko.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsja.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsit.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrshu.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrshe.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrses.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrseng.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsel.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsde.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsda.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrscs.dll
2009-11-17 17:06:54 ----A---- C:\WINDOWS\system32\nvrsar.dll
2009-11-17 17:06:51 ----D---- C:\WINDOWS\system32\WinFast
2009-11-17 17:05:44 ----D---- C:\WINDOWS\system32\WinFox
2009-11-17 17:03:40 ----A---- C:\WINDOWS\system32\h323log.txt
2009-11-17 17:00:30 ----RA---- C:\WINDOWS\system32\idecoi.dll
2009-11-17 16:59:16 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-11-17 16:59:12 ----D---- C:\Program Files\Realtek Sound Manager
2009-11-17 16:59:10 ----N---- C:\WINDOWS\avrack.ini
2009-11-17 16:59:10 ----D---- C:\Program Files\AvRack
2009-11-17 16:59:07 ----N---- C:\WINDOWS\system32\ChCfg.exe
2009-11-17 16:59:07 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2009-11-17 16:59:07 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-11-17 16:59:04 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2009-11-17 16:58:58 ----N---- C:\WINDOWS\alcupd.exe
2009-11-17 16:58:58 ----N---- C:\WINDOWS\alcrmv.exe
2009-11-17 16:58:20 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-17 16:58:20 ----D---- C:\Program Files\AMD
2009-11-17 16:56:07 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2009-11-17 16:56:07 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-11-17 16:56:04 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-11-17 16:56:03 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-11-17 16:56:03 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-11-17 16:56:03 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-11-17 16:56:02 ----A---- C:\WINDOWS\system32\nvusmb.exe
2009-11-17 16:56:02 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-11-17 16:55:42 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-17 16:48:48 ----D---- C:\WINDOWS\Prefetch
2009-11-17 16:45:18 ----N---- C:\WINDOWS\system32\msxml6r.dll
2009-11-17 16:45:18 ----N---- C:\WINDOWS\system32\msxml6.dll
2009-11-17 16:45:11 ----N---- C:\WINDOWS\system32\smtpapi.dll
2009-11-17 16:45:11 ----N---- C:\WINDOWS\system32\rwnh.dll
2009-11-17 16:45:10 ----N---- C:\WINDOWS\system32\aaclient.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eapsvc.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eapqec.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eappprxy.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eapphost.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eappgnui.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eappcfg.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\eapolqec.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3ui.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3svc.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3msm.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dot3api.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dimsroam.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\credssp.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2009-11-17 16:45:09 ----N---- C:\WINDOWS\system32\azroles.dll
2009-11-17 16:45:08 ----N---- C:\WINDOWS\system32\kmsvc.dll
2009-11-17 16:45:08 ----N---- C:\WINDOWS\system32\kbdpash.dll
2009-11-17 16:45:08 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2009-11-17 16:45:08 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2009-11-17 16:45:08 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\onex.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\napstat.exe
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\napmontr.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\napipsec.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\mssha.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\mmcperf.exe
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\mmcex.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2009-11-17 16:45:07 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\verclsid.exe
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\tspkg.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\tsgqec.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\setupn.exe
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\rasqec.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\qutil.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\qcliprov.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\qagentrt.dll
2009-11-17 16:45:06 ----N---- C:\WINDOWS\system32\qagent.dll
2009-11-17 16:45:05 ----N---- C:\WINDOWS\system32\wmphoto.dll
2009-11-17 16:45:05 ----N---- C:\WINDOWS\system32\wlanapi.dll
2009-11-17 16:45:05 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2009-11-17 16:45:05 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2009-11-17 16:45:04 ----N---- C:\WINDOWS\system32\xmllite.dll
2009-11-17 16:45:04 ----D---- C:\WINDOWS\system32\cs-cz
2009-11-17 16:45:04 ----D---- C:\WINDOWS\system32\cs
2009-11-17 16:45:04 ----D---- C:\WINDOWS\l2schemas
2009-11-17 16:45:03 ----D---- C:\WINDOWS\system32\bits
2009-11-17 16:42:05 ----D---- C:\WINDOWS\network diagnostic
2009-11-17 16:41:27 ----A---- C:\WINDOWS\005129_.tmp
2009-11-17 16:26:10 ----D---- C:\WINDOWS\SoftwareDistribution
2009-11-17 16:25:17 ----SD---- C:\WINDOWS\system32\Microsoft
2009-11-17 16:21:09 ----N---- C:\WINDOWS\system32\comsdupd.exe
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\d3d9.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\btpanui.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\bthserv.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\bthci.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\blastcln.exe
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\auditusr.exe
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ati3duag.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2009-11-17 16:21:07 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\msdadiag.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\mp4sdmod.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\mp43dmod.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdukx.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdno1.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdinben.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ir50_qcx.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ir50_qc.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ir50_32.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ir41_qcx.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ir41_qc.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\ieencode.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\httpapi.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\fwcfg.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\fsquirt.exe
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\fltmc.exe
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\fltlib.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\extmgr.dll
2009-11-17 16:21:06 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\xpob2res.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\wmidx.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\wmerror.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\winshfhc.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\w3ssl.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\twext.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\strmfilt.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\smbinst.exe
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\slserv.exe
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\slrundll.exe
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\slgen.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\slextspk.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\slcoinst.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\s3gnb.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\powercfg.exe
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\p2psvc.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2009-11-17 16:21:05 ----N---- C:\WINDOWS\system32\p2p.dll
