Dobrý den, do PC se dostal Rootik.Kryptik.AF. XP jde spustit jen v poslední funkční konfiguraci. Včera NOD našel 1 infekci, dnes už víc než 10. Prosím o pomoc a přikládám RSIT log.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-04-16 17:24:57
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 6 GB (10%) free of 60 GB
Total RAM: 895 MB (28% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:05, on 16.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLCapSvc.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\Mobile Theater\PCMService.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\zhhp1600.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\ASUS\Mobile Theater\PCMService.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: McAfee Security Scan.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 9644 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-842925246-746137067-839522115-500.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-842925246-746137067-839522115-500.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-09 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-03-18 329312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-09 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HControl"=C:\WINDOWS\ATK0100\HControl.exe [2006-08-24 110592]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-04-27 86016]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-10-22 761945]
"ACMON"=C:\Program Files\ASUS\Splendid\ACMON.exe [2006-05-30 811008]
"PowerForPhone"=C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe [2006-01-25 561152]
"ATKMEDIA"=C:\Program Files\ASUS\ATK Media\DMEDIA.EXE [2006-02-15 49152]
"Wireless Console 2"=C:\Program Files\Wireless Console 2\wcourier.exe [2005-10-17 987136]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"PCMService"=C:\Program Files\ASUS\Mobile Theater\PCMService.exe [2006-02-15 147456]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-10-07 1461080]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2010-03-18 202256]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-04-27 7561216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-02-09 26624]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng1.exe
McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ASUS\Mobile Theater\PowerCinema.exe"="C:\Program Files\ASUS\Mobile Theater\PowerCinema.exe:*:Enabled:CyberLink PowerCinema"
"C:\Program Files\ASUS\Mobile Theater\PCMService.exe"="C:\Program Files\ASUS\Mobile Theater\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
5609-05-01 20:01:42 ----A---- C:\WINDOWS\system32\LMRTREND.dll
5609-05-01 20:01:41 ----A---- C:\WINDOWS\system32\dxtmsft3.dll
5609-05-01 20:01:39 ----A---- C:\WINDOWS\system32\unam4ie.exe
5609-05-01 20:01:38 ----A---- C:\WINDOWS\system32\vidx16.dll
5609-05-01 20:01:38 ----A---- C:\WINDOWS\system32\qcut.dll
5609-05-01 20:01:37 ----A---- C:\WINDOWS\system32\w95inf32.dll
5609-05-01 20:01:37 ----A---- C:\WINDOWS\system32\w95inf16.dll
5609-05-01 19:57:19 ----A---- C:\Debug.txt
5609-05-01 18:26:42 ----HD---- C:\Program Files\InstallShield Installation Information
5609-05-01 18:26:42 ----D---- C:\WINDOWS\OPTIONS
5609-05-01 17:38:01 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Zoner
5609-05-01 17:37:29 ----D---- C:\Program Files\Zoner
5609-05-01 17:36:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
5609-05-01 17:34:23 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
5609-05-01 17:32:08 ----D---- C:\Program Files\Common Files\Adobe
5609-05-01 17:32:04 ----D---- C:\Program Files\Adobe
5609-05-01 17:30:29 ----A---- C:\WINDOWS\IsUninst.exe
5609-04-16 09:54:09 ----A---- C:\WINDOWS\TRNCOM.INI
5609-04-16 09:50:37 ----D---- C:\TRANSLAT
5609-04-16 09:50:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
5609-04-16 09:49:56 ----D---- C:\Documents and Settings\Administrator\Data aplikací\LangSoft
5609-04-16 09:43:43 ----A---- C:\WINDOWS\system32\msonpmon.dll
5609-04-16 09:42:55 ----D---- C:\Program Files\Microsoft Works
5609-04-16 09:42:48 ----D---- C:\Program Files\MSBuild
5609-04-16 09:42:30 ----D---- C:\Program Files\Microsoft Visual Studio
5609-04-16 09:42:30 ----D---- C:\Program Files\Common Files\DESIGNER
5609-04-16 09:39:10 ----D---- C:\WINDOWS\SHELLNEW
5609-04-16 09:38:55 ----D---- C:\Program Files\Microsoft Office
