Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard.A

Zpráva

kulma · #16 Příspěvek od **kulma** » 05 kvě 2010 18:44

[2010.04.21 19:56:02 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\hpzinstall.log
[2010.04.21 19:53:29 | 000,165,437 | ---- | C] () -- C:\WINDOWS\hpwins05.dat
[2010.04.21 19:52:44 | 000,016,050 | ---- | C] () -- C:\WINDOWS\hpwscr05.dat
[2010.04.21 19:52:44 | 000,004,785 | ---- | C] () -- C:\WINDOWS\hpwmdl05.dat
[2010.04.21 19:44:50 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.04.21 19:36:33 | 000,001,690 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\AutoCAD 2010 - česky.lnk
[2010.04.21 15:24:02 | 000,013,588 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2010.04.21 15:02:32 | 000,000,684 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\QIP infium.lnk
[2010.04.21 15:02:16 | 000,002,521 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\Microsoft Office Outlook 2007.lnk
[2010.04.21 14:53:44 | 000,004,444 | ---- | C] () -- C:\WINDOWS\System32\pid.PNF
[2010.04.21 14:53:37 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2010.04.21 14:53:37 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2010.04.21 14:53:37 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2010.04.21 14:53:37 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2010.04.21 14:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28603.nls
[2010.04.21 14:53:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28603.nls
[2010.04.21 14:53:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_857.nls
[2010.04.21 14:53:26 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_857.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28599.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_28599.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10081.nls
[2010.04.21 14:53:26 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10081.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28595.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28595.NLS
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10017.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10017.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10007.nls
[2010.04.21 14:53:23 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10007.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_869.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_869.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_737.nls
[2010.04.21 14:53:21 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_737.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_875.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_875.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28597.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28597.NLS
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10006.nls
[2010.04.21 14:53:21 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10006.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_866.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_866.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_855.nls
[2010.04.21 14:53:20 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_855.nls
[2010.04.21 14:53:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28594.nls
[2010.04.21 14:53:20 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28594.NLS
[2010.04.21 14:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20127.nls
[2010.04.21 14:53:15 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_20127.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10082.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10082.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10029.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10029.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10010.nls
[2010.04.21 14:53:13 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10010.nls
[2010.04.21 14:53:08 | 000,001,592 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2010.04.21 14:52:54 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2010.04.21 14:52:54 | 000,105,628 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2010.04.21 14:52:54 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2010.04.21 14:52:54 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2010.04.21 14:52:54 | 000,008,599 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2010.04.21 14:52:54 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2010.04.21 14:52:53 | 002,033,597 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2010.04.21 14:52:53 | 001,246,067 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2010.04.21 14:52:53 | 000,809,394 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2010.04.21 14:52:53 | 000,631,112 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2010.04.21 14:52:53 | 000,399,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2010.04.21 14:52:53 | 000,037,509 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2010.04.21 14:52:53 | 000,033,765 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2010.04.21 14:52:53 | 000,016,825 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2010.04.21 14:52:53 | 000,013,497 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2010.04.21 14:52:53 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2010.04.21 14:52:53 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2010.04.21 14:52:20 | 000,275,760 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.04.21 14:51:27 | 000,000,223 | RHS- | C] () -- C:\boot.ini
[2010.04.21 14:51:24 | 000,000,266 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2010.04.21 14:13:27 | 000,002,273 | ---- | C] () -- C:\Documents and Settings\rhorsak\Plocha\Google Chrome.lnk
[2010.04.21 14:05:51 | 000,001,034 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138UA.job
[2010.04.21 14:05:50 | 000,000,982 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138Core.job
[2010.04.21 13:46:48 | 000,000,642 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\TC UP.lnk
[2010.04.21 13:37:18 | 000,000,470 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
[2010.04.21 13:36:15 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\fusioncache.dat
[2010.04.21 13:36:00 | 000,002,464 | ---- | C] () -- C:\WINDOWS\$_hpcst$.hpc
[2010.04.21 13:35:44 | 000,057,422 | ---- | C] () -- C:\WINDOWS\System32\mobileV.acm
[2010.04.21 13:35:43 | 000,002,510 | ---- | C] () -- C:\WINDOWS\Microsoft.MIF
[2010.04.21 13:35:15 | 000,053,248 | -H-- | C] () -- C:\Documents and Settings\rhorsak\ntuser.dat.LOG
[2010.04.21 13:35:15 | 000,000,178 | -HS- | C] () -- C:\Documents and Settings\rhorsak\ntuser.ini
[2010.04.21 13:35:14 | 007,864,320 | -H-- | C] () -- C:\Documents and Settings\rhorsak\NTUSER.DAT
[2010.04.21 13:35:14 | 000,007,281 | ---- | C] () -- C:\Documents and Settings\rhorsak\ASPNETSetup.log
[2010.04.21 13:35:07 | 000,009,438 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010.04.21 13:25:13 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2010.04.21 13:25:06 | 000,006,126 | R--- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2010.04.21 13:25:05 | 000,129,112 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2010.04.21 13:25:03 | 001,114,674 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.cpa
[2010.04.21 13:25:03 | 000,058,560 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativckxx.vp
[2010.04.21 13:25:03 | 000,029,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativvpxx.vp
[2010.04.21 13:25:03 | 000,000,929 | R--- | C] () -- C:\WINDOWS\System32\drivers\ativcaxx.vp
[2010.04.21 13:23:30 | 000,023,040 | R--- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2010.04.21 13:18:40 | 000,000,480 | -H-- | C] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job
[2010.04.21 13:11:55 | 000,003,632 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2010.04.21 13:10:57 | 000,012,675 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010.04.21 13:10:56 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2010.04.21 13:10:40 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2010.04.21 13:08:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2010.04.21 13:07:44 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010.04.21 13:07:35 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls
[2010.04.21 13:07:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls
[2010.04.21 13:07:13 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls
[2010.04.21 13:07:12 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2010.04.21 13:06:59 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2010.04.21 13:06:59 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls
[2010.04.21 13:06:54 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2010.04.21 13:06:53 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2010.04.21 13:06:51 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2010.04.21 13:06:47 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2010.04.21 13:06:44 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2010.04.21 13:06:41 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2010.04.21 13:06:34 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls
[2010.04.21 13:06:32 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2010.04.21 13:06:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls
[2010.04.21 13:06:31 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls
[2010.04.21 13:06:31 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls
[2010.04.21 13:06:31 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls
[2010.04.21 13:06:31 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls
[2010.04.21 13:06:30 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls
[2010.04.21 13:06:29 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls
[2010.04.21 13:06:29 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls
[2010.04.21 13:06:29 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls
[2010.04.21 13:06:29 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls
[2010.04.21 13:06:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls
[2010.04.21 13:06:29 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls
[2010.04.21 13:06:29 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls
[2010.04.21 13:06:29 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls
[2010.04.21 13:06:28 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls
[2010.04.21 13:06:28 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls
[2010.04.21 13:06:28 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls
[2010.04.21 13:06:28 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2010.04.21 13:06:28 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2010.04.21 13:06:27 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls
[2010.04.21 13:06:27 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls
[2010.04.21 13:05:34 | 000,896,104 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2010.04.21 13:04:00 | 000,002,504 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.04.21 13:04:00 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.04.21 13:04:00 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.04.21 13:04:00 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2010.04.21 13:04:00 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2010.04.21 13:03:53 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.04.21 13:03:53 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.04.21 13:03:51 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2010.04.21 13:03:02 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\WindowsLogon.manifest
[2010.04.21 13:03:02 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest
[2010.04.21 13:03:00 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\cdplayer.exe.manifest
[2010.04.21 13:02:37 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2010.04.21 13:02:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2010.04.21 13:02:19 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2010.04.21 13:02:12 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2010.04.21 13:01:31 | 000,378,880 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msinfo.dll
[2010.04.21 13:00:54 | 000,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
[2010.04.21 13:00:23 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2010.04.21 12:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2010.04.21 12:59:40 | 000,021,464 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2010.04.21 12:59:40 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2010.04.21 12:59:40 | 000,015,552 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2010.04.21 12:59:40 | 000,014,910 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2010.04.21 12:59:40 | 000,004,640 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.h
[2010.04.21 12:59:40 | 000,003,100 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.h
[2010.04.21 12:59:40 | 000,002,590 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.h
[2010.04.21 12:58:42 | 000,000,789 | ---- | C] () -- C:\WINDOWS\System32\winrmprov.mof
[2010.04.21 12:58:41 | 000,201,184 | ---- | C] () -- C:\WINDOWS\System32\winrm.vbs
[2010.04.21 12:58:41 | 000,002,426 | ---- | C] () -- C:\WINDOWS\System32\WsmTxt.xsl
[2010.04.21 12:58:41 | 000,001,559 | ---- | C] () -- C:\WINDOWS\System32\WsmPty.xsl
[2010.04.21 12:58:41 | 000,000,035 | ---- | C] () -- C:\WINDOWS\System32\winrm.cmd
[2010.04.21 12:58:00 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotec.bmp
[2010.04.21 12:57:59 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Prérijní vítr.bmp
[2010.04.21 12:57:59 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Omítka Santa Fe.bmp
[2010.04.21 12:57:59 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Řeka Sumida.bmp
[2010.04.21 12:57:59 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Zelený kámen.bmp
[2010.04.21 12:57:59 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rododendron.bmp
[2010.04.21 12:57:59 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Na rybách.bmp
[2010.04.21 12:57:59 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Zrnko kávy.bmp
[2010.04.21 12:57:59 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Textura peří.bmp
[2010.04.21 12:57:58 | 000,093,702 | ---- | C] () -- C:\WINDOWS\System32\subrange.uce
[2010.04.21 12:57:58 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Mýdlové bubliny.bmp
[2010.04.21 12:57:58 | 000,060,458 | ---- | C] () -- C:\WINDOWS\System32\ideograf.uce
[2010.04.21 12:57:58 | 000,016,740 | ---- | C] () -- C:\WINDOWS\System32\shiftjis.uce
[2010.04.21 12:57:58 | 000,012,876 | ---- | C] () -- C:\WINDOWS\System32\korean.uce
[2010.04.21 12:57:58 | 000,008,484 | ---- | C] () -- C:\WINDOWS\System32\kanji_2.uce
[2010.04.21 12:57:58 | 000,006,948 | ---- | C] () -- C:\WINDOWS\System32\kanji_1.uce
[2010.04.21 12:57:58 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Modrá krajka 16.bmp
[2010.04.21 12:57:57 | 000,024,006 | ---- | C] () -- C:\WINDOWS\System32\gb2312.uce
[2010.04.21 12:57:57 | 000,022,984 | ---- | C] () -- C:\WINDOWS\System32\bopomofo.uce
[2010.04.21 12:57:54 | 000,001,161 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2010.04.21 12:57:53 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2010.04.21 12:57:52 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2010.04.21 12:57:46 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc

