Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu logu
Problém s připojením k internetu , neustálé odpojování a zpomalení připojení . Firefox padá při otvírání stream videa
z youtube atd. . Opera padá i při normálním připojení .Děkuji .
Logfile of random's system information tool 1.06 (written by random/random)
Run by radim at 2009-12-28 21:52:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (8%) free of 95 GB
Total RAM: 1023 MB (68% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-07-11 2160840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-13 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-07-11 2160840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2005-09-09 88203]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix\ /c C:\ComboFix\C.bat []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
C:\Program Files\System Control Manager\MGSysCtrl.exe [2006-03-24 179200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2005-07-08 1953887]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-06-29 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2005-08-16 339968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
C:\PROGRA~1\EDIMAX\Common\RaUI.exe [2007-12-14 716800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-10-04 393216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-10 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2009-07-11 336584]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\GAMEs\LOTR II\game.dat"="C:\GAMEs\LOTR II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Utorent\uTorrent\utorrent.exe"="C:\Program Files\Utorent\uTorrent\utorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23109fe1-918a-11de-b2de-0016174fa96c}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f04a5077-e182-11de-b37d-d5c87f440030}]
shell\AutoRun\command - G:\AutoRun.exe
======List of files/folders created in the last 1 months======
2009-12-28 21:52:22 ----D---- C:\Program Files\trend micro
2009-12-28 21:52:21 ----D---- C:\rsit
2009-12-25 15:04:54 ----D---- C:\Program Files\DIFX
2009-12-25 15:04:44 ----D---- C:\Program Files\Garmin
2009-12-25 15:04:43 ----D---- C:\Garmin
2009-12-21 23:21:52 ----D---- C:\Program Files\CCleaner
2009-12-20 18:04:34 ----D---- C:\Documents and Settings\radim\Data aplikací\Download Manager
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\java.exe
2009-12-13 01:09:57 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-12 23:29:37 ----D---- C:\Program Files\JAVASUN
2009-12-12 23:13:35 ----D---- C:\Program Files\JavaObnovaVerzí
2009-12-12 22:47:32 ----D---- C:\Program Files\OTCcleaner
2009-12-12 21:27:47 ----D---- C:\HijackThis
2009-12-12 20:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-12 20:04:01 ----D---- C:\32788R22FWJFW
2009-12-12 15:10:04 ----D---- C:\Documents and Settings\radim\Data aplikací\dvdcss
2009-12-12 15:06:37 ----D---- C:\Documents and Settings\radim\Data aplikací\vlc
2009-12-10 22:52:05 ----SHD---- C:\RECYCLER
2009-12-10 19:53:24 ----A---- C:\WINDOWS\PEV.exe
2009-12-10 19:53:24 ----A---- C:\WINDOWS\MBR.exe
2009-12-10 02:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-10 02:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-10 02:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-10 02:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-10 02:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-10 02:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-10 02:15:36 ----D---- C:\Documents and Settings\radim\Data aplikací\GRETECH
2009-12-10 01:56:37 ----D---- C:\Program Files\GOMplayer
2009-12-09 21:55:09 ----A---- C:\UsbFix.txt
2009-12-09 18:24:13 ----RAD---- C:\autorun.inf
2009-12-08 19:24:34 ----D---- C:\UsbFix
2009-12-06 14:12:57 ----D---- C:\Program Files\RootkitRevealer
2009-12-06 10:23:23 ----D---- C:\Program Files\MobilePartner
2009-12-05 15:24:18 ----D---- C:\Documents and Settings\radim\Data aplikací\Opera
2009-12-05 15:21:02 ----D---- C:\Program Files\Opera Turbo
2009-12-04 20:20:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-04 20:07:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-04 13:16:11 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-12-02 11:17:38 ----D---- C:\Program Files\O2 Mobilni internet
2009-12-01 16:17:15 ----D---- C:\Program Files\directx
2009-12-01 15:57:31 ----D---- C:\Program Files\Nival Interactive
======List of files/folders modified in the last 1 months======
2009-12-28 21:52:22 ----D---- C:\Program Files
2009-12-28 21:49:35 ----D---- C:\WINDOWS\Prefetch
2009-12-28 21:35:07 ----D---- C:\WINDOWS
2009-12-28 21:35:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-28 21:35:01 ----HD---- C:\WINDOWS\inf
2009-12-28 21:30:58 ----D---- C:\Program Files\Mozilla Firefox
2009-12-28 21:26:46 ----D---- C:\WINDOWS\Temp
2009-12-28 21:22:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-28 14:51:05 ----SHD---- C:\WINDOWS\Installer
2009-12-26 17:44:58 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-25 16:08:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-21 02:04:40 ----D---- C:\Documents and Settings\radim\Data aplikací\GARMIN
2009-12-21 00:52:11 ----D---- C:\WINDOWS\system32\Restore
2009-12-18 14:56:38 ----D---- C:\WINDOWS\system32
2009-12-14 13:41:15 ----RASH---- C:\boot.ini
2009-12-14 13:41:15 ----A---- C:\WINDOWS\win.ini
2009-12-14 13:41:15 ----A---- C:\WINDOWS\system.ini
2009-12-13 01:09:31 ----D---- C:\Program Files\Java
2009-12-12 21:34:17 ----D---- C:\Program Files\HijackThis
2009-12-12 20:48:00 ----D---- C:\WINDOWS\Debug
2009-12-12 20:44:32 ----D---- C:\WINDOWS\AppPatch
2009-12-12 20:42:51 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-12 20:41:23 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-12 15:03:51 ----D---- C:\Program Files\VLC Player
2009-12-10 21:51:34 ----D---- C:\WINDOWS\pss
2009-12-10 20:22:55 ----D---- C:\WINDOWS\system32\drivers
2009-12-10 20:01:19 ----D---- C:\Program Files\Common Files
2009-12-10 12:25:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 14:43:27 ----D---- C:\Program Files\golm
2009-12-09 11:12:31 ----A---- C:\WINDOWS\WORDPAD.INI
2009-12-09 03:09:26 ----D---- C:\Downloads
2009-12-09 01:13:17 ----SHD---- C:\System Volume Information
2009-12-07 16:32:53 ----D---- C:\WINDOWS\ERDNT
2009-12-04 22:44:33 ----D---- C:\Program Files\Adobe
2009-12-04 20:20:44 ----D---- C:\Documents and Settings\radim\Data aplikací\SUPERAntiSpyware.com
2009-12-04 20:16:57 ----D---- C:\Program Files\SuperaAntiSpyWare
2009-12-04 08:57:19 ----A---- C:\WINDOWS\wincmd.ini
2009-12-03 16:23:52 ----D---- C:\WINDOWS\system32\config
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-30 12:32:25 ----D---- C:\Documents and Settings\radim\Data aplikací\Desktopicon
2009-11-30 12:32:07 ----D---- C:\Program Files\MAMBMalwere
2009-11-30 00:12:40 ----D---- C:\Documents and Settings\radim\Data aplikací\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-23 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-09-26 1145728]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-10 1421312]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-16 4249088]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-04-20 17480]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-09 47360]
S3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys []
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-08-25 8807424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-04-12 639224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-10 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 O2Flash;O2Micro Flash Memory; C:\WINDOWS\system32\o2flash.exe [2005-01-27 36864]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2009-07-11 362184]
S2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2009-07-11 3285704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 XVYLU;XVYLU; C:\DOCUME~1\radim\LOCALS~1\Temp\XVYLU.exe []
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
z youtube atd. . Opera padá i při normálním připojení .Děkuji .
Logfile of random's system information tool 1.06 (written by random/random)
Run by radim at 2009-12-28 21:52:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 8 GB (8%) free of 95 GB
Total RAM: 1023 MB (68% free)
HijackThis download failed
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-13 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-13 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"@OnlineArmor GUI"=C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-07-11 2160840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-13 149280]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
C:\Program Files\Tall Emu\Online Armor\oaui.exe [2009-07-11 2160840]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2005-09-09 88203]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix\ /c C:\ComboFix\C.bat []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2006-11-12 157592]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
C:\Program Files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
C:\Program Files\System Control Manager\MGSysCtrl.exe [2006-03-24 179200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [2005-07-08 1953887]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-06-29 32768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2005-08-16 339968]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-23 2001648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
C:\WINDOWS\tsnp2std.exe [2005-08-17 90112]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2006-03-30 313472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2008-04-23 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~3\Office\OSA9.EXE [1999-02-17 65588]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
C:\PROGRA~1\EDIMAX\Common\RaUI.exe [2007-12-14 716800]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2008-10-04 393216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2009-09-03 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-01-10 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 267304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"=C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [2009-07-11 336584]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQLite\ICQLite.exe"="C:\Program Files\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\GAMEs\LOTR II\game.dat"="C:\GAMEs\LOTR II\game.dat:*:Enabled:The Battle for Middle-earth(tm) II"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Utorent\uTorrent\utorrent.exe"="C:\Program Files\Utorent\uTorrent\utorrent.exe:*:Enabled:µTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\AutoRun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23109fe1-918a-11de-b2de-0016174fa96c}]
shell\AutoRun\command - F:\InstallTomTomHOME.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f04a5077-e182-11de-b37d-d5c87f440030}]
shell\AutoRun\command - G:\AutoRun.exe
======List of files/folders created in the last 1 months======
2009-12-28 21:52:22 ----D---- C:\Program Files\trend micro
2009-12-28 21:52:21 ----D---- C:\rsit
2009-12-25 15:04:54 ----D---- C:\Program Files\DIFX
2009-12-25 15:04:44 ----D---- C:\Program Files\Garmin
2009-12-25 15:04:43 ----D---- C:\Garmin
2009-12-21 23:21:52 ----D---- C:\Program Files\CCleaner
2009-12-20 18:04:34 ----D---- C:\Documents and Settings\radim\Data aplikací\Download Manager
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-13 02:11:39 ----A---- C:\WINDOWS\system32\java.exe
2009-12-13 01:09:57 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-12 23:29:37 ----D---- C:\Program Files\JAVASUN
2009-12-12 23:13:35 ----D---- C:\Program Files\JavaObnovaVerzí
2009-12-12 22:47:32 ----D---- C:\Program Files\OTCcleaner
2009-12-12 21:27:47 ----D---- C:\HijackThis
2009-12-12 20:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-12 20:04:01 ----D---- C:\32788R22FWJFW
2009-12-12 15:10:04 ----D---- C:\Documents and Settings\radim\Data aplikací\dvdcss
2009-12-12 15:06:37 ----D---- C:\Documents and Settings\radim\Data aplikací\vlc
2009-12-10 22:52:05 ----SHD---- C:\RECYCLER
2009-12-10 19:53:24 ----A---- C:\WINDOWS\PEV.exe
2009-12-10 19:53:24 ----A---- C:\WINDOWS\MBR.exe
2009-12-10 02:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-10 02:37:02 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-10 02:36:48 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-10 02:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-10 02:36:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-10 02:36:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-10 02:15:36 ----D---- C:\Documents and Settings\radim\Data aplikací\GRETECH
2009-12-10 01:56:37 ----D---- C:\Program Files\GOMplayer
2009-12-09 21:55:09 ----A---- C:\UsbFix.txt
2009-12-09 18:24:13 ----RAD---- C:\autorun.inf
2009-12-08 19:24:34 ----D---- C:\UsbFix
2009-12-06 14:12:57 ----D---- C:\Program Files\RootkitRevealer
2009-12-06 10:23:23 ----D---- C:\Program Files\MobilePartner
2009-12-05 15:24:18 ----D---- C:\Documents and Settings\radim\Data aplikací\Opera
2009-12-05 15:21:02 ----D---- C:\Program Files\Opera Turbo
2009-12-04 20:20:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-04 20:07:40 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-04 13:16:11 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2009-12-02 11:17:38 ----D---- C:\Program Files\O2 Mobilni internet
2009-12-01 16:17:15 ----D---- C:\Program Files\directx
2009-12-01 15:57:31 ----D---- C:\Program Files\Nival Interactive
======List of files/folders modified in the last 1 months======
2009-12-28 21:52:22 ----D---- C:\Program Files
2009-12-28 21:49:35 ----D---- C:\WINDOWS\Prefetch
2009-12-28 21:35:07 ----D---- C:\WINDOWS
2009-12-28 21:35:03 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-28 21:35:01 ----HD---- C:\WINDOWS\inf
2009-12-28 21:30:58 ----D---- C:\Program Files\Mozilla Firefox
2009-12-28 21:26:46 ----D---- C:\WINDOWS\Temp
2009-12-28 21:22:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-28 14:51:05 ----SHD---- C:\WINDOWS\Installer
2009-12-26 17:44:58 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-25 16:08:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-21 02:04:40 ----D---- C:\Documents and Settings\radim\Data aplikací\GARMIN
2009-12-21 00:52:11 ----D---- C:\WINDOWS\system32\Restore
2009-12-18 14:56:38 ----D---- C:\WINDOWS\system32
2009-12-14 13:41:15 ----RASH---- C:\boot.ini
2009-12-14 13:41:15 ----A---- C:\WINDOWS\win.ini
2009-12-14 13:41:15 ----A---- C:\WINDOWS\system.ini
2009-12-13 01:09:31 ----D---- C:\Program Files\Java
2009-12-12 21:34:17 ----D---- C:\Program Files\HijackThis
2009-12-12 20:48:00 ----D---- C:\WINDOWS\Debug
2009-12-12 20:44:32 ----D---- C:\WINDOWS\AppPatch
2009-12-12 20:42:51 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-12-12 20:41:23 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-12 15:03:51 ----D---- C:\Program Files\VLC Player
2009-12-10 21:51:34 ----D---- C:\WINDOWS\pss
2009-12-10 20:22:55 ----D---- C:\WINDOWS\system32\drivers
2009-12-10 20:01:19 ----D---- C:\Program Files\Common Files
2009-12-10 12:25:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-09 14:43:27 ----D---- C:\Program Files\golm
2009-12-09 11:12:31 ----A---- C:\WINDOWS\WORDPAD.INI
2009-12-09 03:09:26 ----D---- C:\Downloads
2009-12-09 01:13:17 ----SHD---- C:\System Volume Information
2009-12-07 16:32:53 ----D---- C:\WINDOWS\ERDNT
2009-12-04 22:44:33 ----D---- C:\Program Files\Adobe
2009-12-04 20:20:44 ----D---- C:\Documents and Settings\radim\Data aplikací\SUPERAntiSpyware.com
2009-12-04 20:16:57 ----D---- C:\Program Files\SuperaAntiSpyWare
2009-12-04 08:57:19 ----A---- C:\WINDOWS\wincmd.ini
2009-12-03 16:23:52 ----D---- C:\WINDOWS\system32\config
2009-12-01 21:06:19 ----A---- C:\WINDOWS\system32\MRT.exe
2009-11-30 12:32:25 ----D---- C:\Documents and Settings\radim\Data aplikací\Desktopicon
2009-11-30 12:32:07 ----D---- C:\Program Files\MAMBMalwere
2009-11-30 00:12:40 ----D---- C:\Documents and Settings\radim\Data aplikací\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 42496]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 OADevice;OADriver; \??\C:\WINDOWS\system32\drivers\OADriver.sys []
R1 OAmon;OAmon; \??\C:\WINDOWS\system32\drivers\OAmon.sys []
R1 OAnet;OAnet; \??\C:\WINDOWS\system32\drivers\OAnet.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-04-23 21361]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2005-09-26 1145728]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-01-10 1421312]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-09-26 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-03-16 4249088]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-04-20 17480]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 PavTPK.sys;PavTPK.sys; \??\C:\WINDOWS\system32\PavTPK.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-10-09 47360]
S3 RT2500;RT2500 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT2500.sys []
S3 RT73;RT73 USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt73.sys [2008-01-15 459520]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2005-11-16 78976]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-08-25 8807424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-04-10 104576]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2007-04-12 639224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-01-10 405504]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 NishService;SCM Driver Daemon; C:\Program Files\System Control Manager\edd.exe [2006-03-22 40960]
R2 O2Flash;O2Micro Flash Memory; C:\WINDOWS\system32\o2flash.exe [2005-01-27 36864]
R2 OAcat;Online Armor Helper Service; C:\Program Files\Tall Emu\Online Armor\OAcat.exe [2009-07-11 362184]
S2 SvcOnlineArmor;Online Armor; C:\Program Files\Tall Emu\Online Armor\oasrv.exe [2009-07-11 3285704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 XVYLU;XVYLU; C:\DOCUME~1\radim\LOCALS~1\Temp\XVYLU.exe []
S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe []
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
Dobrý den
použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter restartujte PC a postup zopakujte - dojde k odebrání všech komponent Combofixu
(utilita může být označena antivirem jako vir - po použití ji smažte)
a pošlete nový log z Combofix:
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter restartujte PC a postup zopakujte - dojde k odebrání všech komponent Combofixu
(utilita může být označena antivirem jako vir - po použití ji smažte)
a pošlete nový log z Combofix:
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
T Cleaner jsem použil a log z CoboFix je zde , ale musel jsem ho rozdělit na dvě části , protože byl moc dlouhý .
Děkuji .
ComboFix 09-12-28.05 - radim 29.12.2009 13:19:32.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.637 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091229-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-29 )))))))))))))))))))))))))))))))
.
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-30 21:52 . 2007-04-12 08:32 -------- d-----w- c:\program files\FireFox
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-07-11 2160840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-07-11 336584]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
2009-07-11 03:15 2160840 ----a-w- c:\program files\Tall Emu\Online Armor\oaui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [20.6.2008 17:34 200784]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [20.6.2008 17:34 24656]
R1 OAnet;OAnet;c:\windows\system32\drivers\oanet.sys [20.6.2008 17:34 29776]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [13.8.2009 10:51 362184]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [20.6.2008 17:34 3285704]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S3 XVYLU;XVYLU;c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe --> c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe [?]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
Děkuji .
ComboFix 09-12-28.05 - radim 29.12.2009 13:19:32.7.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.637 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091229-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *enabled* {B797DAA0-7E2E-4711-8BB3-D12744F1922A}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-29 )))))))))))))))))))))))))))))))
.