5609-04-16 09:38:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
5609-04-16 09:38:35 ----RD---- C:\MSOCache
5609-04-16 09:22:46 ----A---- C:\WINDOWS\system32\h323log.txt
5609-04-16 09:18:46 ----A---- C:\WINDOWS\system32\irmon.dll
5609-04-16 09:18:45 ----A---- C:\WINDOWS\system32\wshirda.dll
5609-04-16 09:18:45 ----A---- C:\WINDOWS\system32\irftp.exe
5609-04-16 09:18:06 ----A---- C:\WINDOWS\system32\usbui.dll
5609-04-16 09:17:02 ----A---- C:\WINDOWS\imsins.BAK
5609-04-16 09:16:59 ----SHD---- C:\WINDOWS\Installer
5609-04-16 09:16:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
5609-04-16 09:16:58 ----D---- C:\Program Files\Common Files\ODBC
5609-04-16 09:16:58 ----A---- C:\WINDOWS\ODBCINST.INI
5609-04-16 09:16:55 ----D---- C:\Program Files\Common Files\SpeechEngines
5609-04-16 09:16:54 ----RD---- C:\Program Files
5609-04-16 09:16:54 ----D---- C:\Program Files\Common Files\Microsoft Shared
5609-04-16 09:16:54 ----D---- C:\Program Files\Common Files
5609-04-16 09:16:51 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
5609-04-16 09:16:51 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
5609-04-16 09:16:51 ----RA---- C:\WINDOWS\system32\kbdazel.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdycc.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbduzb.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdur.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdtat.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdru1.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdru.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdmon.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdbu.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdblr.dll
5609-04-16 09:16:49 ----RA---- C:\WINDOWS\system32\kbdaze.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhept.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdhe.dll
5609-04-16 09:16:47 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
5609-04-16 09:16:45 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
5609-04-16 09:16:45 ----RA---- C:\WINDOWS\system32\kbdlv.dll
5609-04-16 09:16:45 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
5609-04-16 09:16:45 ----RA---- C:\WINDOWS\system32\kbdlt.dll
5609-04-16 09:16:45 ----RA---- C:\WINDOWS\system32\kbdest.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdycl.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdsl1.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdsl.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdro.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdpl1.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdpl.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdhu1.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdhu.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\kbdcr.dll
5609-04-16 09:16:41 ----A---- C:\WINDOWS\system32\KBDAL.DLL
5609-04-16 09:16:40 ----A---- C:\WINDOWS\system32\irclass.dll
5609-04-16 09:16:40 ----A---- C:\WINDOWS\system32\dgsetup.dll
5609-04-16 09:16:40 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
5609-04-16 09:16:39 ----A---- C:\WINDOWS\system32\spxcoins.dll
5609-04-16 09:16:39 ----A---- C:\WINDOWS\system32\EqnClass.Dll
5609-04-16 09:16:37 ----N---- C:\WINDOWS\system32\CONFIG.TMP
5609-04-16 09:16:37 ----A---- C:\WINDOWS\TASKMAN.EXE
5609-04-16 09:16:36 ----A---- C:\WINDOWS\system32\batt.dll
5609-04-16 09:16:36 ----A---- C:\WINDOWS\notepad.exe
5609-04-16 09:16:35 ----A---- C:\WINDOWS\system32\storprop.dll
5609-04-16 09:16:28 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
5609-04-16 09:16:27 ----RA---- C:\WINDOWS\SET25.tmp
5609-04-16 09:16:24 ----RA---- C:\WINDOWS\SET8.tmp
5609-04-16 09:16:22 ----RA---- C:\WINDOWS\SET4.tmp
5609-04-16 09:16:20 ----RA---- C:\WINDOWS\SET3.tmp
5609-04-16 09:16:16 ----D---- C:\WINDOWS\system32\CatRoot2
5609-04-16 09:16:16 ----D---- C:\WINDOWS\system32\CatRoot
5609-04-16 09:16:10 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
5609-04-16 09:15:49 ----A---- C:\WINDOWS\setuplog.txt
5609-04-16 09:15:45 ----SHD---- C:\System Volume Information
5609-04-16 09:15:45 ----D---- C:\Documents and Settings
5609-04-16 09:14:47 ----RASH---- C:\boot.ini
5609-04-16 09:08:19 ----RSHDC---- C:\WINDOWS\system32\dllcache
5609-04-16 09:08:19 ----RSD---- C:\WINDOWS\Fonts
5609-04-16 09:08:19 ----RD---- C:\WINDOWS\Web