========== LOP Check ==========

[2010.04.23 06:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
[2010.04.22 10:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Acronis
[2010.04.27 08:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ashampoo
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2010.04.22 08:41:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canon
[2010.04.29 16:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\DIALux
[2010.04.21 13:35:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ESET
[2010.04.23 15:36:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\FileOpen
[2010.04.21 13:09:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Radim Horsák\Data aplikací\Windows Desktop Search
[2010.04.23 06:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ACD Systems
[2010.04.22 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
[2010.04.22 09:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
[2010.04.27 10:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Artisteer
[2010.04.27 08:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Ashampoo
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
[2010.04.23 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
[2010.04.23 07:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HateML
[2010.04.21 13:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
[2010.04.22 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\TeamViewer
[2010.05.04 08:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Thinstall
[2010.04.21 19:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
[2010.05.05 12:31:12 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010.05.05 15:13:07 | 000,000,316 | -HS- | M] () -- C:\WINDOWS\Tasks\LKHLKOTX.job
[2010.05.05 13:39:50 | 000,000,470 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
[2010.05.05 19:24:02 | 000,000,480 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job
[2010.05.05 19:25:00 | 000,000,290 | -H-- | M] () -- C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job

========== Purity Check ==========

========== Custom Scans ==========

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Google Update" = "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c -- [2010.04.21 14:05:46 | 000,136,176 | ---- | M] (Google Inc.)
"Seznam Postak" = "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s -- [2010.03.01 14:15:28 | 000,451,224 | ---- | M] ()