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-30 21:52 . 2007-04-12 08:32 -------- d-----w- c:\program files\FireFox
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\oaui.exe" [2009-07-11 2160840]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2009-07-11 336584]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\@OnlineArmor GUI]
2009-07-11 03:15 2160840 ----a-w- c:\program files\Tall Emu\Online Armor\oaui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [20.6.2008 17:34 200784]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [20.6.2008 17:34 24656]
R1 OAnet;OAnet;c:\windows\system32\drivers\oanet.sys [20.6.2008 17:34 29776]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\oacat.exe [13.8.2009 10:51 362184]
R2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [20.6.2008 17:34 3285704]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S3 XVYLU;XVYLU;c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe --> c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe [?]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
Re: Prosím o kontrolu logu
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 13:29
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\windows\$NtUninstallKB952069_WM9$
c:\windows\vsnp2std.exe 339968 bytes executable
c:\windows\WBEM
c:\windows\Web
c:\windows\wiadebug.log 159 bytes
c:\windows\wiaservc.log 50 bytes
c:\windows\win.ini 781 bytes
c:\windows\wincmd.ini 1310 bytes
c:\windows\WindowsShell.Manifest 749 bytes
c:\windows\WindowsUpdate.log 1581681 bytes
c:\windows\WindowsXP-KB822603-x86.exe 349472 bytes executable
c:\windows\winhelp.exe 256419 bytes
c:\windows\winhlp32.exe 283648 bytes executable
c:\windows\winnt.bmp 48680 bytes
c:\windows\winnt256.bmp 48680 bytes
c:\windows\grep.exe 80412 bytes executable
c:\windows\Help
c:\windows\hh.exe 10752 bytes executable
c:\windows\HideWin.exe 315392 bytes executable
c:\windows\ie8updates
c:\windows\IFinst27.exe 65536 bytes executable
c:\windows\ime
c:\windows\inf
c:\windows\Installer
c:\windows\Internet Logs
c:\windows\IsUn0405.exe 307200 bytes executable
c:\windows\IsUninst.exe 306688 bytes executable
c:\windows\iun6002.exe 737280 bytes executable
c:\windows\pss
c:\windows\RAR.PIF 545 bytes
c:\windows\regedit.exe 147968 bytes executable
c:\windows\Registration
c:\windows\repair
c:\windows\Resources
c:\windows\Rododendron.bmp 17362 bytes
c:\windows\RTHDCPL.exe 16010752 bytes executable
c:\windows\RTLCPL.exe 9711104 bytes executable
c:\windows\RtlExUpd.dll 520192 bytes executable
c:\windows\RtlUpd.exe 364544 bytes executable
c:\windows\SchedLgU.Txt 32602 bytes
c:\windows\security
c:\windows\sed.exe 98816 bytes executable
c:\windows\ServicePackFiles
c:\windows\Mýdlové bubliny.bmp 65978 bytes
c:\windows\Na rybách.bmp 17336 bytes
c:\windows\network diagnostic
c:\windows\NIRCMD.exe 31232 bytes executable
c:\windows\NOCLOSE.PIF 545 bytes
c:\windows\notepad.exe 69632 bytes executable
c:\windows\nsreg.dat 0 bytes
c:\windows\ODBC.INI 390 bytes
c:\windows\ODBCINST.INI 4249 bytes
c:\windows\Offline Web Pages
c:\windows\Omítka Santa Fe.bmp 65832 bytes
c:\windows\PCDLIB32.DLL 212480 bytes executable
c:\windows\pchealth
c:\windows\PeerNet
c:\windows\PEV.exe 261632 bytes executable
c:\windows\PIF
c:\windows\PKUNZIP.PIF 545 bytes
c:\windows\PKZIP.PIF 545 bytes
c:\windows\Prefetch
c:\windows\Provisioning
c:\windows\Prérijní vítr.bmp 65954 bytes
c:\windows\setupact.log 41 bytes
c:\windows\setupapi.log 4024 bytes
c:\windows\setuperr.log 0 bytes
c:\windows\ShellNew
c:\windows\slrundll.exe 32866 bytes executable
c:\windows\snp2std.ini 15497 bytes
c:\windows\snp2std.src 13022 bytes
c:\windows\SoftwareDistribution
c:\windows\SoundMan.exe 86016 bytes executable
c:\windows\srchasst
c:\windows\ST6UNST.000 4565 bytes
c:\windows\ST6UNST.EXE 73216 bytes executable
c:\windows\Sti_Trace.log 0 bytes
c:\windows\Sun
c:\windows\SWREG.exe 161792 bytes executable
c:\windows\SWSC.exe 136704 bytes executable
c:\windows\SWXCACLS.exe 212480 bytes executable
c:\windows\SxsCaPendDel
c:\windows\system.ini 277 bytes
c:\windows\system32
c:\windows\system32CmdLineExt.dll 98304 bytes executable
c:\windows\$NtUninstallKB890859$
c:\windows\$NtUninstallKB914389$
c:\windows\$NtUninstallKB922819$
c:\windows\$NtUninstallKB927779$
c:\windows\$NtUninstallKB932168$
c:\windows\$NtUninstallKB941202$
c:\windows\$NtUninstallKB946627$
c:\windows\$hf_mig$
c:\windows\$MSI31Uninstall_KB893803v2$
c:\windows\control.ini 0 bytes
c:\windows\Cursors
c:\windows\Debug
c:\windows\desktop.ini 2 bytes
c:\windows\doom3.ini 317 bytes
c:\windows\Downloaded Installations
c:\windows\Downloaded Program Files
c:\windows\Driver Cache
c:\windows\dsez6485.dat 41 bytes
c:\windows\ehome
c:\windows\ERDNT
c:\windows\explorer.exe 1034240 bytes executable
c:\windows\explorer.scf 80 bytes
c:\windows\$NtUninstallKB958215$
c:\windows\$NtUninstallKB958215_0$
c:\windows\$NtUninstallKB958470$
c:\windows\$NtUninstallKB958644$
c:\windows\$NtUninstallKB958644_0$
c:\windows\$NtUninstallKB958687$
c:\windows\$NtUninstallKB958687_0$
c:\windows\$NtUninstallKB958869$
c:\windows\$NtUninstallKB959426$
c:\windows\$NtUninstallKB959426_0$
c:\windows\$NtUninstallKB959772_WM11$
c:\windows\$NtUninstallKB960225$
c:\windows\$NtUninstallKB960225_0$
c:\windows\$NtUninstallKB960714$
c:\windows\$NtUninstallKB960714_0$
c:\windows\$NtUninstallKB960803$
c:\windows\$NtUninstallKB960803_0$
c:\windows\$NtUninstallKB960859$
c:\windows\$NtUninstallKB961118$
c:\windows\$NtUninstallKB961371-v2$
c:\windows\$NtUninstallKB961501$
c:\windows\0.log 0 bytes
c:\windows\addins
c:\windows\agrsmdel.exe 68096 bytes executable
c:\windows\AGRSMMSG.exe 88203 bytes executable
c:\windows\Alcmtr.exe 69632 bytes executable
c:\windows\alcwzrd.exe 2809344 bytes executable
c:\windows\amcap.exe 94208 bytes executable
c:\windows\AppPatch
c:\windows\ARJ.PIF 545 bytes
c:\windows\assembly
c:\windows\avisplitter.INI 38 bytes
c:\windows\bootstat.dat 2048 bytes
c:\windows\clock.avi 82944 bytes
c:\windows\Config
c:\windows\$NtUninstallKB891781$
c:\windows\$NtUninstallKB893756$
c:\windows\$NtUninstallKB894391$
c:\windows\$NtUninstallKB896358$
c:\windows\$NtUninstallKB896423$
c:\windows\$NtUninstallKB896424$
c:\windows\$NtUninstallKB896428$
c:\windows\$NtUninstallKB898461$
c:\windows\$NtUninstallKB899587$
c:\windows\$NtUninstallKB899591$
c:\windows\$NtUninstallKB900485$
c:\windows\$NtUninstallKB900725$
c:\windows\$NtUninstallKB901017$
c:\windows\$NtUninstallKB901214$
c:\windows\$NtUninstallKB902400$
c:\windows\$NtUninstallKB904706$
c:\windows\$NtUninstallKB905414$
c:\windows\$NtUninstallKB905749$
c:\windows\$NtUninstallKB908519$
c:\windows\$NtUninstallKB908531$
c:\windows\$NtUninstallKB909394$
c:\windows\$NtUninstallKB910437$
c:\windows\$NtUninstallKB911280$
c:\windows\$NtUninstallKB911562$
c:\windows\$NtUninstallKB911564$
c:\windows\$NtUninstallKB911927$
c:\windows\$NtUninstallKB912919$
c:\windows\$NtUninstallKB913580$
c:\windows\$NtUninstallKB914388$
c:\windows\$NtUninstallKB916595$
c:\windows\$NtUninstallKB917344$
c:\windows\$NtUninstallKB917422$
c:\windows\$NtUninstallKB917734_WMP9$
c:\windows\$NtUninstallKB917953$
c:\windows\$NtUninstallKB918118$
c:\windows\$NtUninstallKB918439$
c:\windows\$NtUninstallKB919007$
c:\windows\$NtUninstallKB920213$
c:\windows\$NtUninstallKB920670$
c:\windows\$NtUninstallKB920683$
c:\windows\$NtUninstallKB920685$
c:\windows\$NtUninstallKB920872$
c:\windows\$NtUninstallKB921398$
c:\windows\$NtUninstallKB921503$
c:\windows\$NtUninstallKB922582$
c:\windows\$NtUninstallKB922616$
c:\windows\$NtUninstallKB923191$
c:\windows\$NtUninstallKB923414$
c:\windows\$NtUninstallKB923561$
c:\windows\$NtUninstallKB923561_0$
c:\windows\$NtUninstallKB923689$
c:\windows\$NtUninstallKB923694$
c:\windows\$NtUninstallKB923980$
c:\windows\$NtUninstallKB924191$
c:\windows\$NtUninstallKB924270$
c:\windows\$NtUninstallKB924496$
c:\windows\$NtUninstallKB924667$
c:\windows\$NtUninstallKB925398_WMP64$
c:\windows\$NtUninstallKB925454$
c:\windows\$NtUninstallKB925902$
c:\windows\$NtUninstallKB926239$
c:\windows\$NtUninstallKB926255$
c:\windows\$NtUninstallKB926436$
c:\windows\wmprfCSY.prx 36582 bytes
c:\windows\WMSysPr8.prx 156910 bytes
c:\windows\WMSysPr9.prx 316640 bytes
c:\windows\WORDPAD.INI 754 bytes
c:\windows\x2.64.exe 502784 bytes executable
c:\windows\Zapotec.bmp 9522 bytes
c:\windows\Zelený kámen.bmp 26582 bytes
c:\windows\zip.exe 68096 bytes executable
c:\windows\Zrnko kávy.bmp 17062 bytes
c:\windows\_default.pif 707 bytes
c:\windows\Řeka Sumida.bmp 26680 bytes
c:\windows\l2schemas
c:\windows\LHA.PIF 545 bytes
c:\windows\lmunin2.exe 28672 bytes executable
c:\windows\$NtServicePackUninstall$
c:\windows\$NtUninstallKB873339$
c:\windows\$NtUninstallKB885835$
c:\windows\$NtUninstallKB885836$
c:\windows\$NtUninstallKB886185$
c:\windows\$NtUninstallKB887472$
c:\windows\$NtUninstallKB888111WXPSP2$
c:\windows\$NtUninstallKB888302$
c:\windows\$NtUninstallKB927802$
c:\windows\$NtUninstallKB927891$
c:\windows\$NtUninstallKB928090$
c:\windows\$NtUninstallKB928255$
c:\windows\$NtUninstallKB928843$
c:\windows\$NtUninstallKB929123$
c:\windows\$NtUninstallKB929338$
c:\windows\$NtUninstallKB929399$
c:\windows\$NtUninstallKB929969$
c:\windows\$NtUninstallKB930178$
c:\windows\$NtUninstallKB930916$
c:\windows\$NtUninstallKB931261$
c:\windows\$NtUninstallKB931768$
c:\windows\$NtUninstallKB931784$
c:\windows\$NtUninstallKB931836$
c:\windows\MBR.exe 77312 bytes executable
c:\windows\Media
c:\windows\meta4.exe 217073 bytes executable
c:\windows\MicCal.exe 2158592 bytes executable
c:\windows\Microsoft.NET
c:\windows\Minidump
c:\windows\ModemLog_Agere Systems HDA Modem v6081.txt 8328 bytes
c:\windows\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 12904 bytes
c:\windows\Modrá krajka 16.bmp 1272 bytes
c:\windows\MOTA113.exe 66560 bytes executable
c:\windows\mozver.dat 2121 bytes
c:\windows\msagent
c:\windows\msapps
c:\windows\msdfmap.ini 1405 bytes
c:\windows\$NtUninstallKB933360$
c:\windows\$NtUninstallKB933566$
c:\windows\$NtUninstallKB933729$
c:\windows\$NtUninstallKB935448$
c:\windows\$NtUninstallKB935839$
c:\windows\$NtUninstallKB935840$
c:\windows\$NtUninstallKB936021$
c:\windows\$NtUninstallKB936782_WMP11$
c:\windows\$NtUninstallKB937143$
c:\windows\$NtUninstallKB937894$
c:\windows\$NtUninstallKB938127$
c:\windows\$NtUninstallKB938464$
c:\windows\$NtUninstallKB938464-v2$
c:\windows\$NtUninstallKB938464_0$
c:\windows\$NtUninstallKB938828$
c:\windows\$NtUninstallKB938829$
c:\windows\$NtUninstallKB939653$
c:\windows\$NtUninstallKB939683$
c:\windows\TASKMAN.EXE 15360 bytes executable
c:\windows\Tasks
c:\windows\Temp
c:\windows\Textura peří.bmp 16730 bytes
c:\windows\tsnp2std.exe 90112 bytes executable
c:\windows\twain.dll 94784 bytes
c:\windows\twain_32
c:\windows\twain_32.dll 50688 bytes executable
c:\windows\twunk_16.exe 49680 bytes
c:\windows\twunk_32.exe 25600 bytes executable
c:\windows\UC.PIF 545 bytes
c:\windows\usnp2std.exe 20480 bytes executable
c:\windows\vb.ini 36 bytes
c:\windows\vbaddin.ini 37 bytes
c:\windows\VBR6.CAB 4875633 bytes
c:\windows\$NtUninstallKB973346$
c:\windows\$NtUninstallKB973354$
c:\windows\$NtUninstallKB973354_0$
c:\windows\$NtUninstallKB973507$
c:\windows\$NtUninstallKB973507_0$
c:\windows\$NtUninstallKB973525$
c:\windows\$NtUninstallKB973540_WM9L$
c:\windows\$NtUninstallKB973687$
c:\windows\$NtUninstallKB973815$
c:\windows\$NtUninstallKB973815_0$
c:\windows\$NtUninstallKB973869$
c:\windows\$NtUninstallKB973869_0$
c:\windows\$NtUninstallKB973904$
c:\windows\$NtUninstallKB974112$
c:\windows\$NtUninstallKB974318$
c:\windows\$NtUninstallKB974392$
c:\windows\$NtUninstallKB974455$
c:\windows\$NtUninstallKB974571$
c:\windows\$NtUninstallKB975025$
c:\windows\$NtUninstallKB975467$
c:\windows\$NtUninstallKB976098-v2$
c:\windows\$NtUninstallKB976325$
c:\windows\$NtUninstallKB976749$
c:\windows\$NtUninstallMSCompPackV1$
c:\windows\$NtUninstallWMFDist11$
c:\windows\$NtUninstallwmp11$
c:\windows\$NtUninstallWudf01000$
c:\windows\$NtUninstallKB941568$
c:\windows\$NtUninstallKB941569$
c:\windows\$NtUninstallKB941644$
c:\windows\$NtUninstallKB941693$
c:\windows\$NtUninstallKB942615$
c:\windows\$NtUninstallKB942763$
c:\windows\$NtUninstallKB942840$
c:\windows\$NtUninstallKB943055$
c:\windows\$NtUninstallKB943460$
c:\windows\$NtUninstallKB943485$
c:\windows\$NtUninstallKB944338$
c:\windows\$NtUninstallKB944533$
c:\windows\$NtUninstallKB944653$
c:\windows\$NtUninstallKB945553$
c:\windows\$NtUninstallKB946026$
c:\windows\$NtUninstallKB967715$
c:\windows\$NtUninstallKB967715_0$
c:\windows\$NtUninstallKB968389$
c:\windows\$NtUninstallKB968537$
c:\windows\$NtUninstallKB968537_0$
c:\windows\$NtUninstallKB968816_WM9$
c:\windows\$NtUninstallKB969059$
c:\windows\$NtUninstallKB969947$
c:\windows\$NtUninstallKB970238$
c:\windows\$NtUninstallKB970238_0$
c:\windows\$NtUninstallKB970430$
c:\windows\$NtUninstallKB970653-v3$
c:\windows\$NtUninstallKB971032$
c:\windows\$NtUninstallKB971486$
c:\windows\$NtUninstallKB971557$
c:\windows\$NtUninstallKB971633$
c:\windows\$NtUninstallKB971633_0$
c:\windows\$NtUninstallKB971657$
c:\windows\$NtUninstallKB971737$
c:\windows\$NtUninstallKB971961$
c:\windows\$NtUninstallKB972260$
c:\windows\$NtUninstallKB946648$
c:\windows\$NtUninstallKB946648_0$
c:\windows\$NtUninstallKB947864$
c:\windows\$NtUninstallKB948590$
c:\windows\$NtUninstallKB948881$
c:\windows\$NtUninstallKB950749$
c:\windows\$NtUninstallKB950759$
c:\windows\$NtUninstallKB950759_0$
c:\windows\$NtUninstallKB950760$
c:\windows\$NtUninstallKB950762$
c:\windows\$NtUninstallKB950762_0$
c:\windows\$NtUninstallKB950974$
c:\windows\$NtUninstallKB950974_0$
c:\windows\$NtUninstallKB951066$
c:\windows\$NtUninstallKB951066_0$
c:\windows\$NtUninstallKB951072-v2$
c:\windows\$NtUninstallKB951376$
c:\windows\$NtUninstallKB951376-v2$
c:\windows\$NtUninstallKB951376-v2_0$
c:\windows\$NtUninstallKB951376_0$
c:\windows\$NtUninstallKB951698$
c:\windows\$NtUninstallKB951698_0$
c:\windows\$NtUninstallKB951748$
c:\windows\$NtUninstallKB951748_0$
c:\windows\$NtUninstallKB951978$
c:\windows\$NtUninstallKB952004$
c:\windows\$NtUninstallKB952004_0$
c:\windows\$NtUninstallKB956390$
c:\windows\$NtUninstallKB956390_0$
c:\windows\$NtUninstallKB956391$
c:\windows\$NtUninstallKB956572$
c:\windows\$NtUninstallKB956744$
c:\windows\$NtUninstallKB956802$
c:\windows\$NtUninstallKB956802_0$
c:\windows\$NtUninstallKB956803$
c:\windows\$NtUninstallKB956803_0$
c:\windows\$NtUninstallKB956841$
c:\windows\$NtUninstallKB956841_0$
c:\windows\$NtUninstallKB956844$
c:\windows\$NtUninstallKB957095$
c:\windows\$NtUninstallKB957095_0$
c:\windows\$NtUninstallKB957097$
c:\windows\$NtUninstallKB952287$
c:\windows\$NtUninstallKB952287_0$
c:\windows\$NtUninstallKB952954$
c:\windows\$NtUninstallKB952954_0$
c:\windows\$NtUninstallKB953838$
c:\windows\$NtUninstallKB953838_0$
c:\windows\$NtUninstallKB953839$
c:\windows\$NtUninstallKB954154_WM11$
c:\windows\$NtUninstallKB954155_WM9$
c:\windows\$NtUninstallKB954211$
c:\windows\$NtUninstallKB954211_0$
c:\windows\$NtUninstallKB954459$
c:\windows\$NtUninstallKB954600$
c:\windows\$NtUninstallKB954600_0$
c:\windows\$NtUninstallKB955069$
c:\windows\$NtUninstallKB955069_0$
c:\windows\$NtUninstallKB955759$
c:\windows\$NtUninstallKB955839$
c:\windows\$NtUninstallKB957097_0$
c:\windows\$NtUninstallKB961501_0$
c:\windows\$NtUninstallKB972260_0$
c:\windows\Connection Wizard
c:\windows\Fonts
c:\windows\java
c:\windows\MAXLINK.INI 416 bytes
c:\windows\mui
c:\windows\vmmreg32.dll 18944 bytes executable
c:\windows\WinSxS
c:\windows\system32\drivers\sr.sys 73344 bytes executable
c:\windows\system32\drivers\srv.sys 333952 bytes executable
c:\windows\system32\drivers\stream.sys 49408 bytes executable
c:\windows\system32\drivers\streamip.sys 15232 bytes executable
c:\windows\system32\drivers\swenum.sys 4352 bytes executable
c:\windows\system32\drivers\swmidi.sys 56576 bytes executable
c:\windows\system32\drivers\sysaudio.sys 60800 bytes executable
c:\windows\system32\drivers\tape.sys 14976 bytes executable
c:\windows\system32\drivers\tcpip.sys 361600 bytes executable
c:\windows\system32\drivers\tcpip6.sys 225856 bytes executable
c:\windows\system32\drivers\tdi.sys 19072 bytes executable
c:\windows\system32\drivers\tdpipe.sys 12040 bytes executable
c:\windows\system32\drivers\tdtcp.sys 21896 bytes executable
c:\windows\system32\drivers\termdd.sys 40840 bytes executable
c:\windows\system32\drivers\tosdvd.sys 51712 bytes executable
c:\windows\system32\drivers\tsbvcap.sys 21376 bytes executable
c:\windows\system32\drivers\tunmp.sys 12288 bytes executable
c:\windows\system32\drivers\TVICHW32.SYS 23600 bytes executable
c:\windows\system32\drivers\uagp35.sys 44672 bytes executable
c:\windows\system32\drivers\udfs.sys 66048 bytes executable
c:\windows\system32\drivers\UMDF
c:\windows\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf 0 bytes
c:\windows\system32\drivers\UMDF\wpdmtpdr.dll 671232 bytes executable
c:\windows\system32\drivers\update.sys 384768 bytes executable
c:\windows\system32\drivers\usb8023.sys 12800 bytes executable
c:\windows\system32\drivers\usb8023x.sys 12800 bytes executable
c:\windows\system32\drivers\usbcamd.sys 25600 bytes executable
c:\windows\system32\drivers\usbcamd2.sys 25728 bytes executable
c:\windows\system32\drivers\usbccgp.sys 32128 bytes executable
c:\windows\system32\drivers\ewdcsc.sys 24448 bytes executable
c:\windows\system32\drivers\ewusbmdm.sys 101376 bytes executable
c:\windows\system32\drivers\ewusbnet.sys 113664 bytes executable
c:\windows\system32\drivers\fastfat.sys 143744 bytes executable
c:\windows\system32\drivers\fdc.sys 27392 bytes executable
c:\windows\system32\drivers\fips.sys 44544 bytes executable
c:\windows\system32\drivers\flpydisk.sys 20480 bytes executable
c:\windows\system32\drivers\fltmgr.sys 129792 bytes executable
c:\windows\system32\drivers\fsbts.sys 26624 bytes executable
c:\windows\system32\drivers\fsvga.sys 12160 bytes executable
c:\windows\system32\drivers\fs_rec.sys 7936 bytes executable