5609-04-16 09:08:19 ----HD---- C:\WINDOWS\inf
5609-04-16 09:08:19 ----D---- C:\WINDOWS\WinSxS
5609-04-16 09:08:19 ----D---- C:\WINDOWS\twain_32
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Temp
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\wins
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\wbem
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\usmt
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\spool
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\ShellExt
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\Setup
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\ras
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\oobe
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\npp
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\mui
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\inetsrv
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\IME
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\icsxml
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\ias
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\export
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\drivers
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\dhcp
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\config
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\3com_dmi
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\3076
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\2052
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1054
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1042
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1041
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1037
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1033
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1031
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1029
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1028
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32\1025
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system32
5609-04-16 09:08:19 ----D---- C:\WINDOWS\system
5609-04-16 09:08:19 ----D---- C:\WINDOWS\security
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Resources
5609-04-16 09:08:19 ----D---- C:\WINDOWS\repair
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Provisioning
5609-04-16 09:08:19 ----D---- C:\WINDOWS\pchealth
5609-04-16 09:08:19 ----D---- C:\WINDOWS\PeerNet
5609-04-16 09:08:19 ----D---- C:\WINDOWS\mui
5609-04-16 09:08:19 ----D---- C:\WINDOWS\msapps
5609-04-16 09:08:19 ----D---- C:\WINDOWS\msagent
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Media
5609-04-16 09:08:19 ----D---- C:\WINDOWS\java
5609-04-16 09:08:19 ----D---- C:\WINDOWS\ime
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Help
5609-04-16 09:08:19 ----D---- C:\WINDOWS\ehome
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Driver Cache
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Debug
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Cursors
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Connection Wizard
5609-04-16 09:08:19 ----D---- C:\WINDOWS\Config
5609-04-16 09:08:19 ----D---- C:\WINDOWS\AppPatch
5609-04-16 09:08:19 ----D---- C:\WINDOWS\addins
5609-04-16 09:08:19 ----D---- C:\WINDOWS
5609-04-16 09:01:45 ----RA---- C:\WINDOWS\system32\rixdicon.dll
5609-04-16 09:01:04 ----RA---- C:\WINDOWS\system32\snymsico.dll
5609-04-16 08:57:35 ----A---- C:\WINDOWS\system32\34CoInstaller.dll
5609-04-16 08:57:34 ----RA---- C:\WINDOWS\system32\TVRate.dll
5609-04-16 08:57:27 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
5609-04-16 08:57:27 ----A---- C:\WINDOWS\system32\psisdecd.dll
5609-04-16 08:50:43 ----D---- C:\WINDOWS\system32\Lang
5609-04-16 08:49:01 ----RA---- C:\WINDOWS\system32\mdmxsdk.dll
5609-04-16 08:49:01 ----D---- C:\Program Files\CONEXANT
5609-04-16 08:49:01 ----A---- C:\WINDOWS\system32\UCI32100.dll
5609-04-16 08:47:58 ----A---- C:\WINDOWS\RtlUpd.exe
5609-04-16 08:47:57 ----D---- C:\WINDOWS\system32\RTCOM
5609-04-16 08:47:56 ----A---- C:\WINDOWS\alcwzrd.exe
5609-04-16 08:47:52 ----A---- C:\WINDOWS\SoundMan.exe
5609-04-16 08:47:52 ----A---- C:\WINDOWS\RTLCPL.exe
5609-04-16 08:47:51 ----A---- C:\WINDOWS\MicCal.exe
5609-04-16 08:47:45 ----A---- C:\WINDOWS\RTHDCPL.exe
5609-04-16 08:47:42 ----A---- C:\WINDOWS\system32\ksuser.dll