2009-11-17 16:21:05 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2009-11-17 16:21:05 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\xmlprov.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wshbth.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmspdmoe.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmspdmod.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmpasf.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\system32\wmp.dll
2009-11-17 16:21:04 ----N---- C:\WINDOWS\slrundll.exe
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wups.dll
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wscsvc.dll
2009-11-17 16:21:04 ----A---- C:\WINDOWS\system32\wscntfy.exe
2009-11-17 16:21:03 ----D---- C:\WINDOWS\provisioning
2009-11-17 16:21:03 ----D---- C:\WINDOWS\peernet
2009-11-17 16:20:13 ----D---- C:\WINDOWS\ServicePackFiles
2009-11-17 16:18:53 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-11-17 16:18:53 ----A---- C:\WINDOWS\002179_.tmp
2009-11-17 16:18:52 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-11-17 16:18:43 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-11-17 16:18:03 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-11-17 16:18:01 ----D---- C:\WINDOWS\EHome
2009-11-17 16:13:38 ----SHD---- C:\WINDOWS\Installer
2009-11-17 16:13:36 ----D---- C:\Documents and Settings\lukas\Data aplikací\Identities
2009-11-17 16:13:33 ----HD---- C:\Program Files\Uninstall Information
2009-11-17 16:13:31 ----ASH---- C:\Documents and Settings\lukas\Data aplikací\desktop.ini
2009-11-17 16:13:30 ----SD---- C:\Documents and Settings\lukas\Data aplikací\Microsoft
2009-11-17 16:12:38 ----SHD---- C:\System Volume Information
2009-11-17 16:12:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-11-17 16:07:58 ----D---- C:\WINDOWS\system32\xircom
2009-11-17 16:07:58 ----D---- C:\Program Files\xerox
2009-11-17 16:07:58 ----D---- C:\Program Files\microsoft frontpage
2009-11-17 16:07:46 ----A---- C:\WINDOWS\control.ini
2009-11-17 16:07:46 ----A---- C:\AUTOEXEC.BAT
2009-11-17 16:07:42 ----A---- C:\WINDOWS\OEWABLog.txt
2009-11-17 16:07:39 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-11-17 16:07:04 ----RD---- C:\WINDOWS\Offline Web Pages
2009-11-17 16:07:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-11-17 16:07:03 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-11-17 16:06:59 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-11-17 16:06:40 ----D---- C:\WINDOWS\system32\DirectX
2009-11-17 16:06:09 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-11-17 16:06:09 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-11-17 16:06:09 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-11-17 16:06:08 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-11-17 16:06:08 ----A---- C:\WINDOWS\system32\atrace.dll
2009-11-17 16:06:05 ----A---- C:\WINDOWS\system32\desktop.ini
2009-11-17 16:06:05 ----A---- C:\WINDOWS\desktop.ini
2009-11-17 16:05:57 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-11-17 16:05:57 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-11-17 16:05:57 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-11-17 16:05:55 ----A---- C:\WINDOWS\system32\acctres.dll
2009-11-17 16:05:54 ----D---- C:\Program Files\Common Files\Services
2009-11-17 16:05:53 ----A---- C:\WINDOWS\system32\inetres.dll
2009-11-17 16:05:49 ----SD---- C:\WINDOWS\Tasks
2009-11-17 16:05:49 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-11-17 16:05:48 ----A---- C:\WINDOWS\system32\isign32.dll
2009-11-17 16:05:48 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-11-17 16:05:48 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-11-17 16:05:48 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-11-17 16:05:45 ----D---- C:\Program Files\Common Files\MSSoap
2009-11-17 16:05:40 ----D---- C:\WINDOWS\srchasst
2009-11-17 16:05:39 ----D---- C:\WINDOWS\system32\Macromed
2009-11-17 16:05:38 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-11-17 16:05:38 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-11-17 16:05:37 ----D---- C:\Program Files\Movie Maker
2009-11-17 16:05:33 ----D---- C:\WINDOWS\PCHealth
2009-11-17 16:05:32 ----D---- C:\WINDOWS\system32\Restore
2009-11-17 16:05:32 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-11-17 16:05:32 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-11-17 16:05:32 ----A---- C:\WINDOWS\system32\srclient.dll
2009-11-17 16:05:31 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-11-17 16:05:31 ----A---- C:\WINDOWS\system32\msconf.dll
2009-11-17 16:05:31 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-11-17 16:05:31 ----A---- C:\WINDOWS\system32\ils.dll
2009-11-17 16:05:28 ----D---- C:\Program Files\NetMeeting
2009-11-17 16:05:28 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-11-17 16:05:28 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-11-17 16:05:27 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-11-17 16:05:26 ----D---- C:\Program Files\Outlook Express
2009-11-17 16:05:26 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-11-17 16:05:26 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-11-17 16:05:26 ----A---- C:\WINDOWS\system32\mstask.dll
2009-11-17 16:05:19 ----D---- C:\Program Files\Internet Explorer
2009-11-17 16:05:19 ----D---- C:\Program Files\Common Files\System
2009-11-17 16:05:00 ----D---- C:\Program Files\ComPlus Applications
2009-11-17 16:04:59 ----D---- C:\WINDOWS\Registration
2009-11-17 16:04:59 ----A---- C:\WINDOWS\vbaddin.ini
2009-11-17 16:04:59 ----A---- C:\WINDOWS\vb.ini
2009-11-17 16:04:57 ----HD---- C:\Program Files\WindowsUpdate
2009-11-17 16:04:57 ----D---- C:\Program Files\Windows Media Player
2009-11-17 16:04:57 ----D---- C:\Program Files\Online Services
2009-11-17 16:04:54 ----D---- C:\Program Files\Messenger
2009-11-17 16:04:49 ----D---- C:\Program Files\MSN Gaming Zone
2009-11-17 16:04:49 ----A---- C:\WINDOWS\system32\write.exe
2009-11-17 16:04:38 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\hticons.dll
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\avwav.dll
2009-11-17 16:04:37 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-11-17 16:04:36 ----A---- C:\WINDOWS\system32\winchat.exe
2009-11-17 16:04:36 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-11-17 16:04:27 ----A---- C:\WINDOWS\system32\charmap.exe
2009-11-17 16:04:27 ----A---- C:\WINDOWS\system32\getuname.dll
2009-11-17 16:04:27 ----A---- C:\WINDOWS\system32\calc.exe
2009-11-17 16:04:26 ----A---- C:\WINDOWS\system32\winmine.exe
2009-11-17 16:04:26 ----A---- C:\WINDOWS\system32\sol.exe
2009-11-17 16:04:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\tskill.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\reset.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-11-17 16:04:25 ----A---- C:\WINDOWS\system32\freecell.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\tscon.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\shadow.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\regini.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\msg.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\logoff.exe
2009-11-17 16:04:24 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-11-17 16:04:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-11-17 16:04:21 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-11-17 16:04:21 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-11-17 16:04:21 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-11-17 16:04:21 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-11-17 16:04:21 ----A---- C:\WINDOWS\system32\colbact.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\stclient.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-11-17 16:04:20 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-11-17 16:04:19 ----A---- C:\WINDOWS\system32\comuid.dll
2009-11-17 16:04:19 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-11-17 16:04:19 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-11-17 16:04:10 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-11-17 16:04:10 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-11-17 16:04:10 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-11-17 16:04:10 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-11-17 16:04:04 ----D---- C:\Program Files\Windows NT
2009-11-17 16:04:04 ----D---- C:\Program Files\MSN
2009-11-17 16:04:04 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-11-17 16:04:04 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-11-17 16:04:04 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-11-17 16:04:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-11-17 16:04:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-11-17 16:04:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-11-17 16:04:03 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-11-17 16:04:03 ----A---- C:\WINDOWS\system32\spider.exe