c:\windows\system32\drivers\ftdisk.sys 125184 bytes executable
c:\windows\system32\drivers\gagp30kx.sys 46464 bytes executable
c:\windows\system32\drivers\gm.dls 3440660 bytes
c:\windows\system32\drivers\gmreadme.txt 646 bytes
c:\windows\system32\drivers\hamachi.sys 17480 bytes executable
c:\windows\system32\drivers\hdaudbus.sys 144384 bytes executable
c:\windows\system32\drivers\Hdaudio.sys 145920 bytes executable
c:\windows\system32\drivers\hidbth.sys 25600 bytes executable
c:\windows\system32\drivers\hidclass.sys 36864 bytes executable
c:\windows\system32\drivers\hidir.sys 19200 bytes executable
c:\windows\system32\drivers\hidparse.sys 24960 bytes executable
c:\windows\system32\drivers\hidusb.sys 10368 bytes executable
c:\windows\system32\drivers\hsfbs2s2.sys 220032 bytes executable
c:\windows\system32\drivers\hsfcxts2.sys 685056 bytes executable
c:\windows\system32\drivers\hsfdpsp2.sys 1041536 bytes executable
c:\windows\system32\drivers\http.sys 265728 bytes executable
c:\windows\system32\drivers\i8042prt.sys 52096 bytes executable
c:\windows\system32\drivers\imapi.sys 42112 bytes executable
c:\windows\system32\drivers\intelppm.sys 40192 bytes executable
c:\windows\system32\drivers\ip6fw.sys 36608 bytes executable
c:\windows\system32\drivers\mrxdav.sys 180608 bytes executable
c:\windows\system32\drivers\mrxsmb.sys 455296 bytes executable
c:\windows\system32\drivers\msfs.sys 19072 bytes executable
c:\windows\system32\drivers\msgpc.sys 35072 bytes executable
c:\windows\system32\drivers\mskssrv.sys 7552 bytes executable
c:\windows\system32\drivers\mspclock.sys 5376 bytes executable
c:\windows\system32\drivers\mspqm.sys 4992 bytes executable
c:\windows\system32\drivers\mssmbios.sys 15488 bytes executable
c:\windows\system32\drivers\mstee.sys 5504 bytes executable
c:\windows\system32\drivers\mtlmnt5.sys 126686 bytes executable
c:\windows\system32\drivers\mtlstrm.sys 1309184 bytes executable
c:\windows\system32\drivers\mtxparhm.sys 452736 bytes executable
c:\windows\system32\drivers\mup.sys 105344 bytes executable
c:\windows\system32\drivers\mutohpen.sys 12672 bytes executable
c:\windows\system32\drivers\nabtsfec.sys 85248 bytes executable
c:\windows\system32\drivers\ndis.sys 182656 bytes executable
c:\windows\system32\drivers\ndisip.sys 10880 bytes executable
c:\windows\system32\drivers\ndistapi.sys 10112 bytes executable
c:\windows\system32\drivers\ndisuio.sys 14592 bytes executable
c:\windows\system32\drivers\ndiswan.sys 91520 bytes executable
c:\windows\system32\drivers\ndproxy.sys 40576 bytes executable
c:\windows\system32\drivers\netbios.sys 34688 bytes executable
c:\windows\system32\drivers\netbt.sys 162816 bytes executable
c:\windows\system32\drivers\netwlan5.img 67866 bytes
c:\windows\system32\drivers\nic1394.sys 61824 bytes executable
c:\windows\system32\drivers\nikedrv.sys 12032 bytes executable
c:\windows\system32\drivers\nmnt.sys 40320 bytes executable
c:\windows\system32\drivers\npfs.sys 30848 bytes executable
c:\windows\system32\drivers\ntfs.sys 574976 bytes executable
c:\windows\system32\drivers\ntmtlfax.sys 180360 bytes executable
c:\windows\system32\drivers\null.sys 2944 bytes executable
c:\windows\system32\drivers\nv4_mini.sys 1897408 bytes executable
c:\windows\system32\drivers\nwlnkflt.sys 12416 bytes executable
c:\windows\system32\drivers\nwlnkfwd.sys 32512 bytes executable
c:\windows\system32\drivers\nwlnkipx.sys 88320 bytes executable
c:\windows\system32\drivers\cdrom.sys 62976 bytes executable
c:\windows\system32\drivers\ch7xxnt5.dll 15423 bytes executable
c:\windows\system32\drivers\cinemst2.sys 262528 bytes executable
c:\windows\system32\drivers\classpnp.sys 49536 bytes executable
c:\windows\system32\drivers\cmbatt.sys 13952 bytes executable
c:\windows\system32\drivers\compbatt.sys 10240 bytes executable
c:\windows\system32\drivers\cpqdap01.sys 11776 bytes executable
c:\windows\system32\drivers\crusoe.sys 40576 bytes executable
c:\windows\system32\drivers\cxthsfs2.cty 129045 bytes
c:\windows\system32\drivers\disdn
c:\windows\system32\drivers\disk.sys 36352 bytes executable
c:\windows\system32\drivers\diskdump.sys 14208 bytes executable
c:\windows\system32\drivers\dmboot.sys 800000 bytes executable
c:\windows\system32\drivers\dmio.sys 153856 bytes executable
c:\windows\system32\drivers\dmload.sys 5888 bytes executable
c:\windows\system32\drivers\dmusic.sys 52864 bytes executable
c:\windows\system32\drivers\drmk.sys 60160 bytes executable
c:\windows\system32\drivers\drmkaud.sys 2944 bytes executable
c:\windows\system32\drivers\dxapi.sys 10496 bytes executable
c:\windows\system32\drivers\dxg.sys 71168 bytes executable
c:\windows\system32\drivers\dxgthk.sys 3328 bytes executable
c:\windows\system32\drivers\enum1394.sys 6400 bytes executable
c:\windows\system32\drivers\rdbss.sys 175744 bytes executable
c:\windows\system32\drivers\rdpcdd.sys 4224 bytes executable
c:\windows\system32\drivers\rdpdr.sys 196224 bytes executable
c:\windows\system32\drivers\rdpwd.sys 139656 bytes executable
c:\windows\system32\drivers\recagent.sys 13776 bytes executable
c:\windows\system32\drivers\redbook.sys 58496 bytes executable
c:\windows\system32\drivers\rfcomm.sys 59136 bytes executable
c:\windows\system32\drivers\rio8drv.sys 12032 bytes executable
c:\windows\system32\drivers\riodrv.sys 12032 bytes executable
c:\windows\system32\drivers\rmcast.sys 203136 bytes executable
c:\windows\system32\drivers\rndismp.sys 30592 bytes executable
c:\windows\system32\drivers\rndismpx.sys 30592 bytes executable
c:\windows\system32\drivers\rootmdm.sys 5888 bytes executable
c:\windows\system32\drivers\rt73.sys 459520 bytes executable
c:\windows\system32\drivers\Rtenicxp.sys 78976 bytes executable
c:\windows\system32\drivers\RtkHDAud.Sys 4249088 bytes executable
c:\windows\system32\drivers\s3gnbm.sys 166912 bytes executable
c:\windows\system32\drivers\scdemu.sys 33292 bytes executable
c:\windows\system32\drivers\scsiport.sys 96384 bytes executable
c:\windows\system32\drivers\sdbus.sys 79232 bytes executable
c:\windows\system32\drivers\AmdK8.sys 42496 bytes executable
c:\windows\system32\drivers\ati1xsxx.sys 34735 bytes executable
c:\windows\system32\drivers\ativvpxx.vp 25600 bytes
c:\windows\system32\drivers\cdralw2k.sys 9464 bytes executable
c:\windows\system32\drivers\etc
c:\windows\system32\drivers\etc\hosts 27 bytes
c:\windows\system32\drivers\etc\hosts.20071003-191230.backup 737 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195032.backup 186194 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195137.backup 186715 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195441.backup 186715 bytes
c:\windows\system32\drivers\etc\hosts.ics 443 bytes
c:\windows\system32\drivers\etc\hosts.idx 52 bytes
c:\windows\system32\drivers\etc\lmhosts.sam 3615 bytes
c:\windows\system32\drivers\etc\NetPcap.cfg 3464 bytes
c:\windows\system32\drivers\etc\networks 412 bytes
c:\windows\system32\drivers\etc\protocol 831 bytes
c:\windows\system32\drivers\etc\services 7137 bytes
c:\windows\system32\drivers\ipfltdrv.sys 32896 bytes executable
c:\windows\system32\drivers\mqac.sys 91776 bytes executable
c:\windows\system32\drivers\nwlnknb.sys 63232 bytes executable
c:\windows\system32\drivers\oprghdlr.sys 3456 bytes executable
c:\windows\system32\drivers\rawwan.sys 34432 bytes executable
c:\windows\system32\drivers\secdrv.sys 20480 bytes executable
c:\windows\system32\drivers\sptd.sys 639224 bytes executable
c:\windows\system32\drivers\usbd.sys 4736 bytes executable
c:\windows\system32\drivers\wadv09nt.sys 11871 bytes executable
c:\windows\system32\drivers\1394bus.sys 53376 bytes executable
c:\windows\system32\drivers\7187156.sys 315408 bytes executable
c:\windows\system32\drivers\71871561.sys 128016 bytes executable
c:\windows\system32\drivers\71871562.sys 37392 bytes executable
c:\windows\system32\drivers\aavmker4.sys 27408 bytes executable
c:\windows\system32\drivers\acpi.sys 188288 bytes executable
c:\windows\system32\drivers\acpiec.sys 11776 bytes executable
c:\windows\system32\drivers\adv01nt5.dll 4255 bytes executable
c:\windows\system32\drivers\adv02nt5.dll 3967 bytes executable
c:\windows\system32\drivers\adv05nt5.dll 3615 bytes executable
c:\windows\system32\drivers\adv07nt5.dll 3647 bytes executable
c:\windows\system32\drivers\adv08nt5.dll 3135 bytes executable
c:\windows\system32\drivers\adv09nt5.dll 3711 bytes executable
c:\windows\system32\drivers\adv11nt5.dll 3775 bytes executable
c:\windows\system32\drivers\aec.sys 142592 bytes executable
c:\windows\system32\drivers\AegisP.sys 21361 bytes executable
c:\windows\system32\drivers\afd.sys 138496 bytes executable
c:\windows\system32\drivers\agp440.sys 42368 bytes executable
c:\windows\system32\drivers\agpcpq.sys 44928 bytes executable
c:\windows\system32\drivers\AGRSM.sys 1145728 bytes executable
c:\windows\system32\drivers\alim1541.sys 42752 bytes executable
c:\windows\system32\drivers\amdagp.sys 43008 bytes executable
c:\windows\system32\drivers\amdk6.sys 41216 bytes executable
c:\windows\system32\drivers\amdk7.sys 41600 bytes executable
c:\windows\system32\drivers\ipinip.sys 20864 bytes executable
c:\windows\system32\drivers\ipnat.sys 152832 bytes executable
c:\windows\system32\drivers\ipsec.sys 75264 bytes executable
c:\windows\system32\drivers\irbus.sys 46592 bytes executable
c:\windows\system32\drivers\irenum.sys 11264 bytes executable
c:\windows\system32\drivers\isapnp.sys 37248 bytes executable
c:\windows\system32\drivers\kbdclass.sys 24576 bytes executable
c:\windows\system32\drivers\kbdhid.sys 14592 bytes executable
c:\windows\system32\drivers\kmixer.sys 172416 bytes executable
c:\windows\system32\drivers\ks.sys 141056 bytes executable
c:\windows\system32\drivers\ksecdd.sys 92928 bytes executable
c:\windows\system32\drivers\Lbd.sys 64160 bytes executable
c:\windows\system32\drivers\mbam.sys 19160 bytes executable
c:\windows\system32\drivers\mbamswissarmy.sys 38224 bytes executable
c:\windows\system32\drivers\mcd.sys 7680 bytes executable
c:\windows\system32\drivers\mdmxsdk.sys 11868 bytes executable
c:\windows\system32\drivers\mf.sys 63744 bytes executable
c:\windows\system32\drivers\MGHwCtrl.sys 20128 bytes executable
c:\windows\system32\drivers\mnmdd.sys 4224 bytes executable
c:\windows\system32\drivers\mod7700.sys 621056 bytes executable
c:\windows\system32\drivers\modem.sys 30080 bytes executable
c:\windows\system32\drivers\mouclass.sys 23040 bytes executable
c:\windows\system32\drivers\mouhid.sys 12160 bytes executable
c:\windows\system32\drivers\mountmgr.sys 42368 bytes executable
c:\windows\system32\drivers\p3.sys 46592 bytes executable
c:\windows\system32\drivers\parport.sys 80000 bytes executable
c:\windows\system32\drivers\partmgr.sys 19712 bytes executable
c:\windows\system32\drivers\parvdm.sys 6784 bytes executable
c:\windows\system32\drivers\pci.sys 68736 bytes executable
c:\windows\system32\drivers\pciide.sys 3328 bytes executable
c:\windows\system32\drivers\pciidex.sys 24960 bytes executable
c:\windows\system32\drivers\pcmcia.sys 120064 bytes executable
c:\windows\system32\drivers\pcouffin.sys 47360 bytes executable
c:\windows\system32\drivers\portcls.sys 146048 bytes executable
c:\windows\system32\drivers\processr.sys 39680 bytes executable
c:\windows\system32\drivers\psched.sys 69120 bytes executable
c:\windows\system32\drivers\ptilink.sys 17792 bytes executable
c:\windows\system32\drivers\PxHelp20.sys 43528 bytes executable
c:\windows\system32\drivers\rasacd.sys 8832 bytes executable
c:\windows\system32\drivers\rasl2tp.sys 51328 bytes executable
c:\windows\system32\drivers\raspppoe.sys 41472 bytes executable
c:\windows\system32\drivers\raspptp.sys 48384 bytes executable
c:\windows\system32\drivers\raspti.sys 16512 bytes executable
c:\windows\system32\drivers\serenum.sys 15744 bytes executable
c:\windows\system32\drivers\serial.sys 64256 bytes executable
c:\windows\system32\drivers\sfdrv01.sys 50688 bytes executable
c:\windows\system32\drivers\sffdisk.sys 11904 bytes executable
c:\windows\system32\drivers\sffp_mmc.sys 10240 bytes executable
c:\windows\system32\drivers\sffp_sd.sys 11008 bytes executable
c:\windows\system32\drivers\sfhlp02.sys 6656 bytes executable
c:\windows\system32\drivers\sfloppy.sys 11392 bytes executable
c:\windows\system32\drivers\siint5.dll 3901 bytes executable
c:\windows\system32\drivers\sisagp.sys 40960 bytes executable
c:\windows\system32\drivers\slip.sys 11136 bytes executable
c:\windows\system32\drivers\slnt7554.sys 129535 bytes executable
c:\windows\system32\drivers\slntamr.sys 404990 bytes executable
c:\windows\system32\drivers\slnthal.sys 95424 bytes executable
c:\windows\system32\drivers\slwdmsup.sys 13240 bytes executable
c:\windows\system32\drivers\smbali.sys 5888 bytes executable
c:\windows\system32\drivers\smclib.sys 14592 bytes executable
c:\windows\system32\drivers\sncamd.sys 24448 bytes executable
c:\windows\system32\drivers\snp2sxp.sys 8807424 bytes executable
c:\windows\system32\drivers\sonydcam.sys 25344 bytes executable
c:\windows\system32\drivers\splitter.sys 6272 bytes executable
c:\windows\system32\drivers\usbehci.sys 30208 bytes executable
c:\windows\system32\drivers\usbhub.sys 59520 bytes executable
c:\windows\system32\drivers\usbintel.sys 15872 bytes executable
c:\windows\system32\drivers\usbohci.sys 17152 bytes executable
c:\windows\system32\drivers\usbport.sys 143872 bytes executable
c:\windows\system32\drivers\usbprint.sys 25856 bytes executable
c:\windows\system32\drivers\usbscan.sys 15104 bytes executable
c:\windows\system32\drivers\usbstor.sys 26368 bytes executable
c:\windows\system32\drivers\usbvideo.sys 121984 bytes executable
c:\windows\system32\drivers\vchnt5.dll 11325 bytes executable
c:\windows\system32\drivers\vdmindvd.sys 58112 bytes executable
c:\windows\system32\drivers\vga.sys 20992 bytes executable
c:\windows\system32\drivers\viaagp.sys 42240 bytes executable
c:\windows\system32\drivers\videoprt.sys 81664 bytes executable
c:\windows\system32\drivers\volsnap.sys 52480 bytes executable
c:\windows\system32\drivers\wacompen.sys 14208 bytes executable
c:\windows\system32\drivers\wadv07nt.sys 11807 bytes executable
c:\windows\system32\drivers\wadv08nt.sys 11295 bytes executable
c:\windows\system32\drivers\atmarpc.sys 59904 bytes executable
c:\windows\system32\drivers\atmepvc.sys 31360 bytes executable
c:\windows\system32\drivers\atmlane.sys 55808 bytes executable
c:\windows\system32\drivers\atmuni.sys 352256 bytes executable
c:\windows\system32\drivers\atv01nt5.dll 21183 bytes executable
c:\windows\system32\drivers\atv02nt5.dll 11359 bytes executable
c:\windows\system32\drivers\atv04nt5.dll 25471 bytes executable
c:\windows\system32\drivers\atv06nt5.dll 14143 bytes executable
c:\windows\system32\drivers\atv10nt5.dll 17279 bytes executable
c:\windows\system32\drivers\audstub.sys 3072 bytes executable
c:\windows\system32\drivers\battc.sys 14208 bytes executable
c:\windows\system32\drivers\beep.sys 4224 bytes executable
c:\windows\system32\drivers\bridge.sys 71552 bytes executable
c:\windows\system32\drivers\bthenum.sys 17024 bytes executable
c:\windows\system32\drivers\bthmodem.sys 37888 bytes executable
c:\windows\system32\drivers\bthpan.sys 101120 bytes executable
c:\windows\system32\drivers\bthport.sys 272128 bytes executable
c:\windows\system32\drivers\bthprint.sys 36480 bytes executable
c:\windows\system32\drivers\bthusb.sys 18944 bytes executable
c:\windows\system32\drivers\cbidf2k.sys 13952 bytes executable
c:\windows\system32\drivers\ccdecode.sys 17024 bytes executable
c:\windows\system32\drivers\cdaudio.sys 18688 bytes executable
c:\windows\system32\drivers\cdfs.sys 63744 bytes executable
c:\windows\system32\drivers\cdr4_xp.sys 9336 bytes executable
c:\windows\system32\drivers\nwlnkspx.sys 55936 bytes executable
c:\windows\system32\drivers\nwrdr.sys 163584 bytes executable
c:\windows\system32\drivers\O2MDDISK.CAT 7537 bytes
c:\windows\system32\drivers\O2MDDISK.INF 886 bytes
c:\windows\system32\drivers\O2MEDIA.CAT 7960 bytes
c:\windows\system32\drivers\O2MEDIA.INF 1705 bytes
c:\windows\system32\drivers\o2media.sys 34880 bytes executable
c:\windows\system32\drivers\O2MWXP.CAT 8655 bytes
c:\windows\system32\drivers\O2MWXP.INF 4286 bytes
c:\windows\system32\drivers\O2SD.CAT 7948 bytes
c:\windows\system32\drivers\O2SD.INF 1683 bytes
c:\windows\system32\drivers\o2sd.sys 29056 bytes executable
c:\windows\system32\drivers\O2SDDISK.CAT 7537 bytes
c:\windows\system32\drivers\O2SDDISK.INF 874 bytes
c:\windows\system32\drivers\OADriver.sys 200784 bytes executable
c:\windows\system32\drivers\OAmon.sys 24656 bytes executable
c:\windows\system32\drivers\oanet.sys 29776 bytes executable
c:\windows\system32\drivers\ohci1394.sys 61696 bytes executable
c:\windows\system32\drivers\arp1394.sys 60800 bytes executable
c:\windows\system32\drivers\aswFsBlk.sys 20560 bytes executable
c:\windows\system32\drivers\aswmon.sys 93424 bytes executable
c:\windows\system32\drivers\aswmon2.sys 94160 bytes executable
c:\windows\system32\drivers\aswRdr.sys 23120 bytes executable
c:\windows\system32\drivers\aswSP.sys 114768 bytes executable
c:\windows\system32\drivers\aswTdi.sys 48560 bytes executable
c:\windows\system32\drivers\asyncmac.sys 14336 bytes executable
c:\windows\system32\drivers\atapi.sys 96512 bytes executable
c:\windows\system32\drivers\ati1btxx.sys 56623 bytes executable
c:\windows\system32\drivers\ati1mdxx.sys 11615 bytes executable
c:\windows\system32\drivers\ati1pdxx.sys 12047 bytes executable
c:\windows\system32\drivers\ati1raxx.sys 30671 bytes executable
c:\windows\system32\drivers\ati1rvxx.sys 63663 bytes executable
c:\windows\system32\drivers\ati1snxx.sys 26367 bytes executable
c:\windows\system32\drivers\ati1ttxx.sys 21343 bytes executable
c:\windows\system32\drivers\ati1tuxx.sys 36463 bytes executable
c:\windows\system32\drivers\ati1xbxx.sys 29455 bytes executable
c:\windows\system32\drivers\wadv11nt.sys 11935 bytes executable