5609-04-16 08:46:38 ----A---- C:\WINDOWS\system32\spupdsvc.exe
5609-04-16 08:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
5609-04-16 08:44:43 ----D---- C:\WINDOWS\nview
5609-04-16 08:44:43 ----A---- C:\WINDOWS\system32\nvudisp.exe
5609-04-16 08:43:40 ----D---- C:\WINDOWS\ATK0100
5609-04-16 08:22:47 ----RA---- C:\WINDOWS\system32\nvusmb.exe
5609-04-16 08:22:38 ----D---- C:\WINDOWS\system32\ReinstallBackups
5609-04-16 08:22:27 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
5609-04-16 08:22:17 ----D---- C:\Program Files\Common Files\InstallShield
5609-04-16 08:19:16 ----A---- C:\WINDOWS\system32\wpa.bak
5609-04-16 08:10:44 ----D---- C:\Program Files\TC PowerPack
5609-04-16 08:09:18 ----SD---- C:\WINDOWS\system32\Microsoft
5609-04-16 08:09:17 ----A---- C:\WINDOWS\SchedLgU.Txt
5609-04-16 08:07:46 ----D---- C:\WINDOWS\SoftwareDistribution
5609-04-16 07:31:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Identities
5609-04-16 07:31:33 ----HD---- C:\Program Files\Uninstall Information
5609-04-16 07:31:22 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
5609-04-16 07:31:22 ----ASH---- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
5609-04-16 07:26:43 ----D---- C:\WINDOWS\system32\xircom
5609-04-16 07:26:43 ----D---- C:\Program Files\xerox
5609-04-16 07:26:43 ----D---- C:\Program Files\microsoft frontpage
5609-04-16 07:26:28 ----HD---- C:\WINDOWS\$hf_mig$
5609-04-16 07:26:17 ----A---- C:\WINDOWS\control.ini
5609-04-16 07:26:17 ----A---- C:\AUTOEXEC.BAT
5609-04-16 07:26:08 ----A---- C:\WINDOWS\OEWABLog.txt
5609-04-16 07:26:04 ----A---- C:\WINDOWS\system32\mapi32.dll
5609-04-16 07:25:18 ----SD---- C:\WINDOWS\Downloaded Program Files
5609-04-16 07:25:18 ----RD---- C:\WINDOWS\Offline Web Pages
5609-04-16 07:25:18 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
5609-04-16 07:25:12 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
5609-04-16 07:25:07 ----HD---- C:\Program Files\WindowsUpdate
5609-04-16 07:25:04 ----D---- C:\Program Files\Online Services
5609-04-16 07:24:48 ----D---- C:\WINDOWS\system32\DirectX
5609-04-16 07:24:26 ----A---- C:\WINDOWS\system32\atrace.dll
5609-04-16 07:24:24 ----A---- C:\WINDOWS\system32\desktop.ini
5609-04-16 07:24:24 ----A---- C:\WINDOWS\desktop.ini
5609-04-16 07:24:17 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
5609-04-16 07:24:15 ----A---- C:\WINDOWS\system32\acctres.dll
5609-04-16 07:24:14 ----D---- C:\Program Files\Common Files\Services
5609-04-16 07:24:12 ----SD---- C:\WINDOWS\Tasks
5609-04-16 07:24:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
5609-04-16 07:24:11 ----D---- C:\Program Files\Common Files\MSSoap
5609-04-16 07:24:07 ----D---- C:\WINDOWS\srchasst
5609-04-16 07:24:06 ----D---- C:\WINDOWS\system32\Macromed
5609-04-16 07:24:03 ----A---- C:\WINDOWS\system32\wuweb.dll
5609-04-16 07:24:03 ----A---- C:\WINDOWS\system32\wucltui.dll
5609-04-16 07:24:03 ----A---- C:\WINDOWS\system32\wuauserv.dll
5609-04-16 07:24:03 ----A---- C:\WINDOWS\system32\wuaueng1.dll
5609-04-16 07:24:02 ----N---- C:\WINDOWS\system32\wuauclt.exe
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\wups.dll
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\wuauclt1.exe
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\wuapi.dll
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\bitsprx3.dll
5609-04-16 07:24:02 ----A---- C:\WINDOWS\system32\bitsprx2.dll
5609-04-16 07:24:01 ----N---- C:\WINDOWS\system32\qmgr.dll
5609-04-16 07:24:01 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
5609-04-16 07:23:58 ----D---- C:\Program Files\Movie Maker
5609-04-16 07:23:54 ----A---- C:\WINDOWS\system32\safrslv.dll
5609-04-16 07:23:54 ----A---- C:\WINDOWS\system32\safrdm.dll
5609-04-16 07:23:54 ----A---- C:\WINDOWS\system32\safrcdlg.dll
5609-04-16 07:23:53 ----A---- C:\WINDOWS\system32\racpldlg.dll
5609-04-16 07:23:50 ----A---- C:\WINDOWS\system32\fltmc.exe
5609-04-16 07:23:50 ----A---- C:\WINDOWS\system32\fltlib.dll
5609-04-16 07:23:49 ----N---- C:\WINDOWS\system32\srsvc.dll
5609-04-16 07:23:49 ----D---- C:\WINDOWS\system32\Restore
5609-04-16 07:23:49 ----A---- C:\WINDOWS\system32\srrstr.dll
5609-04-16 07:23:49 ----A---- C:\WINDOWS\system32\srclient.dll
5609-04-16 07:23:49 ----A---- C:\WINDOWS\system32\ils.dll
5609-04-16 07:23:48 ----A---- C:\WINDOWS\system32\nmmkcert.dll