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.04.23 06:36:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ACD Systems
[2010.04.22 10:42:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
[2010.04.28 08:17:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Adobe
[2010.04.23 15:37:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AdobeUM
[2010.04.22 09:47:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
[2010.04.27 10:52:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Artisteer
[2010.04.27 08:32:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Ashampoo
[2010.04.21 13:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\ATI
[2010.04.26 08:15:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
[2010.04.27 09:01:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\dvdcss
[2010.04.23 15:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
[2010.04.23 07:16:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HateML
[2010.04.21 13:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
[2010.04.22 07:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\HP
[2010.04.21 13:35:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Identities
[2010.04.21 13:51:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\InstallShield
[2010.04.21 14:13:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Macromedia
[2010.04.22 10:51:59 | 000,000,000 | --SD | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Microsoft
[2010.05.05 10:31:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Skype
[2010.04.22 09:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Sun
[2010.04.22 13:54:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\TeamViewer
[2010.05.04 08:14:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Thinstall
[2010.05.03 14:07:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\vlc
[2010.04.21 19:47:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
[2010.04.22 08:05:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\rhorsak\Data aplikací\WinRAR

< %APPDATA%\*.exe /s >

< MD5 for: AGP440.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

< MD5 for: ATAPI.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\atapi.sys

< MD5 for: CDROM.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:cdrom.sys
[2008.05.02 10:49:40 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2010.01.14 16:59:53 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=4B0A100EAF5C49EF3CCA8C641431EACC -- C:\WINDOWS\system32\drivers\cdrom.sys

< MD5 for: CRYPTSVC.DLL >
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\cryptsvc.dll
[2008.04.14 13:00:00 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=F3AB0933CBD166D271992F411C27CCAF -- C:\WINDOWS\system32\dllcache\cryptsvc.dll

< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2010.01.14 17:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\explorer.exe
[2010.01.14 17:00:04 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=8AB626E4E4B289646E11311E66FB0B88 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: HAL.DLL >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:hal.dll
[2010.01.14 17:00:11 | 000,134,528 | ---- | M] (Microsoft Corporation) MD5=E33DE9C65B3625BDD00C1313179DA5A5 -- C:\WINDOWS\system32\hal.dll

< MD5 for: CHANGER.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:Changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\system32\dllcache\changer.sys
[2008.04.13 23:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\system32\drivers\changer.sys

< MD5 for: ISAPNP.SYS >
[2010.01.14 17:14:14 | 017,817,320 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:isapnp.sys
[2008.04.14 13:00:00 | 000,037,248 | ---- | M] (Microsoft Corporation) MD5=CC9F8A2D60AED1A51A3AC34C59B987AE -- C:\WINDOWS\system32\drivers\isapnp.sys

< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe

< MD5 for: NDIS.SYS >
[2010.01.14 17:01:13 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\dllcache\ndis.sys
[2010.01.14 17:01:13 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=B5B1080D35974C0E718D64280761BCD5 -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2010.01.14 17:01:14 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2010.01.14 17:01:14 | 000,407,552 | ---- | M] (Microsoft Corporation) MD5=6A5A974D868AE2F9AC96DC14F221A5EF -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NVATA.SYS >
[2010.04.22 07:21:45 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll

< MD5 for: SMSS.EXE >
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe

< MD5 for: SVCHOST.EXE >
[2010.01.14 17:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2010.01.14 17:01:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=67E38B4A549833E02D4D1617B5DBC318 -- C:\WINDOWS\system32\svchost.exe

< MD5 for: TCPIP.SYS >
[2010.01.14 17:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2010.01.14 17:01:53 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=367DE8E5F638C091F49273144274F629 -- C:\WINDOWS\system32\drivers\tcpip.sys

< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.01.14 17:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2010.01.14 17:02:09 | 000,509,440 | ---- | M] (Microsoft Corporation) MD5=4212BABCC4408B052193DABAD9A691AB -- C:\WINDOWS\system32\winlogon.exe

< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\axaltocms.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >
[2010.05.05 15:13:07 | 000,000,316 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\LKHLKOTX.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\System32\config\*.sav >
[2010.04.21 14:51:26 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2010.04.21 14:51:26 | 001,093,632 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2010.04.21 14:51:26 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.dll /lockedfiles >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\axaltocms.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >
[2010.05.05 11:26:19 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\system32\drivers\SBREDrv.sys
[2 C:\WINDOWS\system32\drivers\*.tmp files -> C:\WINDOWS\system32\drivers\*.tmp -> ]

< %systemroot%\system32\*.* /3 >
[2010.05.05 09:06:14 | 000,115,200 | RHS- | M] () -- C:\WINDOWS\system32\axaltocms.dll
[2010.05.05 14:50:09 | 000,182,784 | ---- | M] () -- C:\WINDOWS\system32\regedit.exe
[2010.05.05 15:13:46 | 000,013,646 | ---- | M] () -- C:\WINDOWS\system32\wpa.dbl
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< End of report >

#17 Příspěvek od **Caroprd111** » 06 kvě 2010 13:01

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
PRC - [2010.05.05 14:50:09 | 000,182,784 | ---- | M] () -- C:\WINDOWS\system32\regedit.exe
SRV - File not found [On_Demand | Stopped] -- -- (ose)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [C6501Sound] File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe ()
O13 - gopher Prefix: missing
O4 - HKLM..\Run: [Regedit32] C:\WINDOWS\system32\regedit.exe ()
O20 - HKLM Winlogon: TaskMan - (C:\RECYCLER\S-1-5-21-2560505497-3135673451-148412697-0683\mgrls32.exe) - C:\RECYCLER\S-1-5-21-2560505497-3135673451-148412697-0683\mgrls32.exe ()
O20 - Winlogon\Notify\RailNotification: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
[2 C:\WINDOWS\System32\drivers\*.tmp files -> C:\WINDOWS\System32\drivers\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2010.05.05 19:25:00 | 000,000,290 | -H-- | M] () -- C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job
[2010.05.05 15:16:03 | 000,000,001 | ---- | M] () -- C:\Documents and Settings\rhorsak\oashdihasidhasuidhiasdhiashdiuasdhasd
[2010.05.05 15:13:07 | 000,000,316 | -HS- | M] () -- C:\WINDOWS\tasks\LKHLKOTX.job
O34 - HKLM BootExecute: (auto_reactivate C:\bootwiz\asrm.bin) - File not found

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[RESETHOSTS] 
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.