c:\windows\system32\drivers\wanarp.sys 34560 bytes executable
c:\windows\system32\drivers\watv06nt.sys 22271 bytes executable
c:\windows\system32\drivers\watv10nt.sys 25471 bytes executable
c:\windows\system32\drivers\wceusbsh.sys 104576 bytes executable
c:\windows\system32\drivers\wdmaud.sys 83072 bytes executable
c:\windows\system32\drivers\wmilib.sys 4352 bytes executable
c:\windows\system32\drivers\wpdusb.sys 38528 bytes executable
c:\windows\system32\drivers\ws2ifsl.sys 12032 bytes executable
c:\windows\system32\drivers\wstcodec.sys 19200 bytes executable
c:\windows\system32\drivers\WudfPf.sys 77568 bytes executable
c:\windows\system32\drivers\WudfRd.sys 82944 bytes executable
c:\windows\system32\drivers\_004470_.tmp.dll 71040 bytes executable
c:\windows\system32\drivers\ati2erec.dll 40960 bytes executable
c:\windows\system32\drivers\ati2mtaa.sys 326912 bytes executable
c:\windows\system32\drivers\ati2mtag.sys 1421312 bytes executable
c:\windows\system32\drivers\atinbtxx.sys 57856 bytes executable
c:\windows\system32\drivers\atinmdxx.sys 13824 bytes executable
c:\windows\system32\drivers\atinpdxx.sys 14336 bytes executable
c:\windows\system32\drivers\atinraxx.sys 52224 bytes executable
c:\windows\system32\drivers\atinrvxx.sys 104960 bytes executable
c:\windows\system32\drivers\atinsnxx.sys 28672 bytes executable
c:\windows\system32\drivers\atinttxx.sys 13824 bytes executable
c:\windows\system32\drivers\atintuxx.sys 73216 bytes executable
c:\windows\system32\drivers\atinxbxx.sys 31744 bytes executable
c:\windows\system32\drivers\atinxsxx.sys 63488 bytes executable
c:\windows\system32\drivers\ativcaxx.cpa 1114674 bytes
c:\windows\system32\drivers\ativcaxx.vp 929 bytes
c:\windows\system32\drivers\ativckxx.vp 58560 bytes
c:\windows\system32\drivers\ativmc20.cod 64352 bytes
c:\windows\system32\wbem\wmipicmp.mfl 14284 bytes
c:\windows\system32\wbem\wmipicmp.mof 19356 bytes
c:\windows\system32\wbem\wmipiprt.dll 61952 bytes executable
c:\windows\system32\wbem\wmipiprt.mfl 16662 bytes
c:\windows\system32\wbem\wmipiprt.mof 23692 bytes
c:\windows\system32\wbem\wmipjobj.dll 62464 bytes executable
c:\windows\system32\wbem\wmipjobj.mfl 43978 bytes
c:\windows\system32\wbem\wmipjobj.mof 61208 bytes
c:\windows\system32\wbem\wmiprov.dll 144896 bytes executable
c:\windows\system32\wbem\wmiprvsd.dll 453120 bytes executable
c:\windows\system32\wbem\wmiprvse.exe 227840 bytes executablec:\windows\system32\wbem\wmipsess.dll 41472 bytes executable
c:\windows\system32\wbem\wmipsess.mfl 9004 bytes
c:\windows\system32\wbem\wmipsess.mof 13880 bytes
c:\windows\system32\wbem\wmisvc.dll 144896 bytes executable
c:\windows\system32\wbem\wmitimep.dll 52224 bytes executable
c:\windows\system32\wbem\wmitimep.mfl 4014 bytes
c:\windows\system32\wbem\wmitimep.mof 6494 bytes
c:\windows\system32\wbem\wmiutils.dll 96768 bytes executable
c:\windows\system32\wbem\wscenter.mof 2460 bytes
c:\windows\system32\wbem\xml
c:\windows\system32\wbem\xml\cim20.dtd 9018 bytes
c:\windows\system32\wbem\xml\wmi20.dtd 12356 bytes
c:\windows\system32\wbem\xml\wmi2xml.dll 45568 bytes executable
c:\windows\system32\wbem\xml.xsl 1743 bytes
c:\windows\system32\wbem\xsl-mappings.xml 2870 bytes
c:\windows\system32\wbem\esscli.dll 247808 bytes executable
c:\windows\system32\wbem\evntrprv.dll 21504 bytes executable
c:\windows\system32\wbem\evntrprv.mof 10742 bytes
c:\windows\system32\wbem\fastprox.dll 473600 bytes executable
c:\windows\system32\wbem\fconprov.mfl 5896 bytes
c:\windows\system32\wbem\fconprov.mof 8790 bytes
c:\windows\system32\wbem\fevprov.mfl 3248 bytes
c:\windows\system32\wbem\fevprov.mof 4392 bytes
c:\windows\system32\wbem\framedyn.dll 185344 bytes executable
c:\windows\system32\wbem\fwdprov.dll 53248 bytes executable
c:\windows\system32\wbem\hform.xsl 4930 bytes
c:\windows\system32\wbem\hnetcfg.mof 16810 bytes
c:\windows\system32\wbem\htable-sortby.xsl 2855 bytes
c:\windows\system32\wbem\htable.xsl 4588 bytes
c:\windows\system32\wbem\ieinfo5.mof 43078 bytes
c:\windows\system32\wbem\krnlprov.dll 24576 bytes executable
c:\windows\system32\wbem\krnlprov.mfl 8454 bytes
c:\windows\system32\wbem\krnlprov.mof 12712 bytes
c:\windows\system32\wbem\licwmi.mfl 10350 bytes
c:\windows\system32\wbem\licwmi.mof 15586 bytes
c:\windows\system32\wbem\Logs
c:\windows\system32\wbem\Logs\FrameWork.log 1028 bytes
c:\windows\system32\wbem\Logs\NTEVT.log 2 bytes
c:\windows\system32\wbem\Logs\wbemcore.log 12480 bytes
c:\windows\system32\wbem\Logs\wbemess.log 49577 bytes
c:\windows\system32\wbem\Logs\wbemprox.log 510 bytes
c:\windows\system32\wbem\Logs\WBEMSNMP.log 2 bytes
c:\windows\system32\wbem\Logs\wmiprov.log 1032 bytes
c:\windows\system32\wbem\repdrvfs.dll 178176 bytes executable
c:\windows\system32\wbem\Repository
c:\windows\system32\wbem\Repository\$WinMgmt.CFG 20 bytes
c:\windows\system32\wbem\Repository\FS
c:\windows\system32\wbem\Repository\FS\INDEX.BTR 1589248 bytes
c:\windows\system32\wbem\Repository\FS\INDEX.MAP 820 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING.VER 4 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING1.MAP 12724 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING2.MAP 12724 bytes
c:\windows\system32\wbem\Repository\FS\OBJECTS.DATA 24371200 bytes
c:\windows\system32\wbem\Repository\FS\OBJECTS.MAP 11924 bytes
c:\windows\system32\wbem\rsop.mfl 294190 bytes
c:\windows\system32\wbem\rsop.mof 88644 bytes
c:\windows\system32\wbem\scersop.mof 8716 bytes
c:\windows\system32\wbem\scm.mof 32676 bytes
c:\windows\system32\wbem\scrcons.exe 36352 bytes executable
c:\windows\system32\wbem\scrcons.mfl 3432 bytes
c:\windows\system32\wbem\scrcons.mof 5728 bytes
c:\windows\system32\wbem\secrcw32.mfl 33290 bytes
c:\windows\system32\wbem\wbemcntl.dll 198144 bytes executable
c:\windows\system32\wbem\wbemcomn.dll 214528 bytes executable
c:\windows\system32\wbem\wbemcons.dll 71680 bytes executable
c:\windows\system32\wbem\wbemcons.mfl 12862 bytes
c:\windows\system32\wbem\wbemcons.mof 18004 bytes
c:\windows\system32\wbem\wbemcore.dll 531456 bytes executable
c:\windows\system32\wbem\wbemdisp.dll 178176 bytes executable
c:\windows\system32\wbem\wbemdisp.tlb 59904 bytes executable
c:\windows\system32\wbem\wbemess.dll 273920 bytes executable
c:\windows\system32\wbem\wbemperf.dll 42496 bytes executable
c:\windows\system32\wbem\wbemprox.dll 18944 bytes executable
c:\windows\system32\wbem\wbemsvc.dll 43520 bytes executable
c:\windows\system32\wbem\wbemtest.exe 117760 bytes executable
c:\windows\system32\wbem\wbemupgd.dll 197120 bytes executable
c:\windows\system32\wbem\whqlprov.mof 19266 bytes
c:\windows\system32\wbem\winmgmt.exe 13824 bytes executable
c:\windows\system32\wbem\winmgmtr.dll 16896 bytes executable
c:\windows\system32\wbem\wmi.mfl 4498 bytes
c:\windows\system32\wbem\AutoRecover
c:\windows\system32\wbem\AutoRecover\D724DF13E0B0DF051EB5D403DD8EF2FC.mof 294288 bytes
c:\windows\system32\wbem\AutoRecover\D92470B796B6B18F9EE52301857F0567.mof 4092 bytes
c:\windows\system32\wbem\AutoRecover\DBD781C2C031C708BCB490F228E7BEF9.mof 8560 bytes
c:\windows\system32\wbem\AutoRecover\DC999686F8B85B326CEDFA199DD07F72.mof 165526 bytes
c:\windows\system32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof 42152 bytes
c:\windows\system32\wbem\AutoRecover\DFD614E4D613EF4506AC8F525F5F514B.mof 21220 bytes
c:\windows\system32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof 10784 bytes
c:\windows\system32\wbem\AutoRecover\E441354B9FE5F63362A481C9B9195A73.mof 10848 bytes
c:\windows\system32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof 58852 bytes
c:\windows\system32\wbem\AutoRecover\EDBF963FB003D0670AA9C2219BD091FB.mof 6600 bytes
c:\windows\system32\wbem\AutoRecover\FAAD7D567E76CAB10704AFD7C0488F23.mof 61314 bytes
c:\windows\system32\wbem\AutoRecover\79E817BC978E2D450EB9E3794DFDA6CF.mof 15688 bytes
c:\windows\system32\wbem\AutoRecover\7A62FA52E22CE751514BC93BE067BC80.mof 4594 bytes
c:\windows\system32\wbem\AutoRecover\7BDE76979585395D59B5DA1D62E63C50.mof 25566 bytes
c:\windows\system32\wbem\AutoRecover\7E27EAAD25AA36FEADFF502991DFC5C1.mof 167174 bytes
c:\windows\system32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof 1394 bytes
c:\windows\system32\wbem\AutoRecover\852ECCDBABE77624586E4417FE66F857.mof 4120 bytes
c:\windows\system32\wbem\AutoRecover\8636DC7F9479DACE6778109CB4FB4B01.mof 12818 bytes
c:\windows\system32\wbem\AutoRecover\88744D2A29102FC88ECF505DD2E984FC.mof 29386 bytes
c:\windows\system32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof 8102 bytes
c:\windows\system32\wbem\AutoRecover\958A50DFF8A9DF5FAEA042AC9F60815F.mof 11468 bytes
c:\windows\system32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof 2566 bytes
c:\windows\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof 33396 bytes
c:\windows\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof 23798 bytes
c:\windows\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof 130456 bytes
c:\windows\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof 7694 bytes
c:\windows\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof 107496 bytes
c:\windows\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof 3352 bytes
c:\windows\system32\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof 32000 bytes
c:\windows\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof 2775948 bytes
c:\windows\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof 10452 bytes
c:\windows\system32\wbem\AutoRecover\A99860BB696AE92ED001E48B014365CE.mof 14390 bytes
c:\windows\system32\wbem\AutoRecover\ABB70D53B97FC8002205F77E02C97304.mof 8664 bytes
c:\windows\system32\wbem\AutoRecover\AE7023598F41510BF261111652046301.mof 19462 bytes
c:\windows\system32\wbem\AutoRecover\AEA50E449C23761CA4D9B7F9ED0D9C89.mof 9110 bytes
c:\windows\system32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof 32772 bytes
c:\windows\system32\wbem\AutoRecover\C3A0BE17B37ACE48BE78B31580231AE9.mof 88742 bytes
c:\windows\system32\wbem\AutoRecover\C6300BFE37ADE6B52EC023F66124985F.mof 99856 bytes
c:\windows\system32\wbem\AutoRecover\C81ACF420917AA0F87487BC4D958BEB4.mof 18500 bytes
c:\windows\system32\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof 2570652 bytes
c:\windows\system32\wbem\AutoRecover\C92641594A6F2DA8A55FE4738AFDA539.mof 28022 bytes
c:\windows\system32\wbem\AutoRecover\CA0106054EB09C302ED3E0669F99D021.mof 38840 bytes
c:\windows\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof 16768 bytes
c:\windows\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof 1987264 bytes
c:\windows\system32\wbem\AutoRecover\731AE1FC8C795979F40FAD645FFBAEB1.mof 43182 bytes
c:\windows\system32\wbem\AutoRecover\A7575F8DE31A912FFE91A7A41B1E382A.mof 46478 bytes
c:\windows\system32\wbem\AutoRecover\CFC35B349D24A8495FD2CEAB15C32D88.mof 4496 bytes
c:\windows\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof 13986 bytes
c:\windows\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof 16914 bytes
c:\windows\system32\wbem\AutoRecover\4D89333771FD4AF4E1A113F1D464674C.mof 15792 bytes
c:\windows\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof 19372 bytes
c:\windows\system32\wbem\AutoRecover\60A06765DDFE47EF7240BD9C1EB29EFE.mof 5110 bytes
c:\windows\system32\wbem\AutoRecover\6B38F33147D0369D5038BBB61C7A31C8.mof 107982 bytes
c:\windows\system32\wbem\AutoRecover\6FFF7467A5B40765D5740A413CA8BB8A.mof 8820 bytes
c:\windows\system32\wbem\AutoRecover\701B705ED7DF100F88D5BC4A595E938D.mof 58940 bytes
c:\windows\system32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof 127988 bytes
c:\windows\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof 41508 bytes
c:\windows\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof 2376 bytes
c:\windows\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof 13448 bytes
c:\windows\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof 44084 bytes
c:\windows\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof 12256 bytes
c:\windows\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof 3182 bytes
c:\windows\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof 29862 bytes
c:\windows\system32\wbem\cimwin32.dll 1359360 bytes executable
c:\windows\system32\wbem\cimwin32.mfl 1988244 bytes
c:\windows\system32\wbem\cimwin32.mof 2775842 bytes
c:\windows\system32\wbem\cli.mof 29290 bytes
c:\windows\system32\wbem\cliegaliases.mfl 31886 bytes
c:\windows\system32\wbem\cliegaliases.mof 2570538 bytes
c:\windows\system32\wbem\cmdevtgprov.dll 45056 bytes executable
c:\windows\system32\wbem\cmdevtgprov.mof 4148 bytes
c:\windows\system32\wbem\csv.xsl 2503 bytes
c:\windows\system32\wbem\dgnet.mof 3082 bytes
c:\windows\system32\wbem\dsprov.dll 120320 bytes executable
c:\windows\system32\wbem\dsprov.mfl 11366 bytes
c:\windows\system32\wbem\dsprov.mof 18398 bytes
c:\windows\system32\wbem\mof
c:\windows\system32\wbem\mof\bad
c:\windows\system32\wbem\mof\good
c:\windows\system32\wbem\mof\good\MSIOff9.mof 39167 bytes
c:\windows\system32\wbem\regevent.mof 46372 bytes
c:\windows\system32\wbem\secrcw32.mof 58746 bytes
c:\windows\system32\wbem\textvaluelist.xsl 2766 bytes
c:\windows\system32\wbem\wbemads.tlb 31232 bytes executable
c:\windows\system32\wbem\wmi.mof 10688 bytes
c:\windows\system32\wbem\wmipicmp.dll 76288 bytes executable
c:\windows\system32\wbem\mof.xsl 9261 bytes
c:\windows\system32\wbem\mofcomp.exe 16896 bytes executable
c:\windows\system32\wbem\mofd.dll 124416 bytes executable
c:\windows\system32\wbem\msi.mfl 107886 bytes
c:\windows\system32\wbem\msi.mof 165430 bytes
c:\windows\system32\wbem\msiprov.dll 273920 bytes executable
c:\windows\system32\wbem\napclientprov.mof 638 bytes
c:\windows\system32\wbem\napclientschema.mof 3990 bytes
c:\windows\system32\wbem\ncprov.dll 47104 bytes executable
c:\windows\system32\wbem\ncprov.mfl 626 bytes
c:\windows\system32\wbem\ncprov.mof 2880 bytes
c:\windows\system32\wbem\ntevt.dll 212992 bytes executable
c:\windows\system32\wbem\ntevt.mfl 21120 bytes
c:\windows\system32\wbem\ntevt.mof 29762 bytes
c:\windows\system32\wbem\Performance
c:\windows\system32\wbem\Performance\WmiApRpl.h 738 bytes
c:\windows\system32\wbem\Performance\WmiApRpl.ini 6290 bytes
c:\windows\system32\wbem\policman.dll 92672 bytes executable
c:\windows\system32\wbem\policman.mfl 5004 bytes
c:\windows\system32\wbem\policman.mof 12150 bytes
c:\windows\system32\wbem\provthrd.dll 237056 bytes executable
c:\windows\system32\wbem\rawxml.xsl 623 bytes
c:\windows\system32\wbem\regevent.mfl 38734 bytes
c:\windows\system32\wbem\tmplprov.dll 61952 bytes executable
c:\windows\system32\wbem\tmplprov.mfl 7664 bytes
c:\windows\system32\wbem\tmplprov.mof 12144 bytes
c:\windows\system32\wbem\trnsprov.dll 59904 bytes executable
c:\windows\system32\wbem\trnsprov.mfl 2040 bytes
c:\windows\system32\wbem\trnsprov.mof 4998 bytes
c:\windows\system32\wbem\tscfgwmi.mfl 58834 bytes
c:\windows\system32\wbem\tscfgwmi.mof 99750 bytes
c:\windows\system32\wbem\unsecapp.exe 16896 bytes executable
c:\windows\system32\wbem\updprov.dll 116224 bytes executable
c:\windows\system32\wbem\updprov.mfl 12776 bytes
c:\windows\system32\wbem\updprov.mof 20720 bytes
c:\windows\system32\wbem\viewprov.dll 131584 bytes executable
c:\windows\system32\wbem\wbemads.dll 12288 bytes executable
c:\windows\system32\wbem\wmiadap.exe 196608 bytes executable
c:\windows\system32\wbem\wmiapres.dll 6656 bytes executable
c:\windows\system32\wbem\wmiaprpl.dll 88576 bytes executable
c:\windows\system32\wbem\wmiapsrv.exe 126464 bytes executable
c:\windows\system32\wbem\wmic.exe 361472 bytes executable
c:\windows\system32\wbem\wmiclimofformat.xsl 9442 bytes
c:\windows\system32\wbem\wmiclitableformat.xsl 3247 bytes
c:\windows\system32\wbem\wmiclitableformatnosys.xsl 3921 bytes
c:\windows\system32\wbem\wmiclivalueformat.xsl 485 bytes
c:\windows\system32\wbem\wmicookr.dll 60928 bytes executable
c:\windows\system32\wbem\wmidcprv.dll 140800 bytes executable
c:\windows\system32\wbem\wmimsg.dll 61440 bytes executable
c:\windows\system32\wbem\wmipcima.dll 156672 bytes executable
c:\windows\system32\wbem\wmipcima.mfl 27916 bytes
c:\windows\system32\wbem\wmipcima.mof 41402 bytes
c:\windows\system32\wbem\wmipdskq.dll 132096 bytes executable
c:\windows\system32\wbem\wmipdskq.mfl 8558 bytes
c:\windows\system32\wbem\wmipdskq.mof 13342 bytes
c:\windows\system32\wbem\smtpcons.dll 40960 bytes executable
c:\windows\system32\wbem\smtpcons.mfl 2758 bytes
c:\windows\system32\wbem\smtpcons.mof 4100 bytes
c:\windows\system32\wbem\snmp
c:\windows\system32\wbem\sr.mof 7600 bytes
c:\windows\system32\wbem\stdprov.dll 86528 bytes executable
c:\windows\system32\wbem\subscrpt.mof 4458 bytes
c:\windows\system32\wbem\system.mof 127370 bytes
c:\windows\system32\wbem\texttable.xsl 6000 bytes
c:\windows\system32\wbem\texttablewsys.xsl 3247 bytes
C:\Documents and Settings
C:\Program Files
C:\aaw7boot.log 2220 bytes
C:\ASLog.txt 28900 bytes
C:\autorun.inf
C:\Boot.bak 211 bytes
C:\boot.ini 281 bytes
C:\Bootfont.bin 4952 bytes
C:\c17247ce1158ca76e21e
C:\cmdcons
C:\cmldr 261312 bytes
C:\ComboFix
C:\CONFIG.SYS 0 bytes
C:\deviceInfo.txt 8925 bytes
C:\Downloads
C:\Faktury
C:\GAMEs
C:\Garmin
C:\hiberfil.sys 1073139712 bytes
C:\HijackThis
C:\invisiblewar
C:\IO.SYS 0 bytes
C:\MSDOS.SYS 0 bytes
C:\MSOCache
C:\MyWorks
C:\NTDETECT.COM 47564 bytes
C:\ntldr 250576 bytes
C:\output
C:\pagefile.sys 1610612736 bytes
C:\Qoobox
C:\Red Dwarf
C:\Securiti windows
C:\TCleanerOdstraneníistícíchUtilitzPC
C:\Temp
C:\tmp
C:\totalcmd
C:\treeinfo.wc 213103 bytes
C:\UsbFix
C:\UsbFix.txt 111 bytes
C:\WINDOWS
C:\WinXMp4
sken byl úspešně dokončen
skryté soubory: 1065
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(428)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1928)
c:\program files\Tall Emu\Online Armor\OAwatch.dll
c:\program files\matrjoska spliter\MatroskaSplitter\mmfinfo.dll
c:\program files\matrjoska spliter\MatroskaSplitter\mkunicode.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-12-29 13:32:58