5609-04-16 07:23:48 ----A---- C:\WINDOWS\system32\msconf.dll
5609-04-16 07:23:48 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
5609-04-16 07:23:48 ----A---- C:\WINDOWS\system32\mnmdd.dll
5609-04-16 07:23:48 ----A---- C:\WINDOWS\system32\isrdbg32.dll
5609-04-16 07:23:45 ----D---- C:\Program Files\NetMeeting
5609-04-16 07:23:45 ----A---- C:\WINDOWS\system32\msoert2.dll
5609-04-16 07:23:45 ----A---- C:\WINDOWS\system32\msoeacct.dll
5609-04-16 07:23:44 ----A---- C:\WINDOWS\system32\inetres.dll
5609-04-16 07:23:44 ----A---- C:\WINDOWS\system32\inetcomm.dll
5609-04-16 07:23:42 ----N---- C:\WINDOWS\system32\schedsvc.dll
5609-04-16 07:23:42 ----D---- C:\Program Files\Outlook Express
5609-04-16 07:23:42 ----A---- C:\WINDOWS\system32\mstinit.exe
5609-04-16 07:23:42 ----A---- C:\WINDOWS\system32\mstask.dll
5609-04-16 07:23:41 ----A---- C:\WINDOWS\system32\isign32.dll
5609-04-16 07:23:41 ----A---- C:\WINDOWS\system32\inetcfg.dll
5609-04-16 07:23:41 ----A---- C:\WINDOWS\system32\icwphbk.dll
5609-04-16 07:23:41 ----A---- C:\WINDOWS\system32\icwdial.dll
5609-04-16 07:23:35 ----D---- C:\Program Files\Common Files\System
5609-04-16 07:23:30 ----D---- C:\Program Files\Internet Explorer
5609-04-16 07:23:02 ----D---- C:\Program Files\ComPlus Applications
5609-04-16 07:23:00 ----A---- C:\WINDOWS\vbaddin.ini
5609-04-16 07:23:00 ----A---- C:\WINDOWS\vb.ini
5609-04-16 07:22:56 ----D---- C:\WINDOWS\Registration
5609-04-16 07:22:50 ----D---- C:\Program Files\Windows Media Player
5609-04-16 07:22:45 ----D---- C:\Program Files\Messenger
5609-04-16 07:22:41 ----D---- C:\Program Files\MSN Gaming Zone
5609-04-16 07:22:41 ----A---- C:\WINDOWS\system32\write.exe
5609-04-16 07:22:30 ----A---- C:\WINDOWS\system32\sndvol32.exe
5609-04-16 07:22:30 ----A---- C:\WINDOWS\system32\hticons.dll
5609-04-16 07:22:30 ----A---- C:\WINDOWS\system32\avwav.dll
5609-04-16 07:22:30 ----A---- C:\WINDOWS\system32\avtapi.dll
5609-04-16 07:22:30 ----A---- C:\WINDOWS\system32\avmeter.dll
5609-04-16 07:22:29 ----A---- C:\WINDOWS\system32\winchat.exe
5609-04-16 07:22:22 ----A---- C:\WINDOWS\system32\charmap.exe
5609-04-16 07:22:22 ----A---- C:\WINDOWS\system32\getuname.dll
5609-04-16 07:22:21 ----A---- C:\WINDOWS\system32\winmine.exe
5609-04-16 07:22:21 ----A---- C:\WINDOWS\system32\sol.exe
5609-04-16 07:22:21 ----A---- C:\WINDOWS\system32\calc.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\usrlogon.cmd
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\tsshutdn.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\tslabels.ini
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\tskill.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\tsdiscon.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\tscon.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\reset.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\mshearts.exe
5609-04-16 07:22:20 ----A---- C:\WINDOWS\system32\freecell.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\shadow.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\rwinsta.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\regini.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\qwinsta.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\qappsrv.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\msg.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\logoff.exe
5609-04-16 07:22:19 ----A---- C:\WINDOWS\system32\cdmodem.dll
5609-04-16 07:22:18 ----A---- C:\WINDOWS\system32\mtxlegih.dll
5609-04-16 07:22:18 ----A---- C:\WINDOWS\system32\mtxex.dll
5609-04-16 07:22:18 ----A---- C:\WINDOWS\system32\mtxdm.dll
5609-04-16 07:22:18 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
5609-04-16 07:22:17 ----A---- C:\WINDOWS\system32\stclient.dll
5609-04-16 07:22:17 ----A---- C:\WINDOWS\system32\comsnap.dll
5609-04-16 07:22:17 ----A---- C:\WINDOWS\system32\comrepl.dll
5609-04-16 07:22:17 ----A---- C:\WINDOWS\system32\comaddin.dll
5609-04-16 07:22:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
5609-04-16 07:22:10 ----A---- C:\WINDOWS\system32\sndrec32.exe
5609-04-16 07:22:10 ----A---- C:\WINDOWS\system32\mplay32.exe
5609-04-16 07:22:10 ----A---- C:\WINDOWS\system32\hypertrm.dll
5609-04-16 07:22:10 ----A---- C:\WINDOWS\system32\accwiz.exe
5609-04-16 07:22:09 ----D---- C:\Program Files\Windows NT
5609-04-16 07:22:09 ----A---- C:\WINDOWS\system32\spider.exe