Obrázek

Tohle otestujte na http://www.virustotal.com/cs/
C:\WINDOWS\System32\drivers\mspqm.sys.bak
C:\WINDOWS\System32\axaltocms.dll

(Soubor nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

kulma · #18 Příspěvek od **kulma** » 06 kvě 2010 13:20

All processes killed
========== OTL ==========
No active process named regedit.exe was found!
Service ose stopped successfully!
Service ose deleted successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\C6501Sound deleted successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Acrobat Speed Launcher.lnk moved successfully.
C:\WINDOWS\Installer\{AC76BA86-1033-C740-7760-100000000002}\SC_Acrobat.exe moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Regedit32 not found.
File C:\WINDOWS\system32\regedit.exe not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\TaskMan not found.
File C:\RECYCLER\S-1-5-21-2560505497-3135673451-148412697-0683\mgrls32.exe not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RailNotification\ deleted successfully.
C:\WINDOWS\System32\drivers\OLD4E3.tmp deleted successfully.
C:\WINDOWS\System32\drivers\OLD4E6.tmp deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\NV34083412.TMP\nvtcp.sys deleted successfully.
C:\WINDOWS\NV34083412.TMP folder deleted successfully.
File C:\WINDOWS\tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job not found.
File C:\Documents and Settings\rhorsak\oashdihasidhasuidhiasdhiashdiuasdhasd not found.
File C:\WINDOWS\tasks\LKHLKOTX.job not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session manager\\BootExecute:auto_reactivate C:\bootwiz\asrm.bin deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Radim Horsák
->Temp folder emptied: 142852 bytes
->Temporary Internet Files folder emptied: 6406982 bytes

User: rhorsak
->Temp folder emptied: 554637757 bytes
->Temporary Internet Files folder emptied: 11486835 bytes
->Java cache emptied: 12118713 bytes
->Google Chrome cache emptied: 228113496 bytes
->Flash cache emptied: 1154 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33580274 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 807,00 mb

[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Radim Horsák

User: rhorsak
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

Restore points cleared and new OTL Restore Point set!
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error starting restore point: System Restore is disabled.
Error closing restore point: System Restore is disabled.

OTL by OldTimer - Version 3.2.4.1 log created on 05062010_141243

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

kulma · #19 Příspěvek od **kulma** » 06 kvě 2010 13:23

Nevím proč, ale tyhle soubory na disku nemám:
C:\WINDOWS\System32\drivers\mspqm.sys.bak
C:\WINDOWS\System32\axaltocms.dll

#20 Příspěvek od **Caroprd111** » 06 kvě 2010 13:25

Stáhněte a uložte na plochu SystemLook http://jpshortstuff.247fixes.com/SystemLook.exe

Spusťte, do okénka zkopírujte text z bílého okna.

Kód: Vybrat vše

:filefind
mspqm.sys.bak
axaltocms.dll

klikněte na Look, po dokončení skenu na Vás vyskočí log, zkopírujte ho sem.

kulma · #21 Příspěvek od **kulma** » 06 kvě 2010 13:29

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 14:28 on 06/05/2010 by rhorsak (Administrator - Elevation successful)

========== filefind ==========

Searching for "mspqm.sys.bak"
No files found.

Searching for "axaltocms.dll"
No files found.

-=End Of File=-

#22 Příspěvek od **Caroprd111** » 06 kvě 2010 13:43

Jak to vypadá s PC

kulma · #23 Příspěvek od **kulma** » 06 kvě 2010 13:46

Teďka jsem restartoval pc a vypadá to že to je čisté. Jak tyhle kouzla děláte? Super, už jsem měl strach že budu formátovat, jsem tu podruhé na tomto fóru a vždycky úspěch, mockrát děkuji!!!!

#24 Příspěvek od **Caroprd111** » 06 kvě 2010 13:47

Kouzla to nejsou.

Poprosím o nový log z RSIT.

kulma · #25 Příspěvek od **kulma** » 06 kvě 2010 13:51

Logfile of random's system information tool 1.07 (written by random/random)
Run by rhorsak at 2010-05-06 14:50:25
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 87 GB (87%) free of 100 GB
Total RAM: 2046 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:50:33, on 6.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Canon\DIAS\CnxDIAS.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\TC UP\totalcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\QIP Infium\infium.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\rhorsak\Plocha\RSIT.exe
C:\Program Files\trend micro\rhorsak.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Služba Plánovač2] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Vytvořit mobilní oblíbenou položku - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\Software\..\Telephony: DomainName = ehv-projekt.cz
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = ehv-projekt.cz
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Acronis Služba Plánovač2 (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 10069 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1651790719-4201147004-1817147730-1138UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{2B4E2C57-8533-46BC-BE6D-BD765062400A}.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{6CD4EB02-F798-4B09-9389-69E4B92B2FA7}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2005-09-24 231160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-22 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2005-09-24 231160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICCC"=C:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-12-10 49152]
"Acrobat Assistant 7.0"=C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [2005-09-24 483328]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2009-12-14 4377960]
"AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2009-12-14 962272]
"Acronis Služba Plánovač2"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2009-12-14 377600]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-04-21 136176]
"Seznam Postak"=C:\Documents and Settings\rhorsak\Local Settings\Data aplikací\Seznam.cz\postak.exe [2010-03-01 451224]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-06-07 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2010-01-14 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2010-01-14 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2010-01-14 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoWelcomeScreen"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\HPZnui01.exe"="C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\HPZnui01.exe:*:Enabled:hpznui01.exe"
"C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\hponicifs01.exe"="C:\Documents and Settings\rhorsak\Local Settings\Temp\7zS7C9.tmp\setup\hponicifs01.exe:*:Enabled:hponicifs01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"="C:\Program Files\Canon\DIAS\CnxDIAS.exe:*:Enabled:Canon Driver Information Assist Service"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 months======