ComboFix-quarantined-files.txt 2009-12-29 12:32
Před spuštěním: 8 524 742 656
Po spuštění: 8 493 993 984
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 986542ECC410E4544B485BB8AE918D6E
Rootkit scan 2009-12-29 13:29
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
c:\windows\$NtUninstallKB952069_WM9$
c:\windows\vsnp2std.exe 339968 bytes executable
c:\windows\WBEM
c:\windows\Web
c:\windows\wiadebug.log 159 bytes
c:\windows\wiaservc.log 50 bytes
c:\windows\win.ini 781 bytes
c:\windows\wincmd.ini 1310 bytes
c:\windows\WindowsShell.Manifest 749 bytes
c:\windows\WindowsUpdate.log 1581681 bytes
c:\windows\WindowsXP-KB822603-x86.exe 349472 bytes executable
c:\windows\winhelp.exe 256419 bytes
c:\windows\winhlp32.exe 283648 bytes executable
c:\windows\winnt.bmp 48680 bytes
c:\windows\winnt256.bmp 48680 bytes
c:\windows\grep.exe 80412 bytes executable
c:\windows\Help
c:\windows\hh.exe 10752 bytes executable
c:\windows\HideWin.exe 315392 bytes executable
c:\windows\ie8updates
c:\windows\IFinst27.exe 65536 bytes executable
c:\windows\ime
c:\windows\inf
c:\windows\Installer
c:\windows\Internet Logs
c:\windows\IsUn0405.exe 307200 bytes executable
c:\windows\IsUninst.exe 306688 bytes executable
c:\windows\iun6002.exe 737280 bytes executable
c:\windows\pss
c:\windows\RAR.PIF 545 bytes
c:\windows\regedit.exe 147968 bytes executable
c:\windows\Registration
c:\windows\repair
c:\windows\Resources
c:\windows\Rododendron.bmp 17362 bytes
c:\windows\RTHDCPL.exe 16010752 bytes executable
c:\windows\RTLCPL.exe 9711104 bytes executable
c:\windows\RtlExUpd.dll 520192 bytes executable
c:\windows\RtlUpd.exe 364544 bytes executable
c:\windows\SchedLgU.Txt 32602 bytes
c:\windows\security
c:\windows\sed.exe 98816 bytes executable
c:\windows\ServicePackFiles
c:\windows\Mýdlové bubliny.bmp 65978 bytes
c:\windows\Na rybách.bmp 17336 bytes
c:\windows\network diagnostic
c:\windows\NIRCMD.exe 31232 bytes executable
c:\windows\NOCLOSE.PIF 545 bytes
c:\windows\notepad.exe 69632 bytes executable
c:\windows\nsreg.dat 0 bytes
c:\windows\ODBC.INI 390 bytes
c:\windows\ODBCINST.INI 4249 bytes
c:\windows\Offline Web Pages
c:\windows\Omítka Santa Fe.bmp 65832 bytes
c:\windows\PCDLIB32.DLL 212480 bytes executable
c:\windows\pchealth
c:\windows\PeerNet
c:\windows\PEV.exe 261632 bytes executable
c:\windows\PIF
c:\windows\PKUNZIP.PIF 545 bytes
c:\windows\PKZIP.PIF 545 bytes
c:\windows\Prefetch
c:\windows\Provisioning
c:\windows\Prérijní vítr.bmp 65954 bytes
c:\windows\setupact.log 41 bytes
c:\windows\setupapi.log 4024 bytes
c:\windows\setuperr.log 0 bytes
c:\windows\ShellNew
c:\windows\slrundll.exe 32866 bytes executable
c:\windows\snp2std.ini 15497 bytes
c:\windows\snp2std.src 13022 bytes
c:\windows\SoftwareDistribution
c:\windows\SoundMan.exe 86016 bytes executable
c:\windows\srchasst
c:\windows\ST6UNST.000 4565 bytes
c:\windows\ST6UNST.EXE 73216 bytes executable
c:\windows\Sti_Trace.log 0 bytes
c:\windows\Sun
c:\windows\SWREG.exe 161792 bytes executable
c:\windows\SWSC.exe 136704 bytes executable
c:\windows\SWXCACLS.exe 212480 bytes executable
c:\windows\SxsCaPendDel
c:\windows\system.ini 277 bytes
c:\windows\system32
c:\windows\system32CmdLineExt.dll 98304 bytes executable
c:\windows\$NtUninstallKB890859$
c:\windows\$NtUninstallKB914389$
c:\windows\$NtUninstallKB922819$
c:\windows\$NtUninstallKB927779$
c:\windows\$NtUninstallKB932168$
c:\windows\$NtUninstallKB941202$
c:\windows\$NtUninstallKB946627$
c:\windows\$hf_mig$
c:\windows\$MSI31Uninstall_KB893803v2$
c:\windows\control.ini 0 bytes
c:\windows\Cursors
c:\windows\Debug
c:\windows\desktop.ini 2 bytes
c:\windows\doom3.ini 317 bytes
c:\windows\Downloaded Installations
c:\windows\Downloaded Program Files
c:\windows\Driver Cache
c:\windows\dsez6485.dat 41 bytes
c:\windows\ehome
c:\windows\ERDNT
c:\windows\explorer.exe 1034240 bytes executable
c:\windows\explorer.scf 80 bytes
c:\windows\$NtUninstallKB958215$
c:\windows\$NtUninstallKB958215_0$
c:\windows\$NtUninstallKB958470$
c:\windows\$NtUninstallKB958644$
c:\windows\$NtUninstallKB958644_0$
c:\windows\$NtUninstallKB958687$
c:\windows\$NtUninstallKB958687_0$
c:\windows\$NtUninstallKB958869$
c:\windows\$NtUninstallKB959426$
c:\windows\$NtUninstallKB959426_0$
c:\windows\$NtUninstallKB959772_WM11$
c:\windows\$NtUninstallKB960225$
c:\windows\$NtUninstallKB960225_0$
c:\windows\$NtUninstallKB960714$
c:\windows\$NtUninstallKB960714_0$
c:\windows\$NtUninstallKB960803$
c:\windows\$NtUninstallKB960803_0$
c:\windows\$NtUninstallKB960859$
c:\windows\$NtUninstallKB961118$
c:\windows\$NtUninstallKB961371-v2$
c:\windows\$NtUninstallKB961501$
c:\windows\0.log 0 bytes
c:\windows\addins
c:\windows\agrsmdel.exe 68096 bytes executable
c:\windows\AGRSMMSG.exe 88203 bytes executable
c:\windows\Alcmtr.exe 69632 bytes executable
c:\windows\alcwzrd.exe 2809344 bytes executable
c:\windows\amcap.exe 94208 bytes executable
c:\windows\AppPatch
c:\windows\ARJ.PIF 545 bytes
c:\windows\assembly
c:\windows\avisplitter.INI 38 bytes
c:\windows\bootstat.dat 2048 bytes
c:\windows\clock.avi 82944 bytes
c:\windows\Config
c:\windows\$NtUninstallKB891781$
c:\windows\$NtUninstallKB893756$
c:\windows\$NtUninstallKB894391$
c:\windows\$NtUninstallKB896358$
c:\windows\$NtUninstallKB896423$
c:\windows\$NtUninstallKB896424$
c:\windows\$NtUninstallKB896428$
c:\windows\$NtUninstallKB898461$
c:\windows\$NtUninstallKB899587$
c:\windows\$NtUninstallKB899591$
c:\windows\$NtUninstallKB900485$
c:\windows\$NtUninstallKB900725$
c:\windows\$NtUninstallKB901017$
c:\windows\$NtUninstallKB901214$
c:\windows\$NtUninstallKB902400$
c:\windows\$NtUninstallKB904706$
c:\windows\$NtUninstallKB905414$
c:\windows\$NtUninstallKB905749$
c:\windows\$NtUninstallKB908519$
c:\windows\$NtUninstallKB908531$
c:\windows\$NtUninstallKB909394$
c:\windows\$NtUninstallKB910437$
c:\windows\$NtUninstallKB911280$
c:\windows\$NtUninstallKB911562$
c:\windows\$NtUninstallKB911564$
c:\windows\$NtUninstallKB911927$
c:\windows\$NtUninstallKB912919$
c:\windows\$NtUninstallKB913580$
c:\windows\$NtUninstallKB914388$
c:\windows\$NtUninstallKB916595$
c:\windows\$NtUninstallKB917344$
c:\windows\$NtUninstallKB917422$
c:\windows\$NtUninstallKB917734_WMP9$
c:\windows\$NtUninstallKB917953$
c:\windows\$NtUninstallKB918118$
c:\windows\$NtUninstallKB918439$
c:\windows\$NtUninstallKB919007$
c:\windows\$NtUninstallKB920213$
c:\windows\$NtUninstallKB920670$
c:\windows\$NtUninstallKB920683$
c:\windows\$NtUninstallKB920685$
c:\windows\$NtUninstallKB920872$
c:\windows\$NtUninstallKB921398$
c:\windows\$NtUninstallKB921503$
c:\windows\$NtUninstallKB922582$
c:\windows\$NtUninstallKB922616$
c:\windows\$NtUninstallKB923191$
c:\windows\$NtUninstallKB923414$
c:\windows\$NtUninstallKB923561$
c:\windows\$NtUninstallKB923561_0$
c:\windows\$NtUninstallKB923689$
c:\windows\$NtUninstallKB923694$
c:\windows\$NtUninstallKB923980$
c:\windows\$NtUninstallKB924191$
c:\windows\$NtUninstallKB924270$
c:\windows\$NtUninstallKB924496$
c:\windows\$NtUninstallKB924667$
c:\windows\$NtUninstallKB925398_WMP64$
c:\windows\$NtUninstallKB925454$
c:\windows\$NtUninstallKB925902$
c:\windows\$NtUninstallKB926239$
c:\windows\$NtUninstallKB926255$
c:\windows\$NtUninstallKB926436$
c:\windows\wmprfCSY.prx 36582 bytes
c:\windows\WMSysPr8.prx 156910 bytes
c:\windows\WMSysPr9.prx 316640 bytes
c:\windows\WORDPAD.INI 754 bytes
c:\windows\x2.64.exe 502784 bytes executable
c:\windows\Zapotec.bmp 9522 bytes
c:\windows\Zelený kámen.bmp 26582 bytes
c:\windows\zip.exe 68096 bytes executable
c:\windows\Zrnko kávy.bmp 17062 bytes
c:\windows\_default.pif 707 bytes
c:\windows\Řeka Sumida.bmp 26680 bytes
c:\windows\l2schemas
c:\windows\LHA.PIF 545 bytes
c:\windows\lmunin2.exe 28672 bytes executable
c:\windows\$NtServicePackUninstall$
c:\windows\$NtUninstallKB873339$
c:\windows\$NtUninstallKB885835$
c:\windows\$NtUninstallKB885836$
c:\windows\$NtUninstallKB886185$
c:\windows\$NtUninstallKB887472$
c:\windows\$NtUninstallKB888111WXPSP2$
c:\windows\$NtUninstallKB888302$
c:\windows\$NtUninstallKB927802$
c:\windows\$NtUninstallKB927891$
c:\windows\$NtUninstallKB928090$
c:\windows\$NtUninstallKB928255$
c:\windows\$NtUninstallKB928843$
c:\windows\$NtUninstallKB929123$
c:\windows\$NtUninstallKB929338$
c:\windows\$NtUninstallKB929399$
c:\windows\$NtUninstallKB929969$
c:\windows\$NtUninstallKB930178$
c:\windows\$NtUninstallKB930916$
c:\windows\$NtUninstallKB931261$
c:\windows\$NtUninstallKB931768$
c:\windows\$NtUninstallKB931784$
c:\windows\$NtUninstallKB931836$
c:\windows\MBR.exe 77312 bytes executable
c:\windows\Media
c:\windows\meta4.exe 217073 bytes executable
c:\windows\MicCal.exe 2158592 bytes executable
c:\windows\Microsoft.NET
c:\windows\Minidump
c:\windows\ModemLog_Agere Systems HDA Modem v6081.txt 8328 bytes
c:\windows\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 12904 bytes
c:\windows\Modrá krajka 16.bmp 1272 bytes
c:\windows\MOTA113.exe 66560 bytes executable
c:\windows\mozver.dat 2121 bytes
c:\windows\msagent
c:\windows\msapps
c:\windows\msdfmap.ini 1405 bytes
c:\windows\$NtUninstallKB933360$
c:\windows\$NtUninstallKB933566$
c:\windows\$NtUninstallKB933729$
c:\windows\$NtUninstallKB935448$
c:\windows\$NtUninstallKB935839$
c:\windows\$NtUninstallKB935840$
c:\windows\$NtUninstallKB936021$
c:\windows\$NtUninstallKB936782_WMP11$
c:\windows\$NtUninstallKB937143$
c:\windows\$NtUninstallKB937894$
c:\windows\$NtUninstallKB938127$
c:\windows\$NtUninstallKB938464$
c:\windows\$NtUninstallKB938464-v2$
c:\windows\$NtUninstallKB938464_0$
c:\windows\$NtUninstallKB938828$
c:\windows\$NtUninstallKB938829$
c:\windows\$NtUninstallKB939653$
c:\windows\$NtUninstallKB939683$
c:\windows\TASKMAN.EXE 15360 bytes executable
c:\windows\Tasks
c:\windows\Temp
c:\windows\Textura peří.bmp 16730 bytes
c:\windows\tsnp2std.exe 90112 bytes executable
c:\windows\twain.dll 94784 bytes
c:\windows\twain_32
c:\windows\twain_32.dll 50688 bytes executable
c:\windows\twunk_16.exe 49680 bytes
c:\windows\twunk_32.exe 25600 bytes executable
c:\windows\UC.PIF 545 bytes
c:\windows\usnp2std.exe 20480 bytes executable
c:\windows\vb.ini 36 bytes
c:\windows\vbaddin.ini 37 bytes
c:\windows\VBR6.CAB 4875633 bytes
c:\windows\$NtUninstallKB973346$
c:\windows\$NtUninstallKB973354$
c:\windows\$NtUninstallKB973354_0$
c:\windows\$NtUninstallKB973507$
c:\windows\$NtUninstallKB973507_0$
c:\windows\$NtUninstallKB973525$
c:\windows\$NtUninstallKB973540_WM9L$
c:\windows\$NtUninstallKB973687$
c:\windows\$NtUninstallKB973815$
c:\windows\$NtUninstallKB973815_0$
c:\windows\$NtUninstallKB973869$
c:\windows\$NtUninstallKB973869_0$
c:\windows\$NtUninstallKB973904$
c:\windows\$NtUninstallKB974112$
c:\windows\$NtUninstallKB974318$
c:\windows\$NtUninstallKB974392$
c:\windows\$NtUninstallKB974455$
c:\windows\$NtUninstallKB974571$
c:\windows\$NtUninstallKB975025$
c:\windows\$NtUninstallKB975467$
c:\windows\$NtUninstallKB976098-v2$
c:\windows\$NtUninstallKB976325$
c:\windows\$NtUninstallKB976749$
c:\windows\$NtUninstallMSCompPackV1$
c:\windows\$NtUninstallWMFDist11$
c:\windows\$NtUninstallwmp11$
c:\windows\$NtUninstallWudf01000$
c:\windows\$NtUninstallKB941568$
c:\windows\$NtUninstallKB941569$
c:\windows\$NtUninstallKB941644$
c:\windows\$NtUninstallKB941693$
c:\windows\$NtUninstallKB942615$
c:\windows\$NtUninstallKB942763$
c:\windows\$NtUninstallKB942840$
c:\windows\$NtUninstallKB943055$
c:\windows\$NtUninstallKB943460$
c:\windows\$NtUninstallKB943485$
c:\windows\$NtUninstallKB944338$
c:\windows\$NtUninstallKB944533$
c:\windows\$NtUninstallKB944653$
c:\windows\$NtUninstallKB945553$
c:\windows\$NtUninstallKB946026$
c:\windows\$NtUninstallKB967715$
c:\windows\$NtUninstallKB967715_0$
c:\windows\$NtUninstallKB968389$
c:\windows\$NtUninstallKB968537$
c:\windows\$NtUninstallKB968537_0$
c:\windows\$NtUninstallKB968816_WM9$
c:\windows\$NtUninstallKB969059$
c:\windows\$NtUninstallKB969947$
c:\windows\$NtUninstallKB970238$
c:\windows\$NtUninstallKB970238_0$
c:\windows\$NtUninstallKB970430$
c:\windows\$NtUninstallKB970653-v3$
c:\windows\$NtUninstallKB971032$
c:\windows\$NtUninstallKB971486$
c:\windows\$NtUninstallKB971557$
c:\windows\$NtUninstallKB971633$
c:\windows\$NtUninstallKB971633_0$
c:\windows\$NtUninstallKB971657$
c:\windows\$NtUninstallKB971737$
c:\windows\$NtUninstallKB971961$
c:\windows\$NtUninstallKB972260$
c:\windows\$NtUninstallKB946648$
c:\windows\$NtUninstallKB946648_0$
c:\windows\$NtUninstallKB947864$
c:\windows\$NtUninstallKB948590$
c:\windows\$NtUninstallKB948881$
c:\windows\$NtUninstallKB950749$
c:\windows\$NtUninstallKB950759$
c:\windows\$NtUninstallKB950759_0$
c:\windows\$NtUninstallKB950760$
c:\windows\$NtUninstallKB950762$
c:\windows\$NtUninstallKB950762_0$
c:\windows\$NtUninstallKB950974$
c:\windows\$NtUninstallKB950974_0$
c:\windows\$NtUninstallKB951066$
c:\windows\$NtUninstallKB951066_0$
c:\windows\$NtUninstallKB951072-v2$
c:\windows\$NtUninstallKB951376$
c:\windows\$NtUninstallKB951376-v2$
c:\windows\$NtUninstallKB951376-v2_0$
c:\windows\$NtUninstallKB951376_0$
c:\windows\$NtUninstallKB951698$
c:\windows\$NtUninstallKB951698_0$
c:\windows\$NtUninstallKB951748$
c:\windows\$NtUninstallKB951748_0$
c:\windows\$NtUninstallKB951978$
c:\windows\$NtUninstallKB952004$
c:\windows\$NtUninstallKB952004_0$
c:\windows\$NtUninstallKB956390$
c:\windows\$NtUninstallKB956390_0$
c:\windows\$NtUninstallKB956391$
c:\windows\$NtUninstallKB956572$
c:\windows\$NtUninstallKB956744$
c:\windows\$NtUninstallKB956802$
c:\windows\$NtUninstallKB956802_0$
c:\windows\$NtUninstallKB956803$
c:\windows\$NtUninstallKB956803_0$
c:\windows\$NtUninstallKB956841$
c:\windows\$NtUninstallKB956841_0$
c:\windows\$NtUninstallKB956844$
c:\windows\$NtUninstallKB957095$
c:\windows\$NtUninstallKB957095_0$
c:\windows\$NtUninstallKB957097$
c:\windows\$NtUninstallKB952287$
c:\windows\$NtUninstallKB952287_0$
c:\windows\$NtUninstallKB952954$
c:\windows\$NtUninstallKB952954_0$
c:\windows\$NtUninstallKB953838$
c:\windows\$NtUninstallKB953838_0$
c:\windows\$NtUninstallKB953839$
c:\windows\$NtUninstallKB954154_WM11$
c:\windows\$NtUninstallKB954155_WM9$
c:\windows\$NtUninstallKB954211$
c:\windows\$NtUninstallKB954211_0$
c:\windows\$NtUninstallKB954459$
c:\windows\$NtUninstallKB954600$
c:\windows\$NtUninstallKB954600_0$
c:\windows\$NtUninstallKB955069$
c:\windows\$NtUninstallKB955069_0$
c:\windows\$NtUninstallKB955759$
c:\windows\$NtUninstallKB955839$
c:\windows\$NtUninstallKB957097_0$
c:\windows\$NtUninstallKB961501_0$
c:\windows\$NtUninstallKB972260_0$
c:\windows\Connection Wizard
c:\windows\Fonts
c:\windows\java
c:\windows\MAXLINK.INI 416 bytes
c:\windows\mui
c:\windows\vmmreg32.dll 18944 bytes executable
c:\windows\WinSxS
c:\windows\system32\drivers\sr.sys 73344 bytes executable
c:\windows\system32\drivers\srv.sys 333952 bytes executable
c:\windows\system32\drivers\stream.sys 49408 bytes executable
c:\windows\system32\drivers\streamip.sys 15232 bytes executable
c:\windows\system32\drivers\swenum.sys 4352 bytes executable
c:\windows\system32\drivers\swmidi.sys 56576 bytes executable
c:\windows\system32\drivers\sysaudio.sys 60800 bytes executable
c:\windows\system32\drivers\tape.sys 14976 bytes executable
c:\windows\system32\drivers\tcpip.sys 361600 bytes executable
c:\windows\system32\drivers\tcpip6.sys 225856 bytes executable
c:\windows\system32\drivers\tdi.sys 19072 bytes executable
c:\windows\system32\drivers\tdpipe.sys 12040 bytes executable
c:\windows\system32\drivers\tdtcp.sys 21896 bytes executable
c:\windows\system32\drivers\termdd.sys 40840 bytes executable
c:\windows\system32\drivers\tosdvd.sys 51712 bytes executable
c:\windows\system32\drivers\tsbvcap.sys 21376 bytes executable
c:\windows\system32\drivers\tunmp.sys 12288 bytes executable
c:\windows\system32\drivers\TVICHW32.SYS 23600 bytes executable
c:\windows\system32\drivers\uagp35.sys 44672 bytes executable
c:\windows\system32\drivers\udfs.sys 66048 bytes executable
c:\windows\system32\drivers\UMDF
c:\windows\system32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf 0 bytes
c:\windows\system32\drivers\UMDF\wpdmtpdr.dll 671232 bytes executable
c:\windows\system32\drivers\update.sys 384768 bytes executable
c:\windows\system32\drivers\usb8023.sys 12800 bytes executable
c:\windows\system32\drivers\usb8023x.sys 12800 bytes executable
c:\windows\system32\drivers\usbcamd.sys 25600 bytes executable
c:\windows\system32\drivers\usbcamd2.sys 25728 bytes executable
c:\windows\system32\drivers\usbccgp.sys 32128 bytes executable
c:\windows\system32\drivers\ewdcsc.sys 24448 bytes executable
c:\windows\system32\drivers\ewusbmdm.sys 101376 bytes executable
c:\windows\system32\drivers\ewusbnet.sys 113664 bytes executable
c:\windows\system32\drivers\fastfat.sys 143744 bytes executable
c:\windows\system32\drivers\fdc.sys 27392 bytes executable
c:\windows\system32\drivers\fips.sys 44544 bytes executable
c:\windows\system32\drivers\flpydisk.sys 20480 bytes executable
c:\windows\system32\drivers\fltmgr.sys 129792 bytes executable
c:\windows\system32\drivers\fsbts.sys 26624 bytes executable
c:\windows\system32\drivers\fsvga.sys 12160 bytes executable
c:\windows\system32\drivers\fs_rec.sys 7936 bytes executable
c:\windows\system32\drivers\ftdisk.sys 125184 bytes executable
c:\windows\system32\drivers\gagp30kx.sys 46464 bytes executable
c:\windows\system32\drivers\gm.dls 3440660 bytes
c:\windows\system32\drivers\gmreadme.txt 646 bytes
c:\windows\system32\drivers\hamachi.sys 17480 bytes executable
c:\windows\system32\drivers\hdaudbus.sys 144384 bytes executable
c:\windows\system32\drivers\Hdaudio.sys 145920 bytes executable
c:\windows\system32\drivers\hidbth.sys 25600 bytes executable
c:\windows\system32\drivers\hidclass.sys 36864 bytes executable
c:\windows\system32\drivers\hidir.sys 19200 bytes executable
c:\windows\system32\drivers\hidparse.sys 24960 bytes executable
c:\windows\system32\drivers\hidusb.sys 10368 bytes executable
c:\windows\system32\drivers\hsfbs2s2.sys 220032 bytes executable
c:\windows\system32\drivers\hsfcxts2.sys 685056 bytes executable