5609-04-16 07:22:09 ----A---- C:\WINDOWS\system32\mspaint.exe
5609-04-16 07:22:09 ----A---- C:\WINDOWS\system32\clipbrd.exe
5609-04-16 07:22:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
5609-04-16 07:22:08 ----A---- C:\WINDOWS\system32\mstscax.dll
5609-04-16 07:22:08 ----A---- C:\WINDOWS\system32\mstsc.exe
5609-04-16 07:22:07 ----N---- C:\WINDOWS\system32\termsrv.dll
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\sessmgr.exe
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\remotepg.dll
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdshost.exe
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdsaddin.exe
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
5609-04-16 07:22:07 ----A---- C:\WINDOWS\system32\rdchost.dll
5609-04-16 07:22:06 ----D---- C:\WINDOWS\system32\MsDtc
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\qprocess.exe
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\mtxoci.dll
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\msdtcprx.dll
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\icaapi.dll
5609-04-16 07:22:06 ----A---- C:\WINDOWS\system32\cfgbkend.dll
5609-04-16 07:22:05 ----A---- C:\WINDOWS\system32\xolehlp.dll
5609-04-16 07:22:05 ----A---- C:\WINDOWS\system32\msdtctm.dll
5609-04-16 07:22:05 ----A---- C:\WINDOWS\system32\msdtclog.dll
5609-04-16 07:22:05 ----A---- C:\WINDOWS\system32\msdtc.exe
5609-04-16 07:22:04 ----D---- C:\WINDOWS\system32\Com
5609-04-16 07:22:04 ----A---- C:\WINDOWS\system32\colbact.dll
5609-04-16 07:22:04 ----A---- C:\WINDOWS\system32\clbcatex.dll
5609-04-16 07:22:04 ----A---- C:\WINDOWS\system32\catsrvut.dll
5609-04-16 07:22:04 ----A---- C:\WINDOWS\system32\catsrvps.dll
5609-04-16 07:22:04 ----A---- C:\WINDOWS\system32\catsrv.dll
5609-04-16 07:22:03 ----A---- C:\WINDOWS\system32\comuid.dll
5609-04-16 07:22:03 ----A---- C:\WINDOWS\system32\comsvcs.dll
5609-04-16 07:22:03 ----A---- C:\WINDOWS\system32\clbcatq.dll
5609-04-16 07:21:56 ----A---- C:\WINDOWS\system32\servdeps.dll
5609-04-16 07:21:56 ----A---- C:\WINDOWS\system32\mmfutil.dll
5609-04-16 07:21:56 ----A---- C:\WINDOWS\system32\licwmi.dll
5609-04-16 07:21:56 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-04-14 23:00:57 ----A---- C:\ComboFix.txt
2010-04-14 21:20:11 ----D---- C:\rsit
2010-04-14 21:20:11 ----D---- C:\Program Files\trend micro
2010-04-14 20:23:45 ----A---- C:\Boot.bak
2010-04-14 20:23:38 ----RASHD---- C:\cmdcons
2010-04-14 20:22:37 ----A---- C:\WINDOWS\zip.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\SWSC.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\SWREG.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\sed.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\PEV.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\MBR.exe
2010-04-14 20:22:37 ----A---- C:\WINDOWS\grep.exe
2010-04-14 20:22:36 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-14 20:22:30 ----D---- C:\WINDOWS\ERDNT
2010-04-14 20:18:52 ----AD---- C:\Qoobox
2010-04-14 19:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 19:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 19:40:53 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 19:40:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 19:39:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 10:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 10:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-14 10:51:00 ----D---- C:\WINDOWS\LastGood
2010-04-14 09:49:12 ----D---- C:\WINDOWS\LastGood.Tmp
2010-03-29 14:18:32 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Google
2010-03-24 10:57:05 ----D---- C:\Program Files\Common Files\Skype
2010-03-18 10:09:33 ----D---- C:\Program Files\Common Files\xing shared
======List of files/folders modified in the last 1 months======
2010-04-16 17:18:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2010-04-16 16:38:03 ----D---- C:\WINDOWS\Prefetch
2010-04-16 16:37:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2010-04-16 16:36:26 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Spkerphone Modem with SmartSP.txt
2010-04-14 22:59:23 ----A---- C:\WINDOWS\system.ini
2010-04-14 22:23:42 ----D---- C:\Program Files\Google
2010-04-14 19:43:16 ----A---- C:\WINDOWS\system32\MRT.INI
2010-04-13 17:16:27 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-03 15:35:29 ----D---- C:\Program Files\Mozilla Firefox