2010-05-06 14:49:12 ----D---- C:\Program Files\trend micro
2010-05-06 14:49:11 ----D---- C:\rsit
2010-05-06 14:12:43 ----D---- C:\_OTL
2010-05-06 09:57:44 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\AdobeUM
2010-05-06 09:57:13 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\FileOpen
2010-05-06 09:57:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\FileOpen
2010-05-06 09:57:10 ----A---- C:\WINDOWS\Tempfocomplete.txt
2010-05-06 09:57:08 ----D---- C:\Program Files\FileOpen
2010-05-06 09:42:45 ----D---- C:\Program Files\ViewCompanion Premium
2010-04-22 11:04:28 ----D---- C:\Program Files\Acronis
2010-04-22 10:42:49 ----A---- C:\WINDOWS\system32\auto_reactivate.exe
2010-04-22 10:42:09 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Acronis
2010-04-22 09:57:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2010-04-22 09:48:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-22 09:47:05 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\vlc
2010-04-22 09:46:37 ----D---- C:\Program Files\VideoLAN
2010-04-22 09:36:50 ----D---- C:\Program Files\Common Files\Adobe
2010-04-22 09:35:53 ----D---- C:\Program Files\Adobe
2010-04-22 09:23:39 ----D---- C:\WINDOWS\system32\appmgmt
2010-04-22 09:16:13 ----D---- C:\Program Files\JDownloader
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\javaws.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\javaw.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\java.exe
2010-04-22 09:16:08 ----A---- C:\WINDOWS\system32\deploytk.dll
2010-04-22 09:15:53 ----D---- C:\Program Files\Java
2010-04-22 09:13:53 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Sun
2010-04-22 09:07:04 ----D---- C:\Program Files\Common Files\Acronis
2010-04-22 08:41:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Canon
2010-04-22 08:40:54 ----A---- C:\WINDOWS\system32\AUCPLMNT.DLL
2010-04-22 08:38:34 ----D---- C:\Program Files\Canon
2010-04-22 08:29:03 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\AIMP
2010-04-22 08:28:20 ----D---- C:\Program Files\AIMP2
2010-04-22 08:14:22 ----A---- C:\WINDOWS\Cmi6501Uninstall.exe
2010-04-22 08:14:20 ----A---- C:\WINDOWS\C6501.ini
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501rm.exe
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501rm.dll
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501p.dll
2010-04-22 08:14:19 ----A---- C:\WINDOWS\system32\c6501a3d.dll
2010-04-22 08:14:17 ----D---- C:\Program Files\C-Media 6501 Sound
2010-04-22 08:05:32 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\WinRAR
2010-04-22 08:05:20 ----D---- C:\Program Files\WinRAR
2010-04-22 07:41:05 ----A---- C:\WINDOWS\hpqEmlSz.INI
2010-04-22 07:24:24 ----N---- C:\WINDOWS\system32\nvuide.exe
2010-04-22 07:24:04 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-04-22 07:23:01 ----A---- C:\WINDOWS\AS_Debug.txt
2010-04-22 07:16:36 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Skype
2010-04-22 07:16:31 ----RD---- C:\Program Files\Skype
2010-04-22 07:16:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2010-04-21 20:14:27 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\HP
2010-04-21 20:13:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\HPSSUPPLY
2010-04-21 20:12:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\HP
2010-04-21 20:11:43 ----D---- C:\Program Files\Common Files\HP
2010-04-21 20:11:32 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2010-04-21 20:11:31 ----D---- C:\Program Files\Hewlett-Packard
2010-04-21 20:10:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2010-04-21 20:09:58 ----A---- C:\WINDOWS\system32\hpz3l58a.dll
2010-04-21 20:08:28 ----A---- C:\WINDOWS\system32\hpzids01.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpwwiax2.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpwtiop2.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hppldcoi.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\hpovst11.dll
2010-04-21 20:08:26 ----A---- C:\WINDOWS\system32\difxapi.dll
2010-04-21 20:08:21 ----D---- C:\WINDOWS\carrier
2010-04-21 20:08:13 ----D---- C:\Program Files\HP
2010-04-21 20:07:35 ----HD---- C:\Config.Msi
2010-04-21 19:53:07 ----A---- C:\WINDOWS\hpzshl01.exe
2010-04-21 19:53:03 ----A---- C:\WINDOWS\hpzmsi01.exe
2010-04-21 19:50:11 ----D---- C:\Pošta
2010-04-21 19:45:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-04-21 19:37:18 ----D---- C:\Program Files\Common Files\Macrovision Shared
2010-04-21 19:35:20 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-04-21 19:35:20 ----D---- C:\Program Files\AutoCAD 2010
2010-04-21 19:35:20 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Autodesk
2010-04-21 19:35:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-04-21 19:33:39 ----D---- C:\WINDOWS\Logs
2010-04-21 15:24:02 ----A---- C:\WINDOWS\system32\wpa.bak
2010-04-21 15:23:56 ----A---- C:\WINDOWS\system32\pidgen.dll.wga
2010-04-21 15:23:56 ----A---- C:\WINDOWS\system32\dpcdll.dll.wga
2010-04-21 14:56:30 ----A---- C:\WINDOWS\system32\h323log.txt
2010-04-21 14:55:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-04-21 14:55:02 ----D---- C:\Program Files\QIP Infium
2010-04-21 14:54:27 ----A---- C:\WINDOWS\system32\usbui.dll
2010-04-21 14:53:42 ----A---- C:\WINDOWS\imsins.BAK
2010-04-21 14:53:40 ----SHD---- C:\WINDOWS\Installer
2010-04-21 14:53:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-21 14:53:39 ----D---- C:\Program Files\Common Files\ODBC
2010-04-21 14:53:39 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-21 14:53:36 ----RD---- C:\Program Files
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-21 14:53:36 ----D---- C:\Program Files\Common Files
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-04-21 14:53:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-04-21 14:53:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-04-21 14:53:23 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-04-21 14:53:23 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-04-21 14:53:22 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-04-21 14:53:21 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-04-21 14:53:21 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-04-21 14:53:20 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-04-21 14:53:14 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-04-21 14:53:13 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-04-21 14:53:11 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-04-21 14:53:08 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-04-21 14:53:08 ----A---- C:\WINDOWS\system32\batt.dll
2010-04-21 14:53:07 ----A---- C:\WINDOWS\system32\storprop.dll
2010-04-21 14:53:07 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-04-21 14:53:01 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-04-21 14:52:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-21 14:52:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-21 14:52:38 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-21 14:52:23 ----A---- C:\WINDOWS\setuplog.txt
2010-04-21 14:52:21 ----D---- C:\Documents and Settings
2010-04-21 14:52:20 ----SHD---- C:\System Volume Information
2010-04-21 14:51:34 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-04-21 14:51:27 ----RSH---- C:\boot.ini
2010-04-21 14:48:59 ----SD---- C:\WINDOWS\Offline Web Pages
2010-04-21 14:48:59 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-21 14:48:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-21 14:48:59 ----RSD---- C:\WINDOWS\Fonts
2010-04-21 14:48:59 ----RD---- C:\WINDOWS\Web
2010-04-21 14:48:59 ----HD---- C:\WINDOWS\inf
2010-04-21 14:48:59 ----D---- C:\WINDOWS\WinSxS
2010-04-21 14:48:59 ----D---- C:\WINDOWS\WBEM
2010-04-21 14:48:59 ----D---- C:\WINDOWS\twain_32