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-11-17 16:04:02 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-11-17 16:04:01 ----D---- C:\WINDOWS\system32\MsDtc
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-11-17 16:04:01 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-11-17 16:04:00 ----D---- C:\WINDOWS\system32\Com
2009-11-17 16:04:00 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-11-17 16:04:00 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-11-17 16:03:59 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-11-17 16:03:56 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-11-17 13:34:56 ----A---- C:\WINDOWS\system32\usbui.dll
2009-11-17 13:34:17 ----A---- C:\WINDOWS\imsins.BAK
2009-11-17 13:34:14 ----D---- C:\Program Files\Common Files\ODBC
2009-11-17 13:34:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-11-17 13:34:14 ----A---- C:\WINDOWS\ODBCINST.INI
2009-11-17 13:34:11 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-11-17 13:34:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-11-17 13:34:10 ----RD---- C:\Program Files
2009-11-17 13:34:10 ----D---- C:\Program Files\Common Files
2009-11-17 13:34:08 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-11-17 13:34:08 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-11-17 13:34:08 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-11-17 13:34:06 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-11-17 13:34:05 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-11-17 13:34:03 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-11-17 13:34:01 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-11-17 13:34:01 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-11-17 13:34:01 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-11-17 13:34:01 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-11-17 13:34:01 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-11-17 13:33:57 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-11-17 13:33:56 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-11-17 13:33:56 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-11-17 13:33:56 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-11-17 13:33:55 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-11-17 13:33:55 ----A---- C:\WINDOWS\system32\irclass.dll
2009-11-17 13:33:55 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-11-17 13:33:55 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-11-17 13:33:55 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-11-17 13:33:52 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-11-17 13:33:52 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-11-17 13:33:52 ----A---- C:\WINDOWS\system32\batt.dll
2009-11-17 13:33:52 ----A---- C:\WINDOWS\notepad.exe
2009-11-17 13:33:51 ----A---- C:\WINDOWS\system32\storprop.dll
2009-11-17 13:33:48 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-11-17 13:33:45 ----RA---- C:\WINDOWS\SETA.tmp
2009-11-17 13:33:42 ----RA---- C:\WINDOWS\SET3.tmp
2009-11-17 13:33:37 ----D---- C:\WINDOWS\system32\CatRoot2
2009-11-17 13:33:37 ----D---- C:\WINDOWS\system32\CatRoot
2009-11-17 13:33:31 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-11-17 13:33:16 ----A---- C:\WINDOWS\setuplog.txt
2009-11-17 13:33:14 ----D---- C:\Documents and Settings
2009-11-17 13:32:26 ----RASH---- C:\boot.ini
2009-11-17 13:28:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-11-17 13:28:27 ----RSD---- C:\WINDOWS\Fonts
2009-11-17 13:28:27 ----RD---- C:\WINDOWS\Web
2009-11-17 13:28:27 ----HD---- C:\WINDOWS\inf
2009-11-17 13:28:27 ----D---- C:\WINDOWS\WinSxS
2009-11-17 13:28:27 ----D---- C:\WINDOWS\twain_32
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Temp
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\wins
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\wbem
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\usmt
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\spool
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\ShellExt
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\Setup
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\ras
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\oobe
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\npp
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\mui
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\inetsrv
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\IME
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\icsxml
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\ias
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\export
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\drivers
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\dhcp
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\config
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\3com_dmi
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\3076
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\2052
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1054
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1042
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1041
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1037
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1033
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1031
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1029
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1028
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32\1025
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system32
2009-11-17 13:28:27 ----D---- C:\WINDOWS\system
2009-11-17 13:28:27 ----D---- C:\WINDOWS\security
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Resources
2009-11-17 13:28:27 ----D---- C:\WINDOWS\repair
2009-11-17 13:28:27 ----D---- C:\WINDOWS\mui
2009-11-17 13:28:27 ----D---- C:\WINDOWS\msapps
2009-11-17 13:28:27 ----D---- C:\WINDOWS\msagent
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Media
2009-11-17 13:28:27 ----D---- C:\WINDOWS\java
2009-11-17 13:28:27 ----D---- C:\WINDOWS\ime
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Help
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Driver Cache
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Debug
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Cursors
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Connection Wizard
2009-11-17 13:28:27 ----D---- C:\WINDOWS\Config
2009-11-17 13:28:27 ----D---- C:\WINDOWS\AppPatch
2009-11-17 13:28:27 ----D---- C:\WINDOWS\addins
2009-11-17 13:28:27 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2009-11-17 22:33:20 ----A---- C:\WINDOWS\win.ini
2009-11-17 16:19:07 ----RASH---- C:\NTDETECT.COM
2009-11-17 13:34:10 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\NAV\1101000.013\ccHPx86.sys [2009-10-20 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1101000.013\SRTSPX.SYS [2009-10-09 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\System32\Drivers\NAV\1101000.013\Ironx86.SYS [2009-10-09 114736]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1101000.013\SYMTDI.SYS [2009-10-15 361520]
R2 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx86.sys []
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-22 2304320]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSxpx86.sys []
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20091201.039\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20091201.039\NAVEX15.SYS []
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-08-02 3198560]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-04-05 33536]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-04-05 12928]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2004-07-30 91830]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1101000.013\SRTSP.SYS [2009-10-09 325168]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-14 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 atkqxbcl;atkqxbcl; C:\WINDOWS\system32\drivers\atkqxbcl.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-02-25 303104]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe [2009-10-20 126392]
R2 NVSvc;WinFast(R) Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-08-02 127043]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 03 pro 2009 05:13