c:\windows\system32\drivers\hsfdpsp2.sys 1041536 bytes executable
c:\windows\system32\drivers\http.sys 265728 bytes executable
c:\windows\system32\drivers\i8042prt.sys 52096 bytes executable
c:\windows\system32\drivers\imapi.sys 42112 bytes executable
c:\windows\system32\drivers\intelppm.sys 40192 bytes executable
c:\windows\system32\drivers\ip6fw.sys 36608 bytes executable
c:\windows\system32\drivers\mrxdav.sys 180608 bytes executable
c:\windows\system32\drivers\mrxsmb.sys 455296 bytes executable
c:\windows\system32\drivers\msfs.sys 19072 bytes executable
c:\windows\system32\drivers\msgpc.sys 35072 bytes executable
c:\windows\system32\drivers\mskssrv.sys 7552 bytes executable
c:\windows\system32\drivers\mspclock.sys 5376 bytes executable
c:\windows\system32\drivers\mspqm.sys 4992 bytes executable
c:\windows\system32\drivers\mssmbios.sys 15488 bytes executable
c:\windows\system32\drivers\mstee.sys 5504 bytes executable
c:\windows\system32\drivers\mtlmnt5.sys 126686 bytes executable
c:\windows\system32\drivers\mtlstrm.sys 1309184 bytes executable
c:\windows\system32\drivers\mtxparhm.sys 452736 bytes executable
c:\windows\system32\drivers\mup.sys 105344 bytes executable
c:\windows\system32\drivers\mutohpen.sys 12672 bytes executable
c:\windows\system32\drivers\nabtsfec.sys 85248 bytes executable
c:\windows\system32\drivers\ndis.sys 182656 bytes executable
c:\windows\system32\drivers\ndisip.sys 10880 bytes executable
c:\windows\system32\drivers\ndistapi.sys 10112 bytes executable
c:\windows\system32\drivers\ndisuio.sys 14592 bytes executable
c:\windows\system32\drivers\ndiswan.sys 91520 bytes executable
c:\windows\system32\drivers\ndproxy.sys 40576 bytes executable
c:\windows\system32\drivers\netbios.sys 34688 bytes executable
c:\windows\system32\drivers\netbt.sys 162816 bytes executable
c:\windows\system32\drivers\netwlan5.img 67866 bytes
c:\windows\system32\drivers\nic1394.sys 61824 bytes executable
c:\windows\system32\drivers\nikedrv.sys 12032 bytes executable
c:\windows\system32\drivers\nmnt.sys 40320 bytes executable
c:\windows\system32\drivers\npfs.sys 30848 bytes executable
c:\windows\system32\drivers\ntfs.sys 574976 bytes executable
c:\windows\system32\drivers\ntmtlfax.sys 180360 bytes executable
c:\windows\system32\drivers\null.sys 2944 bytes executable
c:\windows\system32\drivers\nv4_mini.sys 1897408 bytes executable
c:\windows\system32\drivers\nwlnkflt.sys 12416 bytes executable
c:\windows\system32\drivers\nwlnkfwd.sys 32512 bytes executable
c:\windows\system32\drivers\nwlnkipx.sys 88320 bytes executable
c:\windows\system32\drivers\cdrom.sys 62976 bytes executable
c:\windows\system32\drivers\ch7xxnt5.dll 15423 bytes executable
c:\windows\system32\drivers\cinemst2.sys 262528 bytes executable
c:\windows\system32\drivers\classpnp.sys 49536 bytes executable
c:\windows\system32\drivers\cmbatt.sys 13952 bytes executable
c:\windows\system32\drivers\compbatt.sys 10240 bytes executable
c:\windows\system32\drivers\cpqdap01.sys 11776 bytes executable
c:\windows\system32\drivers\crusoe.sys 40576 bytes executable
c:\windows\system32\drivers\cxthsfs2.cty 129045 bytes
c:\windows\system32\drivers\disdn
c:\windows\system32\drivers\disk.sys 36352 bytes executable
c:\windows\system32\drivers\diskdump.sys 14208 bytes executable
c:\windows\system32\drivers\dmboot.sys 800000 bytes executable
c:\windows\system32\drivers\dmio.sys 153856 bytes executable
c:\windows\system32\drivers\dmload.sys 5888 bytes executable
c:\windows\system32\drivers\dmusic.sys 52864 bytes executable
c:\windows\system32\drivers\drmk.sys 60160 bytes executable
c:\windows\system32\drivers\drmkaud.sys 2944 bytes executable
c:\windows\system32\drivers\dxapi.sys 10496 bytes executable
c:\windows\system32\drivers\dxg.sys 71168 bytes executable
c:\windows\system32\drivers\dxgthk.sys 3328 bytes executable
c:\windows\system32\drivers\enum1394.sys 6400 bytes executable
c:\windows\system32\drivers\rdbss.sys 175744 bytes executable
c:\windows\system32\drivers\rdpcdd.sys 4224 bytes executable
c:\windows\system32\drivers\rdpdr.sys 196224 bytes executable
c:\windows\system32\drivers\rdpwd.sys 139656 bytes executable
c:\windows\system32\drivers\recagent.sys 13776 bytes executable
c:\windows\system32\drivers\redbook.sys 58496 bytes executable
c:\windows\system32\drivers\rfcomm.sys 59136 bytes executable
c:\windows\system32\drivers\rio8drv.sys 12032 bytes executable
c:\windows\system32\drivers\riodrv.sys 12032 bytes executable
c:\windows\system32\drivers\rmcast.sys 203136 bytes executable
c:\windows\system32\drivers\rndismp.sys 30592 bytes executable
c:\windows\system32\drivers\rndismpx.sys 30592 bytes executable
c:\windows\system32\drivers\rootmdm.sys 5888 bytes executable
c:\windows\system32\drivers\rt73.sys 459520 bytes executable
c:\windows\system32\drivers\Rtenicxp.sys 78976 bytes executable
c:\windows\system32\drivers\RtkHDAud.Sys 4249088 bytes executable
c:\windows\system32\drivers\s3gnbm.sys 166912 bytes executable
c:\windows\system32\drivers\scdemu.sys 33292 bytes executable
c:\windows\system32\drivers\scsiport.sys 96384 bytes executable
c:\windows\system32\drivers\sdbus.sys 79232 bytes executable
c:\windows\system32\drivers\AmdK8.sys 42496 bytes executable
c:\windows\system32\drivers\ati1xsxx.sys 34735 bytes executable
c:\windows\system32\drivers\ativvpxx.vp 25600 bytes
c:\windows\system32\drivers\cdralw2k.sys 9464 bytes executable
c:\windows\system32\drivers\etc
c:\windows\system32\drivers\etc\hosts 27 bytes
c:\windows\system32\drivers\etc\hosts.20071003-191230.backup 737 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195032.backup 186194 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195137.backup 186715 bytes
c:\windows\system32\drivers\etc\hosts.20081105-195441.backup 186715 bytes
c:\windows\system32\drivers\etc\hosts.ics 443 bytes
c:\windows\system32\drivers\etc\hosts.idx 52 bytes
c:\windows\system32\drivers\etc\lmhosts.sam 3615 bytes
c:\windows\system32\drivers\etc\NetPcap.cfg 3464 bytes
c:\windows\system32\drivers\etc\networks 412 bytes
c:\windows\system32\drivers\etc\protocol 831 bytes
c:\windows\system32\drivers\etc\services 7137 bytes
c:\windows\system32\drivers\ipfltdrv.sys 32896 bytes executable
c:\windows\system32\drivers\mqac.sys 91776 bytes executable
c:\windows\system32\drivers\nwlnknb.sys 63232 bytes executable
c:\windows\system32\drivers\oprghdlr.sys 3456 bytes executable
c:\windows\system32\drivers\rawwan.sys 34432 bytes executable
c:\windows\system32\drivers\secdrv.sys 20480 bytes executable
c:\windows\system32\drivers\sptd.sys 639224 bytes executable
c:\windows\system32\drivers\usbd.sys 4736 bytes executable
c:\windows\system32\drivers\wadv09nt.sys 11871 bytes executable
c:\windows\system32\drivers\1394bus.sys 53376 bytes executable
c:\windows\system32\drivers\7187156.sys 315408 bytes executable
c:\windows\system32\drivers\71871561.sys 128016 bytes executable
c:\windows\system32\drivers\71871562.sys 37392 bytes executable
c:\windows\system32\drivers\aavmker4.sys 27408 bytes executable
c:\windows\system32\drivers\acpi.sys 188288 bytes executable
c:\windows\system32\drivers\acpiec.sys 11776 bytes executable
c:\windows\system32\drivers\adv01nt5.dll 4255 bytes executable
c:\windows\system32\drivers\adv02nt5.dll 3967 bytes executable
c:\windows\system32\drivers\adv05nt5.dll 3615 bytes executable
c:\windows\system32\drivers\adv07nt5.dll 3647 bytes executable
c:\windows\system32\drivers\adv08nt5.dll 3135 bytes executable
c:\windows\system32\drivers\adv09nt5.dll 3711 bytes executable
c:\windows\system32\drivers\adv11nt5.dll 3775 bytes executable
c:\windows\system32\drivers\aec.sys 142592 bytes executable
c:\windows\system32\drivers\AegisP.sys 21361 bytes executable
c:\windows\system32\drivers\afd.sys 138496 bytes executable
c:\windows\system32\drivers\agp440.sys 42368 bytes executable
c:\windows\system32\drivers\agpcpq.sys 44928 bytes executable
c:\windows\system32\drivers\AGRSM.sys 1145728 bytes executable
c:\windows\system32\drivers\alim1541.sys 42752 bytes executable
c:\windows\system32\drivers\amdagp.sys 43008 bytes executable
c:\windows\system32\drivers\amdk6.sys 41216 bytes executable
c:\windows\system32\drivers\amdk7.sys 41600 bytes executable
c:\windows\system32\drivers\ipinip.sys 20864 bytes executable
c:\windows\system32\drivers\ipnat.sys 152832 bytes executable
c:\windows\system32\drivers\ipsec.sys 75264 bytes executable
c:\windows\system32\drivers\irbus.sys 46592 bytes executable
c:\windows\system32\drivers\irenum.sys 11264 bytes executable
c:\windows\system32\drivers\isapnp.sys 37248 bytes executable
c:\windows\system32\drivers\kbdclass.sys 24576 bytes executable
c:\windows\system32\drivers\kbdhid.sys 14592 bytes executable
c:\windows\system32\drivers\kmixer.sys 172416 bytes executable
c:\windows\system32\drivers\ks.sys 141056 bytes executable
c:\windows\system32\drivers\ksecdd.sys 92928 bytes executable
c:\windows\system32\drivers\Lbd.sys 64160 bytes executable
c:\windows\system32\drivers\mbam.sys 19160 bytes executable
c:\windows\system32\drivers\mbamswissarmy.sys 38224 bytes executable
c:\windows\system32\drivers\mcd.sys 7680 bytes executable
c:\windows\system32\drivers\mdmxsdk.sys 11868 bytes executable
c:\windows\system32\drivers\mf.sys 63744 bytes executable
c:\windows\system32\drivers\MGHwCtrl.sys 20128 bytes executable
c:\windows\system32\drivers\mnmdd.sys 4224 bytes executable
c:\windows\system32\drivers\mod7700.sys 621056 bytes executable
c:\windows\system32\drivers\modem.sys 30080 bytes executable
c:\windows\system32\drivers\mouclass.sys 23040 bytes executable
c:\windows\system32\drivers\mouhid.sys 12160 bytes executable
c:\windows\system32\drivers\mountmgr.sys 42368 bytes executable
c:\windows\system32\drivers\p3.sys 46592 bytes executable
c:\windows\system32\drivers\parport.sys 80000 bytes executable
c:\windows\system32\drivers\partmgr.sys 19712 bytes executable
c:\windows\system32\drivers\parvdm.sys 6784 bytes executable
c:\windows\system32\drivers\pci.sys 68736 bytes executable
c:\windows\system32\drivers\pciide.sys 3328 bytes executable
c:\windows\system32\drivers\pciidex.sys 24960 bytes executable
c:\windows\system32\drivers\pcmcia.sys 120064 bytes executable
c:\windows\system32\drivers\pcouffin.sys 47360 bytes executable
c:\windows\system32\drivers\portcls.sys 146048 bytes executable
c:\windows\system32\drivers\processr.sys 39680 bytes executable
c:\windows\system32\drivers\psched.sys 69120 bytes executable
c:\windows\system32\drivers\ptilink.sys 17792 bytes executable
c:\windows\system32\drivers\PxHelp20.sys 43528 bytes executable
c:\windows\system32\drivers\rasacd.sys 8832 bytes executable
c:\windows\system32\drivers\rasl2tp.sys 51328 bytes executable
c:\windows\system32\drivers\raspppoe.sys 41472 bytes executable
c:\windows\system32\drivers\raspptp.sys 48384 bytes executable
c:\windows\system32\drivers\raspti.sys 16512 bytes executable
c:\windows\system32\drivers\serenum.sys 15744 bytes executable
c:\windows\system32\drivers\serial.sys 64256 bytes executable
c:\windows\system32\drivers\sfdrv01.sys 50688 bytes executable
c:\windows\system32\drivers\sffdisk.sys 11904 bytes executable
c:\windows\system32\drivers\sffp_mmc.sys 10240 bytes executable
c:\windows\system32\drivers\sffp_sd.sys 11008 bytes executable
c:\windows\system32\drivers\sfhlp02.sys 6656 bytes executable
c:\windows\system32\drivers\sfloppy.sys 11392 bytes executable
c:\windows\system32\drivers\siint5.dll 3901 bytes executable
c:\windows\system32\drivers\sisagp.sys 40960 bytes executable
c:\windows\system32\drivers\slip.sys 11136 bytes executable
c:\windows\system32\drivers\slnt7554.sys 129535 bytes executable
c:\windows\system32\drivers\slntamr.sys 404990 bytes executable
c:\windows\system32\drivers\slnthal.sys 95424 bytes executable
c:\windows\system32\drivers\slwdmsup.sys 13240 bytes executable
c:\windows\system32\drivers\smbali.sys 5888 bytes executable
c:\windows\system32\drivers\smclib.sys 14592 bytes executable
c:\windows\system32\drivers\sncamd.sys 24448 bytes executable
c:\windows\system32\drivers\snp2sxp.sys 8807424 bytes executable
c:\windows\system32\drivers\sonydcam.sys 25344 bytes executable
c:\windows\system32\drivers\splitter.sys 6272 bytes executable
c:\windows\system32\drivers\usbehci.sys 30208 bytes executable
c:\windows\system32\drivers\usbhub.sys 59520 bytes executable
c:\windows\system32\drivers\usbintel.sys 15872 bytes executable
c:\windows\system32\drivers\usbohci.sys 17152 bytes executable
c:\windows\system32\drivers\usbport.sys 143872 bytes executable
c:\windows\system32\drivers\usbprint.sys 25856 bytes executable
c:\windows\system32\drivers\usbscan.sys 15104 bytes executable
c:\windows\system32\drivers\usbstor.sys 26368 bytes executable
c:\windows\system32\drivers\usbvideo.sys 121984 bytes executable
c:\windows\system32\drivers\vchnt5.dll 11325 bytes executable
c:\windows\system32\drivers\vdmindvd.sys 58112 bytes executable
c:\windows\system32\drivers\vga.sys 20992 bytes executable
c:\windows\system32\drivers\viaagp.sys 42240 bytes executable
c:\windows\system32\drivers\videoprt.sys 81664 bytes executable
c:\windows\system32\drivers\volsnap.sys 52480 bytes executable
c:\windows\system32\drivers\wacompen.sys 14208 bytes executable
c:\windows\system32\drivers\wadv07nt.sys 11807 bytes executable
c:\windows\system32\drivers\wadv08nt.sys 11295 bytes executable
c:\windows\system32\drivers\atmarpc.sys 59904 bytes executable
c:\windows\system32\drivers\atmepvc.sys 31360 bytes executable
c:\windows\system32\drivers\atmlane.sys 55808 bytes executable
c:\windows\system32\drivers\atmuni.sys 352256 bytes executable
c:\windows\system32\drivers\atv01nt5.dll 21183 bytes executable
c:\windows\system32\drivers\atv02nt5.dll 11359 bytes executable
c:\windows\system32\drivers\atv04nt5.dll 25471 bytes executable
c:\windows\system32\drivers\atv06nt5.dll 14143 bytes executable
c:\windows\system32\drivers\atv10nt5.dll 17279 bytes executable
c:\windows\system32\drivers\audstub.sys 3072 bytes executable
c:\windows\system32\drivers\battc.sys 14208 bytes executable
c:\windows\system32\drivers\beep.sys 4224 bytes executable
c:\windows\system32\drivers\bridge.sys 71552 bytes executable
c:\windows\system32\drivers\bthenum.sys 17024 bytes executable
c:\windows\system32\drivers\bthmodem.sys 37888 bytes executable
c:\windows\system32\drivers\bthpan.sys 101120 bytes executable
c:\windows\system32\drivers\bthport.sys 272128 bytes executable
c:\windows\system32\drivers\bthprint.sys 36480 bytes executable
c:\windows\system32\drivers\bthusb.sys 18944 bytes executable
c:\windows\system32\drivers\cbidf2k.sys 13952 bytes executable
c:\windows\system32\drivers\ccdecode.sys 17024 bytes executable
c:\windows\system32\drivers\cdaudio.sys 18688 bytes executable
c:\windows\system32\drivers\cdfs.sys 63744 bytes executable
c:\windows\system32\drivers\cdr4_xp.sys 9336 bytes executable
c:\windows\system32\drivers\nwlnkspx.sys 55936 bytes executable
c:\windows\system32\drivers\nwrdr.sys 163584 bytes executable
c:\windows\system32\drivers\O2MDDISK.CAT 7537 bytes
c:\windows\system32\drivers\O2MDDISK.INF 886 bytes
c:\windows\system32\drivers\O2MEDIA.CAT 7960 bytes
c:\windows\system32\drivers\O2MEDIA.INF 1705 bytes
c:\windows\system32\drivers\o2media.sys 34880 bytes executable
c:\windows\system32\drivers\O2MWXP.CAT 8655 bytes
c:\windows\system32\drivers\O2MWXP.INF 4286 bytes
c:\windows\system32\drivers\O2SD.CAT 7948 bytes
c:\windows\system32\drivers\O2SD.INF 1683 bytes
c:\windows\system32\drivers\o2sd.sys 29056 bytes executable
c:\windows\system32\drivers\O2SDDISK.CAT 7537 bytes
c:\windows\system32\drivers\O2SDDISK.INF 874 bytes
c:\windows\system32\drivers\OADriver.sys 200784 bytes executable
c:\windows\system32\drivers\OAmon.sys 24656 bytes executable
c:\windows\system32\drivers\oanet.sys 29776 bytes executable
c:\windows\system32\drivers\ohci1394.sys 61696 bytes executable
c:\windows\system32\drivers\arp1394.sys 60800 bytes executable
c:\windows\system32\drivers\aswFsBlk.sys 20560 bytes executable
c:\windows\system32\drivers\aswmon.sys 93424 bytes executable
c:\windows\system32\drivers\aswmon2.sys 94160 bytes executable
c:\windows\system32\drivers\aswRdr.sys 23120 bytes executable
c:\windows\system32\drivers\aswSP.sys 114768 bytes executable
c:\windows\system32\drivers\aswTdi.sys 48560 bytes executable
c:\windows\system32\drivers\asyncmac.sys 14336 bytes executable
c:\windows\system32\drivers\atapi.sys 96512 bytes executable
c:\windows\system32\drivers\ati1btxx.sys 56623 bytes executable
c:\windows\system32\drivers\ati1mdxx.sys 11615 bytes executable
c:\windows\system32\drivers\ati1pdxx.sys 12047 bytes executable
c:\windows\system32\drivers\ati1raxx.sys 30671 bytes executable
c:\windows\system32\drivers\ati1rvxx.sys 63663 bytes executable
c:\windows\system32\drivers\ati1snxx.sys 26367 bytes executable
c:\windows\system32\drivers\ati1ttxx.sys 21343 bytes executable
c:\windows\system32\drivers\ati1tuxx.sys 36463 bytes executable
c:\windows\system32\drivers\ati1xbxx.sys 29455 bytes executable
c:\windows\system32\drivers\wadv11nt.sys 11935 bytes executable
c:\windows\system32\drivers\wanarp.sys 34560 bytes executable
c:\windows\system32\drivers\watv06nt.sys 22271 bytes executable
c:\windows\system32\drivers\watv10nt.sys 25471 bytes executable
c:\windows\system32\drivers\wceusbsh.sys 104576 bytes executable
c:\windows\system32\drivers\wdmaud.sys 83072 bytes executable
c:\windows\system32\drivers\wmilib.sys 4352 bytes executable
c:\windows\system32\drivers\wpdusb.sys 38528 bytes executable
c:\windows\system32\drivers\ws2ifsl.sys 12032 bytes executable
c:\windows\system32\drivers\wstcodec.sys 19200 bytes executable
c:\windows\system32\drivers\WudfPf.sys 77568 bytes executable
c:\windows\system32\drivers\WudfRd.sys 82944 bytes executable
c:\windows\system32\drivers\_004470_.tmp.dll 71040 bytes executable
c:\windows\system32\drivers\ati2erec.dll 40960 bytes executable
c:\windows\system32\drivers\ati2mtaa.sys 326912 bytes executable