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Temp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\wins
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\wbem
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\usmt
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\spool
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ShellExt
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\Setup
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ras
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\oobe
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\npp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\mui
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\IME
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\icsxml
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\ias
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\export
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\drivers
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\dhcp
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\cs
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\config
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\3com_dmi
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\3076
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\2052
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1054
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1042
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1041
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1037
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1033
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1031
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1029
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1028
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32\1025
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system32
2010-04-21 14:48:59 ----D---- C:\WINDOWS\system
2010-04-21 14:48:59 ----D---- C:\WINDOWS\security
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Resources
2010-04-21 14:48:59 ----D---- C:\WINDOWS\repair
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Provisioning
2010-04-21 14:48:59 ----D---- C:\WINDOWS\pchealth
2010-04-21 14:48:59 ----D---- C:\WINDOWS\PeerNet
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Network Diagnostic
2010-04-21 14:48:59 ----D---- C:\WINDOWS\mui
2010-04-21 14:48:59 ----D---- C:\WINDOWS\msapps
2010-04-21 14:48:59 ----D---- C:\WINDOWS\msagent
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Media
2010-04-21 14:48:59 ----D---- C:\WINDOWS\L2Schemas
2010-04-21 14:48:59 ----D---- C:\WINDOWS\java
2010-04-21 14:48:59 ----D---- C:\WINDOWS\ime
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Help
2010-04-21 14:48:59 ----D---- C:\WINDOWS\ehome
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Driver Cache
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Debug
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Cursors
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Connection Wizard
2010-04-21 14:48:59 ----D---- C:\WINDOWS\Config
2010-04-21 14:48:59 ----D---- C:\WINDOWS\AppPatch
2010-04-21 14:48:59 ----D---- C:\WINDOWS\addins
2010-04-21 14:48:59 ----D---- C:\WINDOWS
2010-04-21 14:16:41 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-04-21 14:15:58 ----D---- C:\Program Files\Microsoft Works
2010-04-21 14:15:43 ----D---- C:\Program Files\Microsoft Visual Studio
2010-04-21 14:15:43 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-21 14:15:26 ----D---- C:\Program Files\Microsoft.NET
2010-04-21 14:13:48 ----D---- C:\WINDOWS\SHELLNEW
2010-04-21 14:13:38 ----D---- C:\Program Files\Microsoft Office
2010-04-21 14:13:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-21 14:13:36 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Macromedia
2010-04-21 14:13:25 ----RHD---- C:\MSOCache
2010-04-21 14:02:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-21 14:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-21 14:02:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-21 14:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-21 14:01:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-21 14:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-21 14:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-04-21 14:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-21 14:01:14 ----D---- C:\WINDOWS\ie8updates
2010-04-21 14:01:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-21 14:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-21 14:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-21 14:00:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-04-21 14:00:50 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-21 14:00:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-21 14:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-21 14:00:38 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-21 13:51:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-04-21 13:51:30 ----D---- C:\Program Files\AMD
2010-04-21 13:51:19 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\InstallShield
2010-04-21 13:47:29 ----SHD---- C:\RECYCLER
2010-04-21 13:45:55 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\HEXelon
2010-04-21 13:45:23 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-21 13:45:14 ----D---- C:\Program Files\TC UP
2010-04-21 13:37:32 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Adobe
2010-04-21 13:36:19 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\ATI
2010-04-21 13:36:17 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Windows Desktop Search
2010-04-21 13:35:44 ----D---- C:\Program Files\Microsoft ActiveSync
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\rapi.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\ppcload.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\pmailext.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\MsgStRPC.dll
2010-04-21 13:35:44 ----A---- C:\WINDOWS\system32\ceutil.dll
2010-04-21 13:35:43 ----A---- C:\WINDOWS\IsUn0405.exe
2010-04-21 13:35:39 ----D---- C:\Program Files\ESET
2010-04-21 13:35:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-04-21 13:35:21 ----D---- C:\Documents and Settings\rhorsak\Data aplikací\Identities
2010-04-21 13:35:19 ----D---- C:\Program Files\Microsoft Windows Small Business Server
2010-04-21 13:35:14 ----SD---- C:\Documents and Settings\rhorsak\Data aplikací\Microsoft
2010-04-21 13:35:14 ----ASH---- C:\Documents and Settings\rhorsak\Data aplikací\desktop.ini
2010-04-21 13:35:07 ----D---- C:\WINDOWS\SchCache
2010-04-21 13:35:01 ----SHD---- C:\WINDOWS\CSC
2010-04-21 13:27:44 ----D---- C:\Program Files\Common Files\ATI Technologies
2010-04-21 13:25:13 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2010-04-21 13:25:08 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2010-04-21 13:24:45 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-21 13:20:33 ----D---- C:\Program Files\ATI
2010-04-21 13:20:20 ----D---- C:\Program Files\ATI Technologies
2010-04-21 13:13:26 ----RA---- C:\WINDOWS\system32\a3d.dll
2010-04-21 13:13:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-21 13:11:57 ----N---- C:\WINDOWS\system32\fdco1.dll
2010-04-21 13:11:57 ----A---- C:\WINDOWS\system32\fdco1ins.dll
2010-04-21 13:11:55 ----N---- C:\WINDOWS\system32\nvconrm.dll
2010-04-21 13:11:55 ----N---- C:\WINDOWS\system32\bdco1.dll
2010-04-21 13:11:55 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-04-21 13:11:55 ----A---- C:\WINDOWS\system32\bdco1ins.dll
2010-04-21 13:11:41 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-04-21 13:11:32 ----D---- C:\Program Files\Common Files\InstallShield
2010-04-21 13:10:57 ----A---- C:\WINDOWS\Ascd_tmp.ini