Dobré ranko

To je zajímavé, mrkneme na to

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

fido-dido · #3 Příspěvek od **fido-dido** » 03 pro 2009 06:36

na svuj pocitac se dostanu asi az kolem 18.00 hodiny. moc dekuji za pomoc

ComboFix 09-12-02.05 - lukas 03.12.2009 6:26.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.750 [GMT 1:00]
Spuštěný z: c:\documents and settings\lukas\Dokumenty\Stažené soubory\ComboFix.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\ieuinit.inf

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-03 do 2009-12-03 )))))))))))))))))))))))))))))))
.

2009-12-02 20:14 . 2009-12-02 20:14 -------- d-----w- c:\program files\trend micro
2009-12-02 20:14 . 2009-12-02 20:14 -------- d-----w- C:\rsit
2009-11-28 14:49 . 2009-11-28 15:01 -------- d-----w- c:\program files\rajce
2009-11-21 13:02 . 2009-11-21 13:02 -------- d-----w- c:\program files\Common Files\DirectX
2009-11-21 12:53 . 2009-11-21 12:53 -------- d-----w- c:\program files\Buka
2009-11-21 12:30 . 2009-11-21 12:30 -------- d-----w- c:\program files\Alcohol Soft
2009-11-21 11:41 . 2009-11-21 11:41 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-11-21 11:32 . 2009-11-28 06:04 -------- d-----w- c:\program files\uTorrent
2009-11-21 11:05 . 2009-11-21 11:05 -------- d-----w- c:\program files\IrfanView
2009-11-20 17:20 . 2009-11-20 17:20 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-17 21:42 . 2009-11-17 21:42 -------- d-----w- c:\program files\Snapshot Viewer
2009-11-17 21:32 . 2009-11-17 21:43 -------- d-----w- c:\windows\ShellNew
2009-11-17 20:15 . 2009-11-17 20:15 -------- d-----w- c:\program files\Realore
2009-11-17 19:26 . 2009-11-17 19:26 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-11-17 19:24 . 2009-11-17 19:24 -------- d-----w- c:\program files\Common Files\Skype
2009-11-17 19:24 . 2009-11-17 19:24 -------- d-----r- c:\program files\Skype
2009-11-17 19:07 . 2009-11-17 19:41 -------- d-----w- c:\program files\ICQ6.5
2009-11-17 18:14 . 2009-11-17 18:16 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-11-17 18:02 . 2009-11-17 18:02 0 ----a-w- c:\windows\nsreg.dat
2009-11-17 17:28 . 2009-11-17 17:36 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-11-17 17:28 . 2009-11-17 17:28 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-11-17 17:28 . 2009-11-17 17:28 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-11-17 17:28 . 2009-11-17 17:28 -------- d-----w- c:\program files\Symantec
2009-11-17 17:28 . 2009-11-20 18:37 -------- d-----w- c:\windows\system32\drivers\NAV
2009-11-17 17:28 . 2009-11-17 17:28 -------- d-----w- c:\program files\Windows Sidebar
2009-11-17 17:28 . 2009-11-17 17:28 -------- d-----w- c:\program files\Norton AntiVirus
2009-11-17 17:27 . 2009-11-17 17:27 -------- d-----w- c:\program files\NortonInstaller
2009-11-17 16:41 . 2009-11-17 16:41 -------- d-----w- c:\program files\Total Uninstall 3
2009-11-17 16:31 . 2009-11-17 16:31 -------- d-----w- c:\program files\Common Files\Ahead
2009-11-17 16:31 . 2009-11-17 16:31 -------- d-----w- c:\program files\Nero
2009-11-17 16:20 . 2009-11-17 16:21 -------- d-----w- C:\totalcmd
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\UC.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\RAR.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\PKZIP.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\PKUNZIP.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\NOCLOSE.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\LHA.PIF
2009-11-17 16:20 . 2006-10-23 05:55 545 ----a-w- c:\windows\ARJ.PIF
2009-11-17 16:16 . 1999-10-11 01:00 41984 ------w- c:\windows\Ctregrun.exe
2009-11-17 16:15 . 2008-04-13 23:16 10880 -c--a-w- c:\windows\system32\dllcache\ndisip.sys
2009-11-17 16:15 . 2008-04-13 23:16 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-11-17 16:15 . 2008-04-13 23:16 15232 -c--a-w- c:\windows\system32\dllcache\streamip.sys
2009-11-17 16:15 . 2008-04-13 23:16 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-11-17 16:15 . 2008-04-13 23:16 11136 -c--a-w- c:\windows\system32\dllcache\slip.sys
2009-11-17 16:15 . 2008-04-13 23:16 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-11-17 16:13 . 2009-11-17 16:16 -------- d-----w- c:\program files\Creative
2009-11-17 16:09 . 1997-04-18 10:46 297984 ----a-w- c:\windows\unin0405.exe
2009-11-17 16:09 . 2009-11-17 16:09 -------- d-----w- c:\documents and settings\lukas\WINDOWS
2009-11-17 16:06 . 2005-08-02 15:35 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-11-17 16:05 . 2009-11-17 16:05 -------- d-----w- c:\windows\system32\WinFox
2009-11-17 16:05 . 2005-03-25 17:24 9600 ----a-w- c:\windows\system32\drivers\WINFOXIO.sys
2009-11-17 16:00 . 2005-05-17 09:45 300032 ----a-r- c:\windows\system32\idecoi.dll
2009-11-17 16:00 . 2005-05-17 09:45 92800 ----a-r- c:\windows\system32\drivers\nvata.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 12:53 . 2009-11-17 15:58 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-11-17 21:41 . 2009-11-17 15:07 -------- d-----w- c:\program files\microsoft frontpage
2009-11-17 17:28 . 2009-11-17 17:28 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-11-17 17:28 . 2009-11-17 17:28 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-11-17 16:05 . 2001-10-25 14:00 46196 ----a-w- c:\windows\system32\perfc005.dat
2009-11-17 16:05 . 2001-10-25 14:00 309990 ----a-w- c:\windows\system32\perfh005.dat
2009-11-17 15:59 . 2009-11-17 15:59 -------- d-----w- c:\program files\Realtek Sound Manager
2009-11-17 15:59 . 2009-11-17 15:59 -------- d-----w- c:\program files\AvRack
2009-11-17 15:58 . 2009-11-17 15:55 -------- d-----w- c:\program files\Common Files\InstallShield
2009-11-17 15:58 . 2009-11-17 15:58 -------- d-----w- c:\program files\AMD
2009-11-17 15:46 . 2009-11-17 15:07 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2009-11-17 15:46 . 2009-11-17 15:07 3038 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2009-11-17 15:21 . 2009-11-17 15:07 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2009-11-17 15:07 . 2009-11-17 15:07 558142 ----a-w- c:\windows\java\Packages\7HZJ1N37.ZIP
2009-11-17 15:07 . 2009-11-17 15:07 2678 ----a-w- c:\windows\java\Packages\Data\PR9RVZ97.DAT
2009-11-17 15:07 . 2009-11-17 15:07 2678 ----a-w- c:\windows\java\Packages\Data\7LB93TB5.DAT
2009-11-17 15:07 . 2009-11-17 15:07 155995 ----a-w- c:\windows\java\Packages\0KB7LFNL.ZIP
2009-11-17 15:07 . 2009-11-17 15:07 2678 ----a-w- c:\windows\java\Packages\Data\ZHJTZTBH.DAT
2009-11-17 15:07 . 2009-11-17 15:07 2678 ----a-w- c:\windows\java\Packages\Data\BFBDVF3Z.DAT
2009-11-17 15:07 . 2009-11-17 15:07 2678 ----a-w- c:\windows\java\Packages\Data\4YA9FN57.DAT
2009-11-17 15:05 . 2009-11-17 15:05 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe silent" [X]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-11-16 139264]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-08-02 7110656]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-08-02 86016]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2004-07-30 245760]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2004-12-22 77824]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-08-02 1519616]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1101000.013\SymDS.sys [17.11.2009 20:57 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1101000.013\SymEFA.sys [17.11.2009 20:57 171056]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1101000.013\cchpx86.sys [17.11.2009 20:57 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1101000.013\Ironx86.sys [17.11.2009 20:57 114736]
R2 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20091104.001\BHDrvx86.sys [5.11.2009 0:50 524848]
R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe [17.11.2009 20:57 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [20.11.2009 17:22 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20091111.001\IDSXpx86.sys [17.11.2009 18:34 329592]
R3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [17.11.2009 17:14 91830]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.11.2009 12:41 721904]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\lukas\Data aplikací\Mozilla\Firefox\Profiles\c91di3lp.default\
FF - prefs.js: browser.search.selectedEngine - SluneÄŤnice
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - component: c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-03 06:32
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NAV]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\17.1.0.19\ccSvcHst.exe\" /s \"NAV\" /m \"c:\program files\Norton AntiVirus\Engine\17.1.0.19\diMaster.dll\" /prefetch:1"
.
Celkový čas: 2009-12-03 06:33
ComboFix-quarantined-files.txt 2009-12-03 05:33