c:\windows\system32\drivers\ati2mtag.sys 1421312 bytes executable
c:\windows\system32\drivers\atinbtxx.sys 57856 bytes executable
c:\windows\system32\drivers\atinmdxx.sys 13824 bytes executable
c:\windows\system32\drivers\atinpdxx.sys 14336 bytes executable
c:\windows\system32\drivers\atinraxx.sys 52224 bytes executable
c:\windows\system32\drivers\atinrvxx.sys 104960 bytes executable
c:\windows\system32\drivers\atinsnxx.sys 28672 bytes executable
c:\windows\system32\drivers\atinttxx.sys 13824 bytes executable
c:\windows\system32\drivers\atintuxx.sys 73216 bytes executable
c:\windows\system32\drivers\atinxbxx.sys 31744 bytes executable
c:\windows\system32\drivers\atinxsxx.sys 63488 bytes executable
c:\windows\system32\drivers\ativcaxx.cpa 1114674 bytes
c:\windows\system32\drivers\ativcaxx.vp 929 bytes
c:\windows\system32\drivers\ativckxx.vp 58560 bytes
c:\windows\system32\drivers\ativmc20.cod 64352 bytes
c:\windows\system32\wbem\wmipicmp.mfl 14284 bytes
c:\windows\system32\wbem\wmipicmp.mof 19356 bytes
c:\windows\system32\wbem\wmipiprt.dll 61952 bytes executable
c:\windows\system32\wbem\wmipiprt.mfl 16662 bytes
c:\windows\system32\wbem\wmipiprt.mof 23692 bytes
c:\windows\system32\wbem\wmipjobj.dll 62464 bytes executable
c:\windows\system32\wbem\wmipjobj.mfl 43978 bytes
c:\windows\system32\wbem\wmipjobj.mof 61208 bytes
c:\windows\system32\wbem\wmiprov.dll 144896 bytes executable
c:\windows\system32\wbem\wmiprvsd.dll 453120 bytes executable
c:\windows\system32\wbem\wmiprvse.exe 227840 bytes executablec:\windows\system32\wbem\wmipsess.dll 41472 bytes executable
c:\windows\system32\wbem\wmipsess.mfl 9004 bytes
c:\windows\system32\wbem\wmipsess.mof 13880 bytes
c:\windows\system32\wbem\wmisvc.dll 144896 bytes executable
c:\windows\system32\wbem\wmitimep.dll 52224 bytes executable
c:\windows\system32\wbem\wmitimep.mfl 4014 bytes
c:\windows\system32\wbem\wmitimep.mof 6494 bytes
c:\windows\system32\wbem\wmiutils.dll 96768 bytes executable
c:\windows\system32\wbem\wscenter.mof 2460 bytes
c:\windows\system32\wbem\xml
c:\windows\system32\wbem\xml\cim20.dtd 9018 bytes
c:\windows\system32\wbem\xml\wmi20.dtd 12356 bytes
c:\windows\system32\wbem\xml\wmi2xml.dll 45568 bytes executable
c:\windows\system32\wbem\xml.xsl 1743 bytes
c:\windows\system32\wbem\xsl-mappings.xml 2870 bytes
c:\windows\system32\wbem\esscli.dll 247808 bytes executable
c:\windows\system32\wbem\evntrprv.dll 21504 bytes executable
c:\windows\system32\wbem\evntrprv.mof 10742 bytes
c:\windows\system32\wbem\fastprox.dll 473600 bytes executable
c:\windows\system32\wbem\fconprov.mfl 5896 bytes
c:\windows\system32\wbem\fconprov.mof 8790 bytes
c:\windows\system32\wbem\fevprov.mfl 3248 bytes
c:\windows\system32\wbem\fevprov.mof 4392 bytes
c:\windows\system32\wbem\framedyn.dll 185344 bytes executable
c:\windows\system32\wbem\fwdprov.dll 53248 bytes executable
c:\windows\system32\wbem\hform.xsl 4930 bytes
c:\windows\system32\wbem\hnetcfg.mof 16810 bytes
c:\windows\system32\wbem\htable-sortby.xsl 2855 bytes
c:\windows\system32\wbem\htable.xsl 4588 bytes
c:\windows\system32\wbem\ieinfo5.mof 43078 bytes
c:\windows\system32\wbem\krnlprov.dll 24576 bytes executable
c:\windows\system32\wbem\krnlprov.mfl 8454 bytes
c:\windows\system32\wbem\krnlprov.mof 12712 bytes
c:\windows\system32\wbem\licwmi.mfl 10350 bytes
c:\windows\system32\wbem\licwmi.mof 15586 bytes
c:\windows\system32\wbem\Logs
c:\windows\system32\wbem\Logs\FrameWork.log 1028 bytes
c:\windows\system32\wbem\Logs\NTEVT.log 2 bytes
c:\windows\system32\wbem\Logs\wbemcore.log 12480 bytes
c:\windows\system32\wbem\Logs\wbemess.log 49577 bytes
c:\windows\system32\wbem\Logs\wbemprox.log 510 bytes
c:\windows\system32\wbem\Logs\WBEMSNMP.log 2 bytes
c:\windows\system32\wbem\Logs\wmiprov.log 1032 bytes
c:\windows\system32\wbem\repdrvfs.dll 178176 bytes executable
c:\windows\system32\wbem\Repository
c:\windows\system32\wbem\Repository\$WinMgmt.CFG 20 bytes
c:\windows\system32\wbem\Repository\FS
c:\windows\system32\wbem\Repository\FS\INDEX.BTR 1589248 bytes
c:\windows\system32\wbem\Repository\FS\INDEX.MAP 820 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING.VER 4 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING1.MAP 12724 bytes
c:\windows\system32\wbem\Repository\FS\MAPPING2.MAP 12724 bytes
c:\windows\system32\wbem\Repository\FS\OBJECTS.DATA 24371200 bytes
c:\windows\system32\wbem\Repository\FS\OBJECTS.MAP 11924 bytes
c:\windows\system32\wbem\rsop.mfl 294190 bytes
c:\windows\system32\wbem\rsop.mof 88644 bytes
c:\windows\system32\wbem\scersop.mof 8716 bytes
c:\windows\system32\wbem\scm.mof 32676 bytes
c:\windows\system32\wbem\scrcons.exe 36352 bytes executable
c:\windows\system32\wbem\scrcons.mfl 3432 bytes
c:\windows\system32\wbem\scrcons.mof 5728 bytes
c:\windows\system32\wbem\secrcw32.mfl 33290 bytes
c:\windows\system32\wbem\wbemcntl.dll 198144 bytes executable
c:\windows\system32\wbem\wbemcomn.dll 214528 bytes executable
c:\windows\system32\wbem\wbemcons.dll 71680 bytes executable
c:\windows\system32\wbem\wbemcons.mfl 12862 bytes
c:\windows\system32\wbem\wbemcons.mof 18004 bytes
c:\windows\system32\wbem\wbemcore.dll 531456 bytes executable
c:\windows\system32\wbem\wbemdisp.dll 178176 bytes executable
c:\windows\system32\wbem\wbemdisp.tlb 59904 bytes executable
c:\windows\system32\wbem\wbemess.dll 273920 bytes executable
c:\windows\system32\wbem\wbemperf.dll 42496 bytes executable
c:\windows\system32\wbem\wbemprox.dll 18944 bytes executable
c:\windows\system32\wbem\wbemsvc.dll 43520 bytes executable
c:\windows\system32\wbem\wbemtest.exe 117760 bytes executable
c:\windows\system32\wbem\wbemupgd.dll 197120 bytes executable
c:\windows\system32\wbem\whqlprov.mof 19266 bytes
c:\windows\system32\wbem\winmgmt.exe 13824 bytes executable
c:\windows\system32\wbem\winmgmtr.dll 16896 bytes executable
c:\windows\system32\wbem\wmi.mfl 4498 bytes
c:\windows\system32\wbem\AutoRecover
c:\windows\system32\wbem\AutoRecover\D724DF13E0B0DF051EB5D403DD8EF2FC.mof 294288 bytes
c:\windows\system32\wbem\AutoRecover\D92470B796B6B18F9EE52301857F0567.mof 4092 bytes
c:\windows\system32\wbem\AutoRecover\DBD781C2C031C708BCB490F228E7BEF9.mof 8560 bytes
c:\windows\system32\wbem\AutoRecover\DC999686F8B85B326CEDFA199DD07F72.mof 165526 bytes
c:\windows\system32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof 42152 bytes
c:\windows\system32\wbem\AutoRecover\DFD614E4D613EF4506AC8F525F5F514B.mof 21220 bytes
c:\windows\system32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof 10784 bytes
c:\windows\system32\wbem\AutoRecover\E441354B9FE5F63362A481C9B9195A73.mof 10848 bytes
c:\windows\system32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof 58852 bytes
c:\windows\system32\wbem\AutoRecover\EDBF963FB003D0670AA9C2219BD091FB.mof 6600 bytes
c:\windows\system32\wbem\AutoRecover\FAAD7D567E76CAB10704AFD7C0488F23.mof 61314 bytes
c:\windows\system32\wbem\AutoRecover\79E817BC978E2D450EB9E3794DFDA6CF.mof 15688 bytes
c:\windows\system32\wbem\AutoRecover\7A62FA52E22CE751514BC93BE067BC80.mof 4594 bytes
c:\windows\system32\wbem\AutoRecover\7BDE76979585395D59B5DA1D62E63C50.mof 25566 bytes
c:\windows\system32\wbem\AutoRecover\7E27EAAD25AA36FEADFF502991DFC5C1.mof 167174 bytes
c:\windows\system32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof 1394 bytes
c:\windows\system32\wbem\AutoRecover\852ECCDBABE77624586E4417FE66F857.mof 4120 bytes
c:\windows\system32\wbem\AutoRecover\8636DC7F9479DACE6778109CB4FB4B01.mof 12818 bytes
c:\windows\system32\wbem\AutoRecover\88744D2A29102FC88ECF505DD2E984FC.mof 29386 bytes
c:\windows\system32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof 8102 bytes
c:\windows\system32\wbem\AutoRecover\958A50DFF8A9DF5FAEA042AC9F60815F.mof 11468 bytes
c:\windows\system32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof 2566 bytes
c:\windows\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof 33396 bytes
c:\windows\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof 23798 bytes
c:\windows\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof 130456 bytes
c:\windows\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof 7694 bytes
c:\windows\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof 107496 bytes
c:\windows\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof 3352 bytes
c:\windows\system32\wbem\AutoRecover\23BDE61F1F4FACE17E9B0C01F2A1FD9B.mof 32000 bytes
c:\windows\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof 2775948 bytes
c:\windows\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof 10452 bytes
c:\windows\system32\wbem\AutoRecover\A99860BB696AE92ED001E48B014365CE.mof 14390 bytes
c:\windows\system32\wbem\AutoRecover\ABB70D53B97FC8002205F77E02C97304.mof 8664 bytes
c:\windows\system32\wbem\AutoRecover\AE7023598F41510BF261111652046301.mof 19462 bytes
c:\windows\system32\wbem\AutoRecover\AEA50E449C23761CA4D9B7F9ED0D9C89.mof 9110 bytes
c:\windows\system32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof 32772 bytes
c:\windows\system32\wbem\AutoRecover\C3A0BE17B37ACE48BE78B31580231AE9.mof 88742 bytes
c:\windows\system32\wbem\AutoRecover\C6300BFE37ADE6B52EC023F66124985F.mof 99856 bytes
c:\windows\system32\wbem\AutoRecover\C81ACF420917AA0F87487BC4D958BEB4.mof 18500 bytes
c:\windows\system32\wbem\AutoRecover\C8463ECBE33BC240263A0B094E46D510.mof 2570652 bytes
c:\windows\system32\wbem\AutoRecover\C92641594A6F2DA8A55FE4738AFDA539.mof 28022 bytes
c:\windows\system32\wbem\AutoRecover\CA0106054EB09C302ED3E0669F99D021.mof 38840 bytes
c:\windows\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof 16768 bytes
c:\windows\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof 1987264 bytes
c:\windows\system32\wbem\AutoRecover\731AE1FC8C795979F40FAD645FFBAEB1.mof 43182 bytes
c:\windows\system32\wbem\AutoRecover\A7575F8DE31A912FFE91A7A41B1E382A.mof 46478 bytes
c:\windows\system32\wbem\AutoRecover\CFC35B349D24A8495FD2CEAB15C32D88.mof 4496 bytes
c:\windows\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof 13986 bytes
c:\windows\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof 16914 bytes
c:\windows\system32\wbem\AutoRecover\4D89333771FD4AF4E1A113F1D464674C.mof 15792 bytes
c:\windows\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof 19372 bytes
c:\windows\system32\wbem\AutoRecover\60A06765DDFE47EF7240BD9C1EB29EFE.mof 5110 bytes
c:\windows\system32\wbem\AutoRecover\6B38F33147D0369D5038BBB61C7A31C8.mof 107982 bytes
c:\windows\system32\wbem\AutoRecover\6FFF7467A5B40765D5740A413CA8BB8A.mof 8820 bytes
c:\windows\system32\wbem\AutoRecover\701B705ED7DF100F88D5BC4A595E938D.mof 58940 bytes
c:\windows\system32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof 127988 bytes
c:\windows\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof 41508 bytes
c:\windows\system32\wbem\AutoRecover\2B8B1A8B0ACD3EE28B421D3918DC1F29.mof 2376 bytes
c:\windows\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof 13448 bytes
c:\windows\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof 44084 bytes
c:\windows\system32\wbem\AutoRecover\2CFB5B149FA396D1AEA5F89B1C5A8D81.mof 12256 bytes
c:\windows\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof 3182 bytes
c:\windows\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof 29862 bytes
c:\windows\system32\wbem\cimwin32.dll 1359360 bytes executable
c:\windows\system32\wbem\cimwin32.mfl 1988244 bytes
c:\windows\system32\wbem\cimwin32.mof 2775842 bytes
c:\windows\system32\wbem\cli.mof 29290 bytes
c:\windows\system32\wbem\cliegaliases.mfl 31886 bytes
c:\windows\system32\wbem\cliegaliases.mof 2570538 bytes
c:\windows\system32\wbem\cmdevtgprov.dll 45056 bytes executable
c:\windows\system32\wbem\cmdevtgprov.mof 4148 bytes
c:\windows\system32\wbem\csv.xsl 2503 bytes
c:\windows\system32\wbem\dgnet.mof 3082 bytes
c:\windows\system32\wbem\dsprov.dll 120320 bytes executable
c:\windows\system32\wbem\dsprov.mfl 11366 bytes
c:\windows\system32\wbem\dsprov.mof 18398 bytes
c:\windows\system32\wbem\mof
c:\windows\system32\wbem\mof\bad
c:\windows\system32\wbem\mof\good
c:\windows\system32\wbem\mof\good\MSIOff9.mof 39167 bytes
c:\windows\system32\wbem\regevent.mof 46372 bytes
c:\windows\system32\wbem\secrcw32.mof 58746 bytes
c:\windows\system32\wbem\textvaluelist.xsl 2766 bytes
c:\windows\system32\wbem\wbemads.tlb 31232 bytes executable
c:\windows\system32\wbem\wmi.mof 10688 bytes
c:\windows\system32\wbem\wmipicmp.dll 76288 bytes executable
c:\windows\system32\wbem\mof.xsl 9261 bytes
c:\windows\system32\wbem\mofcomp.exe 16896 bytes executable
c:\windows\system32\wbem\mofd.dll 124416 bytes executable
c:\windows\system32\wbem\msi.mfl 107886 bytes
c:\windows\system32\wbem\msi.mof 165430 bytes
c:\windows\system32\wbem\msiprov.dll 273920 bytes executable
c:\windows\system32\wbem\napclientprov.mof 638 bytes
c:\windows\system32\wbem\napclientschema.mof 3990 bytes
c:\windows\system32\wbem\ncprov.dll 47104 bytes executable
c:\windows\system32\wbem\ncprov.mfl 626 bytes
c:\windows\system32\wbem\ncprov.mof 2880 bytes
c:\windows\system32\wbem\ntevt.dll 212992 bytes executable
c:\windows\system32\wbem\ntevt.mfl 21120 bytes
c:\windows\system32\wbem\ntevt.mof 29762 bytes
c:\windows\system32\wbem\Performance
c:\windows\system32\wbem\Performance\WmiApRpl.h 738 bytes
c:\windows\system32\wbem\Performance\WmiApRpl.ini 6290 bytes
c:\windows\system32\wbem\policman.dll 92672 bytes executable
c:\windows\system32\wbem\policman.mfl 5004 bytes
c:\windows\system32\wbem\policman.mof 12150 bytes
c:\windows\system32\wbem\provthrd.dll 237056 bytes executable
c:\windows\system32\wbem\rawxml.xsl 623 bytes
c:\windows\system32\wbem\regevent.mfl 38734 bytes
c:\windows\system32\wbem\tmplprov.dll 61952 bytes executable
c:\windows\system32\wbem\tmplprov.mfl 7664 bytes
c:\windows\system32\wbem\tmplprov.mof 12144 bytes
c:\windows\system32\wbem\trnsprov.dll 59904 bytes executable
c:\windows\system32\wbem\trnsprov.mfl 2040 bytes
c:\windows\system32\wbem\trnsprov.mof 4998 bytes
c:\windows\system32\wbem\tscfgwmi.mfl 58834 bytes
c:\windows\system32\wbem\tscfgwmi.mof 99750 bytes
c:\windows\system32\wbem\unsecapp.exe 16896 bytes executable
c:\windows\system32\wbem\updprov.dll 116224 bytes executable
c:\windows\system32\wbem\updprov.mfl 12776 bytes
c:\windows\system32\wbem\updprov.mof 20720 bytes
c:\windows\system32\wbem\viewprov.dll 131584 bytes executable
c:\windows\system32\wbem\wbemads.dll 12288 bytes executable
c:\windows\system32\wbem\wmiadap.exe 196608 bytes executable
c:\windows\system32\wbem\wmiapres.dll 6656 bytes executable
c:\windows\system32\wbem\wmiaprpl.dll 88576 bytes executable
c:\windows\system32\wbem\wmiapsrv.exe 126464 bytes executable
c:\windows\system32\wbem\wmic.exe 361472 bytes executable
c:\windows\system32\wbem\wmiclimofformat.xsl 9442 bytes
c:\windows\system32\wbem\wmiclitableformat.xsl 3247 bytes
c:\windows\system32\wbem\wmiclitableformatnosys.xsl 3921 bytes
c:\windows\system32\wbem\wmiclivalueformat.xsl 485 bytes
c:\windows\system32\wbem\wmicookr.dll 60928 bytes executable
c:\windows\system32\wbem\wmidcprv.dll 140800 bytes executable
c:\windows\system32\wbem\wmimsg.dll 61440 bytes executable
c:\windows\system32\wbem\wmipcima.dll 156672 bytes executable
c:\windows\system32\wbem\wmipcima.mfl 27916 bytes
c:\windows\system32\wbem\wmipcima.mof 41402 bytes
c:\windows\system32\wbem\wmipdskq.dll 132096 bytes executable
c:\windows\system32\wbem\wmipdskq.mfl 8558 bytes
c:\windows\system32\wbem\wmipdskq.mof 13342 bytes
c:\windows\system32\wbem\smtpcons.dll 40960 bytes executable
c:\windows\system32\wbem\smtpcons.mfl 2758 bytes
c:\windows\system32\wbem\smtpcons.mof 4100 bytes
c:\windows\system32\wbem\snmp
c:\windows\system32\wbem\sr.mof 7600 bytes
c:\windows\system32\wbem\stdprov.dll 86528 bytes executable
c:\windows\system32\wbem\subscrpt.mof 4458 bytes
c:\windows\system32\wbem\system.mof 127370 bytes
c:\windows\system32\wbem\texttable.xsl 6000 bytes
c:\windows\system32\wbem\texttablewsys.xsl 3247 bytes
C:\Documents and Settings
C:\Program Files
C:\aaw7boot.log 2220 bytes
C:\ASLog.txt 28900 bytes
C:\autorun.inf
C:\Boot.bak 211 bytes
C:\boot.ini 281 bytes
C:\Bootfont.bin 4952 bytes
C:\c17247ce1158ca76e21e
C:\cmdcons
C:\cmldr 261312 bytes
C:\ComboFix
C:\CONFIG.SYS 0 bytes
C:\deviceInfo.txt 8925 bytes
C:\Downloads
C:\Faktury
C:\GAMEs
C:\Garmin
C:\hiberfil.sys 1073139712 bytes
C:\HijackThis
C:\invisiblewar
C:\IO.SYS 0 bytes
C:\MSDOS.SYS 0 bytes
C:\MSOCache
C:\MyWorks
C:\NTDETECT.COM 47564 bytes
C:\ntldr 250576 bytes
C:\output
C:\pagefile.sys 1610612736 bytes
C:\Qoobox
C:\Red Dwarf
C:\Securiti windows
C:\TCleanerOdstraneníistícíchUtilitzPC
C:\Temp
C:\tmp
C:\totalcmd
C:\treeinfo.wc 213103 bytes
C:\UsbFix
C:\UsbFix.txt 111 bytes
C:\WINDOWS
C:\WinXMp4
sken byl úspešně dokončen
skryté soubory: 1065
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(428)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(1928)
c:\program files\Tall Emu\Online Armor\OAwatch.dll
c:\program files\matrjoska spliter\MatroskaSplitter\mmfinfo.dll
c:\program files\matrjoska spliter\MatroskaSplitter\mkunicode.dll
c:\program files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-12-29 13:32:58
ComboFix-quarantined-files.txt 2009-12-29 12:32
Před spuštěním: 8 524 742 656
Po spuštění: 8 493 993 984
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 986542ECC410E4544B485BB8AE918D6E
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
odinstalujte Online Armor Firewall
tyto soubory otestujte na www.virustotal.com a vložte sem odkazy na výsledky:
c:\windows\system32\drivers\71871562.sys
c:\windows\system32\drivers\7187156.sys
c:\windows\system32\drivers\71871561.sys
tyto soubory otestujte na www.virustotal.com a vložte sem odkazy na výsledky:
c:\windows\system32\drivers\71871562.sys
c:\windows\system32\drivers\7187156.sys
c:\windows\system32\drivers\71871561.sys
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
Online Armor jsem v průběhu kontroly vypnul , nebyl jsem si jistý jestli úplně odinstalovat a nahradit jiným .