2010-04-21 13:09:36 ----HD---- C:\Program Files\Uninstall Information
2010-04-21 13:08:49 ----SD---- C:\WINDOWS\system32\Microsoft
2010-04-21 13:08:49 ----D---- C:\WINDOWS\Prefetch
2010-04-21 13:08:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-21 13:06:12 ----D---- C:\WINDOWS\system32\xircom
2010-04-21 13:06:12 ----D---- C:\Program Files\xerox
2010-04-21 13:06:12 ----D---- C:\Program Files\microsoft frontpage
2010-04-21 13:05:40 ----N---- C:\WINDOWS\system32\spmsg2.dll
2010-04-21 13:05:39 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2010-04-21 13:05:21 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-21 13:05:21 ----D---- C:\WINDOWS\system32\en-US
2010-04-21 13:05:21 ----D---- C:\Program Files\MSBuild
2010-04-21 13:05:17 ----D---- C:\Program Files\Reference Assemblies
2010-04-21 13:05:12 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-21 13:05:10 ----A---- C:\WINDOWS\system32\rgb9rast_2.dll
2010-04-21 13:04:00 ----A---- C:\WINDOWS\control.ini
2010-04-21 13:04:00 ----A---- C:\AUTOEXEC.BAT
2010-04-21 13:03:40 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-21 13:03:36 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-04-21 13:03:02 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-21 13:03:00 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-21 13:02:55 ----HD---- C:\Program Files\WindowsUpdate
2010-04-21 13:02:52 ----D---- C:\Program Files\Online Services
2010-04-21 13:02:43 ----D---- C:\Program Files\Windows Media Connect 2
2010-04-21 13:02:29 ----D---- C:\WINDOWS\system32\DirectX
2010-04-21 13:02:21 ----A---- C:\WINDOWS\system32\atrace.dll
2010-04-21 13:02:19 ----A---- C:\WINDOWS\system32\desktop.ini
2010-04-21 13:02:19 ----A---- C:\WINDOWS\desktop.ini
2010-04-21 13:02:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-04-21 13:02:10 ----D---- C:\Program Files\Common Files\Services
2010-04-21 13:02:10 ----A---- C:\WINDOWS\system32\acctres.dll
2010-04-21 13:02:07 ----SD---- C:\WINDOWS\Tasks
2010-04-21 13:02:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-04-21 13:02:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-04-21 13:01:59 ----D---- C:\WINDOWS\srchasst
2010-04-21 13:01:58 ----D---- C:\WINDOWS\system32\Macromed
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wups.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-04-21 13:01:55 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-04-21 13:01:54 ----D---- C:\WINDOWS\system32\bits
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-04-21 13:01:54 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-04-21 13:01:51 ----D---- C:\Program Files\Movie Maker
2010-04-21 13:01:33 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-04-21 13:01:32 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-04-21 13:01:29 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-04-21 13:01:29 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-04-21 13:01:28 ----D---- C:\WINDOWS\system32\Restore
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\srclient.dll
2010-04-21 13:01:28 ----A---- C:\WINDOWS\system32\ils.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\msconf.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-04-21 13:01:27 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-04-21 13:01:24 ----D---- C:\Program Files\NetMeeting
2010-04-21 13:01:24 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-04-21 13:01:24 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-04-21 13:01:23 ----A---- C:\WINDOWS\system32\inetres.dll
2010-04-21 13:01:23 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-04-21 13:01:21 ----D---- C:\Program Files\Outlook Express
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-04-21 13:01:21 ----A---- C:\WINDOWS\system32\mstask.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\isign32.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-04-21 13:01:20 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-04-21 13:01:15 ----D---- C:\Program Files\Common Files\System
2010-04-21 13:00:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-04-21 13:00:25 ----RSD---- C:\WINDOWS\assembly
2010-04-21 13:00:17 ----D---- C:\Program Files\ComPlus Applications
2010-04-21 13:00:16 ----A---- C:\WINDOWS\vbaddin.ini
2010-04-21 13:00:16 ----A---- C:\WINDOWS\vb.ini
2010-04-21 13:00:12 ----D---- C:\WINDOWS\Registration
2010-04-21 13:00:07 ----D---- C:\Program Files\Windows Media Player
2010-04-21 13:00:02 ----A---- C:\WINDOWS\system32\xpsshhdr.dll
2010-04-21 13:00:02 ----A---- C:\WINDOWS\system32\prntvpt.dll
2010-04-21 13:00:01 ----A---- C:\WINDOWS\system32\xpssvcs.dll
2010-04-21 12:59:54 ----D---- C:\WINDOWS\BitLockerDiscoveryVolumeContents
2010-04-21 12:59:53 ----D---- C:\WINDOWS\system32\DRM
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\winUsbCoinstaller.dll
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WgaTray.exe
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WgaLogon.dll
2010-04-21 12:59:51 ----A---- C:\WINDOWS\system32\WdfCoInstaller01007.dll
2010-04-21 12:59:50 ----A---- C:\WINDOWS\system32\WUDFUpdate_01007.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncNE.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncDMS.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\UncCplExt.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2010-04-21 12:59:49 ----A---- C:\WINDOWS\system32\imapi2.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\UncRes.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\UncPH.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\oephRes.dll
2010-04-21 12:59:48 ----A---- C:\WINDOWS\system32\oeph.dll
2010-04-21 12:59:43 ----D---- C:\Program Files\Windows Desktop Search
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\tquery.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\srchadmin.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\propsys.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssrch.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssphtb.dll.mui
2010-04-21 12:59:42 ----A---- C:\WINDOWS\system32\mssph.dll.mui
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\xmlfilter.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\srchadmin.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\searchindexer.exe.mui
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\rtffilt.dll
2010-04-21 12:59:41 ----A---- C:\WINDOWS\system32\propsys.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\msshsq.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\msshooks.dll
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\idxcntrs.ini
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\gthrctr.ini
2010-04-21 12:59:40 ----A---- C:\WINDOWS\system32\gsrvctr.ini
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\tquery.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\propdefs.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\msstrc.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\mssrch.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\mssprxy.dll
2010-04-21 12:59:39 ----A---- C:\WINDOWS\system32\msscb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchprotocolhost.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchindexer.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\searchfilterhost.exe
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssphtb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssph.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\mssitlb.dll
2010-04-21 12:59:38 ----A---- C:\WINDOWS\system32\msscntrs.dll
2010-04-21 12:59:37 ----A---- C:\WINDOWS\system32\msxml4r.dll
2010-04-21 12:59:37 ----A---- C:\WINDOWS\system32\msxml4.dll
2010-04-21 12:59:36 ----D---- C:\Program Files\MSXML 4.0