Před spuštěním: Volných bajtů: 124 545 843 200
Po spuštění: Volných bajtů: 124 623 589 376

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - D27AE0E666C694985BD88BE4CB8B1350

#4 Příspěvek od **motji** » 03 pro 2009 07:10

v logu nic vidět není.

Stáhněte Rootkit Unhooker http://forum.sysinternals.com/uploads/2 ... 300509.rar
-spusťte, klikněte na Report a potom klikněte na tlačítko Scan
-objeví se tabulka, dáte fajfku do všech okének a OK
-až se objeví tabulka "Select Disk for scan", vypněte ji křížkem v pravém horním rohu
-proběhne sken, objeví se okno z výsledky.Označte text a pravým tl. myši zkopírujte výsledky zde

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu

start-spustit
do okénka zkopírujte
Kód: Vybrat vše
"%userprofile%\plocha\mbr" -t
ok

vytvoří se log s názvem mbr.log, vložte ho zde

fido-dido · #5 Příspěvek od **fido-dido** » 03 pro 2009 07:46

pokracovat tedu budu az v 18.00 hod kdyz se dostanu domu na svuj pocitac.

citaci k vasi odpovedi se asi ridit nemam, ze?

#6 Příspěvek od **motji** » 03 pro 2009 08:16

Ty pokyny v citaci jsou pro Vás

Já tu budu až večer po 20. hodině

fido-dido · #7 Příspěvek od **fido-dido** » 03 pro 2009 08:48

ok bude to tady na osmou nachystane.

fido-dido · #8 Příspěvek od **fido-dido** » 03 pro 2009 18:28

rootkid

>SSDT State
NtAlertResumeThread
Actual Address 0x84AFEAE8
Hooked by: Unknown module filename

NtAlertThread
Actual Address 0x84AFEBC8
Hooked by: Unknown module filename

NtAllocateVirtualMemory
Actual Address 0x84B036A0
Hooked by: Unknown module filename

NtAssignProcessToJobObject
Actual Address 0x84AFE160
Hooked by: Unknown module filename

NtConnectPort
Actual Address 0x860C5728
Hooked by: Unknown module filename

NtCreateKey
Actual Address 0xEFCB3210
Hooked by: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

NtCreateMutant
Actual Address 0x84AFE838
Hooked by: Unknown module filename

NtCreateSymbolicLinkObject
Actual Address 0x84AFDF60
Hooked by: Unknown module filename

NtCreateThread
Actual Address 0x84B03BA8
Hooked by: Unknown module filename

NtDebugActiveProcess
Actual Address 0x84AFE370
Hooked by: Unknown module filename

NtDeleteKey
Actual Address 0xEFCB3490
Hooked by: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

NtDeleteValueKey
Actual Address 0xEFCB39F0
Hooked by: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