odkaz: analisis/a3f8d9139142391d5f68aeb75a501243852a487f084f5aa75c03eb173d2b8935-1261861225
odkaz: analisis/16b77fb533986ca6119f1307e52a4d0b863043c3fee572df20c0bc0115cf68d8-1261956849
odkaz: analisis/d30daffafc29919c891c8952fc27890d735e4368c706ef452aa86b8b05cd7884-1261956820
odkaz: analisis/a3f8d9139142391d5f68aeb75a501243852a487f084f5aa75c03eb173d2b8935-1261861225
odkaz: analisis/16b77fb533986ca6119f1307e52a4d0b863043c3fee572df20c0bc0115cf68d8-1261956849
odkaz: analisis/d30daffafc29919c891c8952fc27890d735e4368c706ef452aa86b8b05cd7884-1261956820
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
sice jste svoje soubory neotestoval, ale nevadí, jsou v pořádku
Online Armor doporučuji úplně odinstalovat a nahradit spolehlivějším firewallem - např Zone Alarmem
na odinstalaci Online Armoru použijte Revo Uninstaller - http://www.studna.cz/8117/systemove-nas ... installer/ potom restartujte PC a pošlete nový log z Combofix
Online Armor doporučuji úplně odinstalovat a nahradit spolehlivějším firewallem - např Zone Alarmem
na odinstalaci Online Armoru použijte Revo Uninstaller - http://www.studna.cz/8117/systemove-nas ... installer/ potom restartujte PC a pošlete nový log z Combofix
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
ComboFix 09-12-28.05 - radim 29.12.2009 22:07:33.8.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.616 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091229-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-29 )))))))))))))))))))))))))))))))
.
2009-12-29 20:44 . 2009-11-22 14:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-12-29 20:44 . 2009-11-22 14:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-12-29 20:44 . 2009-11-22 14:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-12-29 20:44 . 2009-12-29 20:44 -------- d-----w- c:\program files\Zone Labs
2009-12-29 17:47 . 2009-12-29 17:47 -------- d-----w- c:\program files\Nová složka (2)
2009-12-29 17:35 . 2009-12-20 16:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2009-12-29 17:25 . 2009-12-29 17:35 -------- d-----w- c:\program files\RevoUninstaler
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 21:05 . 2009-12-29 21:05 308645 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-12-29 20:44 . 2007-12-15 19:26 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-12-29 17:56 . 2007-12-15 19:19 -------- d-----w- c:\program files\ZoneAlarm
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-30 21:52 . 2007-04-12 08:32 -------- d-----w- c:\program files\FireFox
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [7.2.2007 10:58 20128]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [29.12.2009 18:35 27064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S3 XVYLU;XVYLU;c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe --> c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe [?]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
MSConfigStartUp-@OnlineArmor GUI - c:\program files\Tall Emu\Online Armor\oaui.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 22:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(468)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-29 22:15:15
ComboFix-quarantined-files.txt 2009-12-29 21:15
ComboFix2.txt 2009-12-29 12:33
Před spuštěním: 8 257 417 216
Po spuštění: 8 232 304 640
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 34058BF0A0354630E141513BF46A18C4
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.616 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 091229-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-29 )))))))))))))))))))))))))))))))
.
2009-12-29 20:44 . 2009-11-22 14:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-12-29 20:44 . 2009-11-22 14:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-12-29 20:44 . 2009-11-22 14:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-12-29 20:44 . 2009-12-29 20:44 -------- d-----w- c:\program files\Zone Labs
2009-12-29 17:47 . 2009-12-29 17:47 -------- d-----w- c:\program files\Nová složka (2)
2009-12-29 17:35 . 2009-12-20 16:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2009-12-29 17:25 . 2009-12-29 17:35 -------- d-----w- c:\program files\RevoUninstaler
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-29 21:05 . 2009-12-29 21:05 308645 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-12-29 20:44 . 2007-12-15 19:26 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-12-29 17:56 . 2007-12-15 19:19 -------- d-----w- c:\program files\ZoneAlarm
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-30 21:52 . 2007-04-12 08:32 -------- d-----w- c:\program files\FireFox
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
C:\ComboFix [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [7.2.2007 10:58 20128]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
S2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [29.12.2009 18:35 27064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S3 XVYLU;XVYLU;c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe --> c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe [?]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
MSConfigStartUp-@OnlineArmor GUI - c:\program files\Tall Emu\Online Armor\oaui.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-29 22:13
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(468)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-29 22:15:15
ComboFix-quarantined-files.txt 2009-12-29 21:15
ComboFix2.txt 2009-12-29 12:33
Před spuštěním: 8 257 417 216
Po spuštění: 8 232 304 640
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 34058BF0A0354630E141513BF46A18C4
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
otevřte poznámkový blok (Notepad) a zkopírujte do něj následující text:
spustí se ComboFix a vykoná příkaz ze skriptu - potom pošlete nový log
Soubor uložte na plochu jako CFScript.txt a podle obrázku přetáhněte nad ComboFixKillAll::
Driver::
XVYLU
File::
c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\combofix]
Extra::
Firefox::
FF - ProfilePath - FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
spustí se ComboFix a vykoná příkaz ze skriptu - potom pošlete nový log
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
ComboFix 09-12-28.05 - radim 30.12.2009 16:46:08.9.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.665 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\radim\Plocha\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 091230-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FILE ::
"c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XVYLU
-------\Service_XVYLU
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-30 )))))))))))))))))))))))))))))))
.
2009-12-29 20:44 . 2009-11-22 14:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-12-29 20:44 . 2009-11-22 14:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-12-29 20:44 . 2009-11-22 14:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-12-29 20:44 . 2009-12-29 20:44 -------- d-----w- c:\program files\Zone Labs
2009-12-29 17:47 . 2009-12-29 17:47 -------- d-----w- c:\program files\Nová složka (2)
2009-12-29 17:35 . 2009-12-20 16:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2009-12-29 17:25 . 2009-12-29 17:35 -------- d-----w- c:\program files\RevoUninstaler
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-30 15:54 . 2009-12-29 21:05 1129051 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-12-29 20:44 . 2007-12-15 19:26 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-12-29 17:56 . 2007-12-15 19:19 -------- d-----w- c:\program files\ZoneAlarm
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [7.2.2007 10:58 20128]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [29.12.2009 18:35 27064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-30 16:54
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(472)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3600)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\o2flash.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2009-12-30 16:59:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-30 15:59
ComboFix2.txt 2009-12-29 21:15
ComboFix3.txt 2009-12-29 12:33
Před spuštěním: 8 145 653 760
Po spuštění: 8 067 883 008
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 122C78C51BD254606C995596DBD72C64
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.665 [GMT 1:00]
Spuštěný z: c:\documents and settings\radim\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\radim\Plocha\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 091230-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: ZoneAlarm Firewall *enabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
FILE ::
"c:\docume~1\radim\LOCALS~1\Temp\XVYLU.exe"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_XVYLU
-------\Service_XVYLU
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-28 do 2009-12-30 )))))))))))))))))))))))))))))))
.
2009-12-29 20:44 . 2009-11-22 14:42 69000 ----a-w- c:\windows\system32\zlcomm.dll
2009-12-29 20:44 . 2009-11-22 14:42 103816 ----a-w- c:\windows\system32\zlcommdb.dll
2009-12-29 20:44 . 2009-11-22 14:42 1238408 ----a-w- c:\windows\system32\zpeng25.dll
2009-12-29 20:44 . 2009-12-29 20:44 -------- d-----w- c:\program files\Zone Labs
2009-12-29 17:47 . 2009-12-29 17:47 -------- d-----w- c:\program files\Nová složka (2)
2009-12-29 17:35 . 2009-12-20 16:40 27064 ----a-w- c:\windows\system32\drivers\revoflt.sys
2009-12-29 17:25 . 2009-12-29 17:35 -------- d-----w- c:\program files\RevoUninstaler
2009-12-29 12:06 . 2009-12-29 12:08 -------- d-----w- C:\TCleanerOdstraneníistícíchUtilitzPC
2009-12-28 20:52 . 2009-12-28 20:52 -------- d-----w- c:\program files\trend micro
2009-12-25 14:04 . 2009-12-25 14:04 -------- d-----w- c:\program files\DIFX
2009-12-25 14:04 . 2009-12-26 16:45 -------- d-----w- c:\program files\Garmin
2009-12-25 14:04 . 2009-12-26 14:21 -------- d-----w- C:\Garmin
2009-12-21 22:21 . 2009-12-21 22:28 -------- d-----w- c:\program files\CCleaner
2009-12-13 00:09 . 2009-12-13 01:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-12 22:29 . 2009-12-13 01:07 -------- d-----w- c:\program files\JAVASUN
2009-12-12 22:13 . 2009-12-12 22:15 -------- d-----w- c:\program files\JavaObnovaVerzí
2009-12-12 21:47 . 2009-12-12 21:51 -------- d-----w- c:\program files\OTCcleaner
2009-12-12 20:27 . 2009-12-12 20:28 -------- d-----w- C:\HijackThis
2009-12-10 00:56 . 2009-12-10 01:14 -------- d-----w- c:\program files\GOMplayer
2009-12-09 00:10 . 2009-10-22 11:54 37392 ----a-w- c:\windows\system32\drivers\71871562.sys
2009-12-09 00:10 . 2009-10-09 21:31 315408 ----a-w- c:\windows\system32\drivers\7187156.sys
2009-12-09 00:10 . 2009-09-25 15:59 128016 ----a-w- c:\windows\system32\drivers\71871561.sys
2009-12-08 18:24 . 2009-12-09 20:55 -------- d-----w- C:\UsbFix
2009-12-06 13:12 . 2009-12-06 15:41 -------- d-----w- c:\program files\RootkitRevealer
2009-12-06 09:23 . 2009-12-06 09:32 -------- d-----w- c:\program files\MobilePartner
2009-12-05 14:21 . 2009-12-28 13:51 -------- d-----w- c:\program files\Opera Turbo
2009-12-04 21:35 . 2009-12-04 21:35 23600 ----a-w- c:\windows\system32\drivers\TVICHW32.SYS
2009-12-04 19:20 . 2009-12-04 19:20 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-04 19:07 . 2009-12-04 19:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-04 12:14 . 2008-09-26 17:01 621056 ----a-w- c:\windows\system32\drivers\mod7700.sys
2009-12-04 12:14 . 2008-09-26 17:01 113664 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2009-12-04 12:14 . 2008-09-26 17:01 101376 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2009-12-04 12:14 . 2008-09-26 17:00 24448 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2009-12-02 10:17 . 2009-12-05 17:47 -------- d-----w- c:\program files\O2 Mobilni internet
2009-12-01 15:17 . 2009-12-01 15:17 -------- d-----w- c:\program files\directx
2009-12-01 14:57 . 2009-12-01 14:57 -------- d-----w- c:\program files\Nival Interactive
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-30 15:54 . 2009-12-29 21:05 1129051 ----a-w- c:\windows\Internet Logs\tvDebug.Zip
2009-12-29 20:44 . 2007-12-15 19:26 4212 ---ha-w- c:\windows\system32\zllictbl.dat
2009-12-29 17:56 . 2007-12-15 19:19 -------- d-----w- c:\program files\ZoneAlarm
2009-12-13 00:09 . 2007-11-21 11:01 -------- d-----w- c:\program files\Java
2009-12-12 14:03 . 2007-02-09 14:31 -------- d-----w- c:\program files\VLC Player
2009-12-10 11:25 . 2004-08-18 11:00 81034 ----a-w- c:\windows\system32\perfc005.dat
2009-12-10 11:25 . 2004-08-18 11:00 434234 ----a-w- c:\windows\system32\perfh005.dat
2009-12-09 13:43 . 2008-01-04 10:06 -------- d-----w- c:\program files\golm
2009-12-04 19:16 . 2009-10-16 14:09 -------- d-----w- c:\program files\SuperaAntiSpyWare
2009-11-30 11:32 . 2009-10-16 13:54 -------- d-----w- c:\program files\MAMBMalwere
2009-11-27 20:18 . 2009-11-27 20:17 -------- d-----w- c:\program files\MalwareBytes
2009-11-27 20:10 . 2009-11-27 20:10 -------- d-----w- c:\program files\MSXML 4.0
2009-11-24 23:54 . 2009-09-11 08:25 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2009-09-11 08:25 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2009-09-11 08:25 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2009-09-11 08:25 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2009-09-11 08:25 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2009-09-11 08:25 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-09-11 08:25 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-09-11 08:25 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2009-09-11 08:25 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 16:03 . 2004-08-18 11:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 11:35 . 2009-11-21 11:33 -------- d-----w- c:\program files\DesetiPrsty
2009-11-19 11:37 . 2009-11-19 11:32 -------- d-----w- c:\program files\anonimizer TOR
2009-11-15 20:00 . 2009-11-15 19:57 -------- d-----w- c:\program files\INKSCAPEgrafika
2009-10-29 05:26 . 2004-08-18 11:00 668160 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:40 . 2004-08-18 11:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:40 . 2004-08-18 11:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2009-08-13 06:31 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:34 . 2004-08-18 11:00 271360 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2004-08-18 11:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2004-08-18 11:00 150016 ----a-w- c:\windows\system32\rastls.dll
2008-04-14 18:41 . 2008-04-14 18:41 1086613 ----a-w- c:\program files\PowerISO39.exe
2007-12-27 18:46 . 2007-12-27 18:45 1734996 ----a-w- c:\program files\free-ipod-video-converter.exe
2007-02-08 17:36 . 2007-02-08 17:36 11855 ----a-w- c:\program files\DCPlusPlus0694CZ.rar
2007-02-08 17:24 . 2007-02-08 16:46 4277889 ----a-w- c:\program files\sdc203.rar
2007-02-08 17:11 . 2007-02-08 17:11 1201644 ----a-w- c:\program files\wrar37b3.exe
2007-02-08 17:08 . 2007-02-08 17:07 2072464 ----a-w- c:\program files\tcmd7pb3.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-13 149280]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-11-22 1037192]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Nabídka Start^Programy^Po spuštění^Wireless Utility.lnk]
path=c:\documents and settings\All Users.WINDOWS\Nabídka Start\Programy\Po spuštění\Wireless Utility.lnk
backup=c:\windows\pss\Wireless Utility.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^radim^Nabídka Start^Programy^Po spuštění^OpenOffice.org 3.0.lnk]
backup=c:\windows\pss\OpenOffice.org 3.0.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
2005-09-09 03:20 88203 ----a-r- c:\windows\AGRSMMSG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2006-11-12 10:48 157592 ----a-w- c:\program files\DAEMON Tools\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 15:50 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2009-09-10 13:53 1312080 ----a-w- c:\program files\MAMBMalwere\Malwarebytes' Anti-Malware\mbam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MGSysCtrl]
2006-03-24 14:23 179200 ----a-w- c:\program files\System Control Manager\MGSysCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2008-04-14 03:22 171008 ----a-w- c:\windows\pchealth\helpctr\binaries\msconfig.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Power2GoExpress]
2005-07-08 15:01 1953887 ------w- c:\program files\CyberLink\Power2Go\Power2GoExpress.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-06-29 00:03 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2005-08-16 20:54 339968 ----a-w- c:\windows\vsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-23 07:43 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2009-11-13 11:31 247144 ----a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2005-08-17 14:57 90112 ----a-w- c:\windows\tsnp2std.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
2006-03-30 14:45 313472 ----a-r- c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
"RTHDCPL"=RTHDCPL.EXE
"Alcmtr"=ALCMTR.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQLite\\ICQLite.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\GAMEs\\LOTR II\\game.dat"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Utorent\\uTorrent\\utorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23859:TCP"= 23859:TCP:BitComet 23859 TCP
"23859:UDP"= 23859:UDP:BitComet 23859 UDP
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
R0 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 8:00 34880]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 9:01 29056]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [11.9.2009 9:25 114768]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23.11.2009 8:43 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23.11.2009 8:43 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [11.9.2009 9:25 20560]
R2 NishService;SCM Driver Daemon;c:\program files\System Control Manager\edd.exe [7.2.2007 10:58 40960]
R3 MGHwCtrl;MGHwCtrl;c:\windows\system32\drivers\MGHwCtrl.sys [7.2.2007 10:58 20128]
S3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\PavTPK.sys --> c:\windows\system32\PavTPK.sys [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [29.12.2009 18:35 27064]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23.11.2009 8:43 7408]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [4.12.2009 22:35 23600]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.4.2007 13:34 639224]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Easy-WebPrint - Náhled - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint - Přidat na seznam k tisku - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint - Tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
IE: Easy-WebPrint - Vysokorychlostní tisk - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
TCP: {CFFB196D-329C-46D0-8BCD-E32B9DD0022C} = 217.195.160.10,217.195.165.131
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB
FF - ProfilePath - c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: network.proxy.type - 1
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\components\WinampTBPlayer.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayAccessComponent.dll
FF - component: c:\documents and settings\radim\Data aplikací\Mozilla\Firefox\Profiles\35yix5ng.default\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}\platform\WINNT\components\ebayShortcutMaker.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\golm\Real Alternative\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npdsplay.dll
FF - plugin: c:\program files\Opera Turbo\program\plugins\npwmsdrm.dll
FF - plugin: c:\program files\VLC Player\VLC\npvlc.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-30 16:54
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-507921405-706699826-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:29,6e,22,45,a7,0c,3c,94,8d,ed,49,35,f2,ae,94,4d,3f,bc,ff,0a,a8,a6,f4,
1a,8d,e2,19,f5,0c,85,79,8f,5a,34,f5,5e,1c,16,4d,21,82,f0,28,ed,23,e5,26,d2,\
"??"=hex:33,11,23,de,0b,d9,1f,29,a6,ce,2a,8b,3d,1b,54,1f
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'winlogon.exe'(472)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'explorer.exe'(3600)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\o2flash.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Celkový čas: 2009-12-30 16:59:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-12-30 15:59
ComboFix2.txt 2009-12-29 21:15
ComboFix3.txt 2009-12-29 12:33
Před spuštěním: 8 145 653 760
Po spuštění: 8 067 883 008
Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 122C78C51BD254606C995596DBD72C64
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
OK
znovu použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter
(utilita může být označena antivirem jako vir - po použití ji smažte)
potom CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
znovu použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter
(utilita může být označena antivirem jako vir - po použití ji smažte)
potom CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
Použil jsem TCleaner , CCleaner a ATFCleaner podle návodu , vyzkoušel FireFox zatím dobrý , ale Opera spadla během chvíle .
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
Opera - vymazal jste opravdu ATF Cleanerem celou cache? Jakou máte verzi, píše to nějakou chybu?
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Prosím o kontrolu logu
Opera i Firefox zatím ok , tak snad to vydrží . Děkuji za rady .
-
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Prosím o kontrolu logu
nemáte zač
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)