2010-03-31 16:10:43 ----A---- C:\WINDOWS\cdplayer.ini
2010-03-31 15:40:38 ----D---- C:\WINDOWS\system32\cs-CZ
2010-03-25 10:16:05 ----D---- C:\Program Files\Avidemux 2.5
2010-03-24 10:57:18 ----RD---- C:\Program Files\Skype
2010-03-24 10:56:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-03-22 14:00:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Real
2010-03-22 14:00:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-03-18 10:11:10 ----D---- C:\Program Files\Common Files\Real
2010-03-18 10:10:54 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-03-18 10:10:17 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-03-18 10:10:17 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-03-18 10:09:43 ----D---- C:\Program Files\Real
2010-03-18 10:08:11 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-03-17 21:34:20 ----A---- C:\Program Files\highscores.txt
2010-03-17 21:34:20 ----A---- C:\Program Files\debug.txt
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-06-19 43008]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2009-10-07 54184]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-10-07 55256]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-05-15 21275]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-10-07 40824]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-10-07 73760]
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2007-10-29 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2007-10-29 55936]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-07-17 494080]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ASNDIS5;ASNDIS5 Protocol Driver; \??\C:\WINDOWS\ATK0100\ASNDIS5.SYS []
R3 AVerM115S;AVerM115S service; C:\WINDOWS\system32\DRIVERS\AVerM115S.sys [2006-08-03 856832]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2009-10-07 32072]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-08-23 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-08-23 201600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 ITECIR;ITE CIR Driver; C:\WINDOWS\system32\DRIVERS\ITECIR.sys [2004-04-22 7366]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2005-02-18 5632]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-04-27 3659968]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2008-04-13 163584]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-09-17 28672]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-09-14 50560]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-09-30 310016]
R3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 SynMini;USB2.0 1.3M Web Cam; C:\WINDOWS\System32\Drivers\SynMini.sys [2005-10-03 720470]
R3 SynScan;USB2.0 1.3M Web Cam Still Image; C:\WINDOWS\System32\Drivers\SynScan.sys [2005-10-03 8278]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-10-22 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-24 47104]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-08-23 718464]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 MPE;Filtr MPE BDA; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2007-10-29 5888]
S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2005-03-04 74496]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-02-02 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-12-14 37632]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-02-08 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-11-11 52864]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-01-31 39808]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2006-03-25 278613]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLCapSvc.exe [2006-02-15 254050]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLSched.exe [2006-02-15 114784]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe [2006-02-15 61440]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-10-07 472280]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-04-27 143427]
R2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-29 136176]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-10-07 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Rootkit.Kryptik v PC
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Rootkit.Kryptik v PC
14.4. jste prováděl sken ComboFix. Dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?