NtDuplicateObject
Actual Address 0x84B03870
Hooked by: Unknown module filename

NtFreeVirtualMemory
Actual Address 0x84B034C0
Hooked by: Unknown module filename

NtImpersonateAnonymousToken
Actual Address 0x84AFE928
Hooked by: Unknown module filename

NtImpersonateThread
Actual Address 0x84AFEA08
Hooked by: Unknown module filename

NtLoadDriver
Actual Address 0x865081A8
Hooked by: Unknown module filename

NtMapViewOfSection
Actual Address 0x84B033C0
Hooked by: Unknown module filename

NtOpenEvent
Actual Address 0x84AFE758
Hooked by: Unknown module filename

NtOpenKey
Actual Address 0xEFCB37A0
Hooked by: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

NtOpenProcess
Actual Address 0x84B03A50
Hooked by: Unknown module filename

NtOpenProcessToken
Actual Address 0x84B03790
Hooked by: Unknown module filename

NtOpenSection
Actual Address 0x84AFE598
Hooked by: Unknown module filename

NtOpenThread
Actual Address 0x84B03960
Hooked by: Unknown module filename

NtProtectVirtualMemory
Actual Address 0x84AFE070
Hooked by: Unknown module filename

NtResumeThread
Actual Address 0x84AFECA8
Hooked by: Unknown module filename

NtSetContextThread
Actual Address 0x84AFEF48
Hooked by: Unknown module filename

NtSetInformationProcess
Actual Address 0x84AFE008
Hooked by: Unknown module filename

NtSetSystemInformation
Actual Address 0x84AFE450
Hooked by: Unknown module filename

NtSetValueKey
Actual Address 0xEFCB3C40
Hooked by: C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

NtSuspendProcess
Actual Address 0x84AFE678
Hooked by: Unknown module filename

NtSuspendThread
Actual Address 0x84AFED88
Hooked by: Unknown module filename

NtTerminateProcess
Actual Address 0x84B03CA8
Hooked by: Unknown module filename

NtTerminateThread
Actual Address 0x84AFEE68
Hooked by: Unknown module filename

NtUnmapViewOfSection
Actual Address 0x84B032E0
Hooked by: Unknown module filename

NtWriteVirtualMemory
Actual Address 0x84B035B0
Hooked by: Unknown module filename

>Shadow
NtUserAttachThreadInput
Actual Address 0x84E54CF0
Hooked by: Unknown module filename

NtUserGetAsyncKeyState
Actual Address 0x84B13538
Hooked by: Unknown module filename

NtUserGetKeyboardState
Actual Address 0x84E1CC98
Hooked by: Unknown module filename

NtUserGetKeyState
Actual Address 0x84B07EE0
Hooked by: Unknown module filename

NtUserGetRawInputData
Actual Address 0x84B07FC0
Hooked by: Unknown module filename

NtUserMessageCall
Actual Address 0x84B043C8
Hooked by: Unknown module filename

NtUserPostMessage
Actual Address 0x86529228
Hooked by: Unknown module filename

NtUserPostThreadMessage
Actual Address 0x84B044B8
Hooked by: Unknown module filename

NtUserSetWindowsHookEx
Actual Address 0x84B0B570
Hooked by: Unknown module filename

NtUserSetWinEventHook
Actual Address 0x84AFD0A8
Hooked by: Unknown module filename

>Processes
>Drivers
>Stealth
>Files
>Hooks
ntkrnlpa.exe+0x0002ABC1, Type: Inline - RelativeJump at address 0x80501BC1 hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002AC70, Type: Inline - RelativeJump at address 0x80501C70 hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002AC9C, Type: Inline - RelativeJump at address 0x80501C9C hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002ADB0, Type: Inline - RelativeJump at address 0x80501DB0 hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe+0x0002AF80, Type: Inline - RelativeJump at address 0x80501F80 hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe+0x0006AA5A, Type: Inline - RelativeJump at address 0x80541A5A hook handler located in [ntkrnlpa.exe]
ntkrnlpa.exe-->IofCallDriver, Type: Address change at address 0x8054C200 hook handler located in [catchme.sys]
[3004]firefox.exe-->ntdll.dll+0x0001639E, Type: Inline - RelativeJump at address 0x7C91639E hook handler located in [unknown_code_page]
[3004]firefox.exe-->ntdll.dll-->LdrLoadDll, Type: Inline - RelativeJump at address 0x7C9163A3 hook handler located in [ntdll.dll]
[3520]explorer.exe-->kernel32.dll-->GetProcAddress, Type: IAT modification at address 0x01001268 hook handler located in [shimeng.dll]
!!POSSIBLE ROOTKIT ACTIVITY DETECTED!! =)

fido-dido · #9 Příspěvek od **fido-dido** » 03 pro 2009 18:30

MBR

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys ACPI.sys hal.dll nvata.sys
kernel: MBR read successfully
user & kernel MBR OK

fido-dido · #10 Příspěvek od **fido-dido** » 03 pro 2009 18:31

budu tadi zase asi kolem 21.30 hod

#11 Příspěvek od **motji** » 03 pro 2009 18:45

Ještě zkusíme Gmer. Zkoušel jste modem dát na jiný počítač, potom je vše v pořádku? máte ho dobře nastavený?

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.

fido-dido · #12 Příspěvek od **fido-dido** » 03 pro 2009 21:35

ktomu modemu jsou pripojene (krom meho) jeste dva pocitace kabelem a pres wifi jeste jeden. dela to pou ze muj pocitac. dnes jsem z prace si pujcil sitovou kartu abych vyloucil ze mam v pocitaci spatnou sitovku. ale to vyskousim az o vikendu.

GMER 1.0.15.15252 - http://www.gmer.net
Rootkit quick scan 2009-12-03 21:28:56
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\lukas\LOCALS~1\Temp\kxtdapow.sys

---- System - GMER 1.0.15 ----

Code \??\C:\DOCUME~1\lukas\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- EOF - GMER 1.0.15 ----

fido-dido · #13 Příspěvek od **fido-dido** » 03 pro 2009 22:09

GMER 1.0.15.15252 - http://www.gmer.net
Rootkit scan 2009-12-03 22:09:07
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\lukas\LOCALS~1\Temp\kxtdapow.sys

---- System - GMER 1.0.15 ----

SSDT 84AFEAE8 ZwAlertResumeThread
SSDT 84AFEBC8 ZwAlertThread
SSDT 84B036A0 ZwAllocateVirtualMemory
SSDT 84AFE160 ZwAssignProcessToJobObject
SSDT 860C5728 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xEFCB3210]
SSDT 84AFE838 ZwCreateMutant
SSDT 84AFDF60 ZwCreateSymbolicLinkObject
SSDT 84B03BA8 ZwCreateThread
SSDT 84AFE370 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xEFCB3490]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xEFCB39F0]
SSDT 84B03870 ZwDuplicateObject
SSDT 84B034C0 ZwFreeVirtualMemory
SSDT 84AFE928 ZwImpersonateAnonymousToken
SSDT 84AFEA08 ZwImpersonateThread
SSDT 865081A8 ZwLoadDriver
SSDT 84B033C0 ZwMapViewOfSection
SSDT 84AFE758 ZwOpenEvent
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwOpenKey [0xEFCB37A0]
SSDT 84B03A50 ZwOpenProcess
SSDT 84B03790 ZwOpenProcessToken
SSDT 84AFE598 ZwOpenSection
SSDT 84B03960 ZwOpenThread
SSDT 84AFE070 ZwProtectVirtualMemory
SSDT 84AFECA8 ZwResumeThread
SSDT 84AFEF48 ZwSetContextThread
SSDT 84AFE008 ZwSetInformationProcess
SSDT 84AFE450 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xEFCB3C40]
SSDT 84AFE678 ZwSuspendProcess
SSDT 84AFED88 ZwSuspendThread
SSDT 84B03CA8 ZwTerminateProcess
SSDT 84AFEE68 ZwTerminateThread
SSDT 84B032E0 ZwUnmapViewOfSection
SSDT 84B035B0 ZwWriteVirtualMemory

Code \??\C:\DOCUME~1\lukas\LOCALS~1\Temp\catchme.sys pIofCallDriver

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2394 80501BBC 8 Bytes CALL 48D4CBAB
.text ntkrnlpa.exe!ZwCallbackReturn + 2410 80501C38 4 Bytes CALL 6306A0EC
.text ntkrnlpa.exe!ZwCallbackReturn + 24C8 80501CF0 4 Bytes JMP 24E2A1A4
.text ntkrnlpa.exe!ZwCallbackReturn + 24D0 80501CF8 4 Bytes JMP 83DC84AF
? SYMDS.SYS Systém nemůže nalézt uvedený soubor. !
? SYMEFA.SYS Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF5DEE360, 0x1DE5ED, 0xE8000020]
? C:\DOCUME~1\lukas\LOCALS~1\Temp\catchme.sys Systém nemůže nalézt uvedený soubor. !
? C:\WINDOWS\system32\Drivers\PROCEXP113.SYS Systém nemůže nalézt uvedený soubor. !
? C:\DOCUME~1\lukas\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[1116] ntdll.dll!RtlValidateUnicodeString + 554 7C91639E 10 Bytes JMP 0215003A
.text C:\Program Files\Mozilla Firefox\firefox.exe[3004] ntdll.dll!RtlValidateUnicodeString + 554 7C91639E 10 Bytes JMP 0210003A

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x62 0x63 0x18 0x9A ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x9E 0x7A 0xB1 0x8C ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xCD 0x39 0xF0 0x78 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x62 0x63 0x18 0x9A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x9E 0x7A 0xB1 0x8C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x02 0x01 0x88 0x5C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x62 0x63 0x18 0x9A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x9E 0x7A 0xB1 0x8C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x02 0x01 0x88 0x5C ...

---- EOF - GMER 1.0.15 ----

#14 Příspěvek od **motji** » 04 pro 2009 03:57

Logy jsou ok, pokud někde něco je, tak je to zašité, já nikde nic nevidím

.
Zkuste tu síťovku a pak dejte vědět. Jinak zkusíme ještě něco vymyslet

.

Pro jistotu otestujte na www.virustotal.com
C:\WINDOWS\system32\drivers\atapi.sys

fido-dido · #15 Příspěvek od **fido-dido** » 04 pro 2009 07:02

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.43 2009.12.04 -
AhnLab-V3 5.0.0.2 2009.12.04 -
AntiVir 7.9.1.92 2009.12.03 -
Antiy-AVL 2.0.3.7 2009.12.03 -
Authentium 5.2.0.5 2009.12.02 -
Avast 4.8.1351.0 2009.12.03 -
AVG 8.5.0.426 2009.12.03 -
BitDefender 7.2 2009.12.04 -
CAT-QuickHeal 10.00 2009.12.04 -
ClamAV 0.94.1 2009.12.04 -
Comodo 3103 2009.12.01 -
DrWeb 5.0.0.12182 2009.12.04 -
eSafe 7.0.17.0 2009.12.03 Win32.Rootkit
eTrust-Vet 35.1.7156 2009.12.03 -
F-Prot 4.5.1.85 2009.12.03 -
F-Secure 9.0.15370.0 2009.12.03 -
Fortinet 4.0.14.0 2009.12.04 -
GData 19 2009.12.04 -
Ikarus T3.1.1.74.0 2009.12.04 -
Jiangmin 13.0.900 2009.12.02 -
K7AntiVirus 7.10.910 2009.12.03 -
Kaspersky 7.0.0.125 2009.12.04 -
McAfee 5821 2009.12.03 -
McAfee+Artemis 5821 2009.12.03 -
McAfee-GW-Edition 6.8.5 2009.12.04 Heuristic.LooksLike.Win32.NewMalware.H
Microsoft 1.5302 2009.12.03 -
NOD32 4659 2009.12.04 -
Norman 6.03.02 2009.12.03 -
nProtect 2009.1.8.0 2009.12.04 -
Panda 10.0.2.2 2009.12.03 -
PCTools 7.0.3.5 2009.12.04 -
Prevx 3.0 2009.12.04 -
Rising 22.24.04.04 2009.12.04 -
Sophos 4.48.0 2009.12.04 -
Sunbelt 3.2.1858.2 2009.12.04 -
Symantec 1.4.4.12 2009.12.04 -
TheHacker 6.5.0.2.084 2009.12.03 -
TrendMicro 9.100.0.1001 2009.12.04 -
VBA32 3.12.12.0 2009.12.03 -
ViRobot 2009.12.4.2071 2009.12.04 -
VirusBuster 5.0.21.0 2009.12.03 -
Rozšiřující informace
File size: 96512 bytes
MD5...: 9f3a2f5aa6875c72bf062c712cfa2674
SHA1..: a719156e8ad67456556a02c34e762944234e7a44
SHA256: b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9
ssdeep: 1536:MwXpkfV74F1D7yNEZIHRRJMohmus27G1j/XBoDQi7oaRMJfYHFktprll1Kb
DD0uu:MQ+N74vkEZIxMohjsimBoDTRMBwFktZu
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x159f7
timedatestamp.....: 0x4802539d (Sun Apr 13 18:40:29 2008)
machinetype.......: 0x14c (I386)

( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x380 0x97ba 0x9800 6.45 0d7d81391f33c6450a81be1e3ac8c7b7
NONPAGE 0x9b80 0x18e8 0x1900 6.48 c74a833abd81cc5d037de168e055ad29
.rdata 0xb480 0xa64 0xa80 4.31 8523651899e28819a14bf9415af25708
.data 0xbf00 0xd94 0xe00 0.45 3575b51634ae7a56f55f1ee0a6213834
PAGESCAN 0xcd00 0x157f 0x1580 6.20 dc4c309c4db9576daa752fdd125fccf9
PAGE 0xe280 0x61da 0x6200 6.46 40b83d4d552384e58a03517a98eb4863
INIT 0x14480 0x22be 0x2300 6.47 906462abc478368424ea462d5868d2e3
.rsrc 0x16780 0x3e0 0x400 3.36 8fd2d82e745b289c28bc056d3a0d62ab
.reloc 0x16b80 0xd20 0xd80 6.39 ce2b0898cc0e40b618e5df9099f6be45

( 3 imports )
> ntoskrnl.exe: RtlInitUnicodeString, swprintf, KeSetEvent, IoCreateSymbolicLink, IoGetConfigurationInformation, IoDeleteSymbolicLink, MmFreeMappingAddress, IoFreeErrorLogEntry, IoDisconnectInterrupt, MmUnmapIoSpace, ObReferenceObjectByPointer, IofCompleteRequest, RtlCompareUnicodeString, IofCallDriver, MmAllocateMappingAddress, IoAllocateErrorLogEntry, IoConnectInterrupt, IoDetachDevice, KeWaitForSingleObject, KeInitializeEvent, KeCancelTimer, RtlAnsiStringToUnicodeString, RtlInitAnsiString, IoBuildDeviceIoControlRequest, IoQueueWorkItem, MmMapIoSpace, IoInvalidateDeviceRelations, IoReportDetectedDevice, IoReportResourceForDetection, RtlxAnsiStringToUnicodeSize, NlsMbCodePageTag, PoRequestPowerIrp, KeInsertByKeyDeviceQueue, PoRegisterDeviceForIdleDetection, sprintf, MmMapLockedPagesSpecifyCache, ObfDereferenceObject, IoGetAttachedDeviceReference, IoInvalidateDeviceState, ZwClose, ObReferenceObjectByHandle, ZwCreateDirectoryObject, IoBuildSynchronousFsdRequest, PoStartNextPowerIrp, IoCreateDevice, RtlCopyUnicodeString, IoAllocateDriverObjectExtension, RtlQueryRegistryValues, ZwOpenKey, RtlFreeUnicodeString, IoStartTimer, KeInitializeTimer, IoInitializeTimer, KeInitializeDpc, KeInitializeSpinLock, IoInitializeIrp, ZwCreateKey, RtlAppendUnicodeStringToString, RtlIntegerToUnicodeString, ZwSetValueKey, KeInsertQueueDpc, KefAcquireSpinLockAtDpcLevel, IoStartPacket, KefReleaseSpinLockFromDpcLevel, IoBuildAsynchronousFsdRequest, IoFreeMdl, MmUnlockPages, IoWriteErrorLogEntry, KeRemoveByKeyDeviceQueue, MmMapLockedPagesWithReservedMapping, MmUnmapReservedMapping, KeSynchronizeExecution, IoStartNextPacket, KeBugCheckEx, KeRemoveDeviceQueue, KeSetTimer, _allmul, MmProbeAndLockPages, _except_handler3, PoSetPowerState, IoOpenDeviceRegistryKey, RtlWriteRegistryValue, RtlDeleteRegistryValue, _aulldiv, strstr, _strupr, KeQuerySystemTime, IoWMIRegistrationControl, KeTickCount, IoAttachDeviceToDeviceStack, IoDeleteDevice, ExAllocatePoolWithTag, IoAllocateWorkItem, IoAllocateIrp, IoAllocateMdl, MmBuildMdlForNonPagedPool, MmLockPagableDataSection, IoGetDriverObjectExtension, MmUnlockPagableImageSection, ExFreePoolWithTag, IoFreeIrp, IoFreeWorkItem, InitSafeBootMode, RtlCompareMemory, PoCallDriver, memmove, MmHighestUserAddress
> HAL.dll: KfAcquireSpinLock, READ_PORT_UCHAR, KeGetCurrentIrql, KfRaiseIrql, KfLowerIrql, HalGetInterruptVector, HalTranslateBusAddress, KeStallExecutionProcessor, KfReleaseSpinLock, READ_PORT_BUFFER_USHORT, READ_PORT_USHORT, WRITE_PORT_BUFFER_USHORT, WRITE_PORT_UCHAR
> WMILIB.SYS: WmiSystemControl, WmiCompleteRequest

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
packers (Kaspersky): PE_Patch
sigcheck:
publisher....: Microsoft Corporation
copyright....: (c) Microsoft Corporation. All rights reserved.
product......: Microsoft_ Windows_ Operating System
description..: IDE/ATAPI Port Driver
original name: atapi.sys
internal name: atapi.sys
file version.: 5.1.2600.5512 (xpsp.080413-2108)
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

VIRY.CZ

neco mi ovlada ADSL modem

neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem

Re: neco mi ovlada ADSL modem