kulma · #26 Příspěvek od **kulma** » 06 kvě 2010 13:51

2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-04-21 12:59:29 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-21 12:59:28 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-21 12:59:27 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-21 12:59:26 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-04-21 12:59:25 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-21 12:59:24 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-21 12:59:23 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-21 12:59:23 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-21 12:59:22 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-21 12:59:22 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-21 12:59:21 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-21 12:59:21 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-21 12:59:20 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-04-21 12:59:20 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-04-21 12:59:19 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-04-21 12:59:18 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-04-21 12:59:17 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-04-21 12:59:17 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-21 12:59:16 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-04-21 12:59:15 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-04-21 12:59:13 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-21 12:59:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-21 12:59:12 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-21 12:59:12 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-21 12:59:11 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-04-21 12:59:10 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-04-21 12:59:01 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-21 12:59:01 ----D---- C:\Program Files\Microsoft Silverlight
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\muweb.dll
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\mucltui.dll
2010-04-21 12:59:01 ----A---- C:\WINDOWS\system32\MicrosoftUpdateCatalogWebControl.dll
2010-04-21 12:59:00 ----D---- C:\WINDOWS\system32\PreInstall
2010-04-21 12:58:57 ----A---- C:\WINDOWS\system32\pwrshplugin.dll
2010-04-21 12:58:44 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-04-21 12:58:43 ----D---- C:\WINDOWS\system32\winrm
2010-04-21 12:58:43 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-04-21 12:58:43 ----A---- C:\WINDOWS\system32\wevtfwd.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmprovhost.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmplpxy.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\wsmanhttpconfig.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrssrv.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrsmgr.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrshost.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrscmd.dll
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrs.exe
2010-04-21 12:58:42 ----A---- C:\WINDOWS\system32\winrmprov.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmWmiPl.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmRes.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\WsmAuto.dll
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\winrm.vbs
2010-04-21 12:58:41 ----A---- C:\WINDOWS\system32\winrm.cmd
2010-04-21 12:58:33 ----A---- C:\WINDOWS\system32\netfxperf.dll
2010-04-21 12:58:31 ----D---- C:\Program Files\Internet Explorer
2010-04-21 12:58:23 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-21 12:58:20 ----D---- C:\Program Files\Messenger
2010-04-21 12:58:16 ----D---- C:\Program Files\MSN Gaming Zone
2010-04-21 12:58:16 ----A---- C:\WINDOWS\system32\write.exe
2010-04-21 12:58:06 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-04-21 12:58:06 ----A---- C:\WINDOWS\system32\hticons.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\winchat.exe
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avwav.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-04-21 12:58:05 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-04-21 12:57:58 ----A---- C:\WINDOWS\system32\getuname.dll
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\sol.exe
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\charmap.exe
2010-04-21 12:57:57 ----A---- C:\WINDOWS\system32\calc.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\winmine.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-04-21 12:57:56 ----A---- C:\WINDOWS\system32\freecell.exe
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\winlogonnotification.dll
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\tspubwmi.dll
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\rdpshell.exe
2010-04-21 12:57:55 ----A---- C:\WINDOWS\system32\rdpinit.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\wksprtps.dll
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\wksprt.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\tswbprxy.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\reset.exe
2010-04-21 12:57:54 ----A---- C:\WINDOWS\system32\MsRdpWebAccess.dll
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tskill.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\tscon.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\shadow.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\regini.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\msg.exe
2010-04-21 12:57:53 ----A---- C:\WINDOWS\system32\logoff.exe
2010-04-21 12:57:52 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-04-21 12:57:52 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-04-21 12:57:46 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-04-21 12:57:45 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-04-21 12:57:44 ----D---- C:\Program Files\Windows NT
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\spider.exe
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-04-21 12:57:44 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-04-21 12:57:43 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-04-21 12:57:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-04-21 12:57:42 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-04-21 12:57:41 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-04-21 12:57:40 ----D---- C:\WINDOWS\system32\MsDtc
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-04-21 12:57:40 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-04-21 12:57:39 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-04-21 12:57:38 ----D---- C:\WINDOWS\system32\Com
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-04-21 12:57:38 ----A---- C:\WINDOWS\system32\colbact.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\stclient.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-04-21 12:57:37 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comuid.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-04-21 12:57:36 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-04-21 12:57:30 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-04-21 12:57:29 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-04-22 07:21:45 ----A---- C:\WINDOWS\system32\NVCOI.DLL
2010-04-22 07:21:44 ----A---- C:\WINDOWS\system32\idecoins.dll
2010-04-22 07:21:44 ----A---- C:\WINDOWS\system32\idecoi.dll
2010-04-21 20:14:04 ----A---- C:\WINDOWS\win.ini
2010-04-21 14:53:35 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 VD_FileDisk;VD_FileDisk; C:\WINDOWS\system32\drivers\VD_FileDisk.sys [2006-01-13 15872]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R2 rspndr;Odpovídající zařízení zjišťování topologie linkové vrstvy; C:\WINDOWS\system32\DRIVERS\rspndr.sys [2010-01-14 62848]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2010-01-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-06-07 1580544]
R3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\WINDOWS\system32\drivers\c6501.sys [2007-01-25 1305600]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2010-01-14 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2010-01-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-04-22 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-04-22 13056]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2008-05-30 7296]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2010-01-14 32384]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2010-01-14 30464]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2010-01-14 17152]
S1 DumpDrv;Crash Dump Driver; C:\WINDOWS\system32\drivers\DumpDrv.sys [2010-01-14 9472]
S3 cm102u32;C-Media CM6501 Like Sound Interface; C:\WINDOWS\system32\drivers\c6501.sys [2007-01-25 1305600]
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2010-01-14 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2010-01-14 82944]
S4 exFat;exFat; C:\WINDOWS\system32\drivers\exFat.sys [2010-01-14 133632]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Služba Plánovač2; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2009-12-14 619296]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-06-07 409600]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2008-07-29 3405672]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 HPSLPSVC;HP Network Devices Support; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-22 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2010-01-14 14848]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2010-01-14 14848]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2010-01-14 439808]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2006-06-07 520192]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-04-21 651720]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2010-01-14 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2010-01-14 14848]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#27 Příspěvek od **Caroprd111** » 06 kvě 2010 19:38

Stáhněte TFC http://oldtimer.geekstogo.com/TFC.exe

Spusťte.
Klikněte na "Start". Potvrďte hlášku kliknutím na "Ok" (Bude následovat restart)

Stáhněte OTC http://oldtimer.geekstogo.com/OTC.exe

Spusťte.
Klikněte na "CleanUp!". Potvrďte hlášky kliknutím na "Yes" (Bude následovat restart)

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478

Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

V logu nevidím firewall, doinstalujte

Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

kulma · #28 Příspěvek od **kulma** » 07 kvě 2010 07:01

2x restart, pročištěnbo ccleanerem. Firewall mám akorát windowsácký (takže to je skoro žádný) Máme v práci linuxový pc (firewall) za ním je WServer2003 a teprve počétače. Nainstaluji si Comodo ten se mě zdá docela fajn.

#29 Příspěvek od **Caroprd111** » 07 kvě 2010 12:50

kulma · #30 Příspěvek od **kulma** » 07 kvě 2010 13:22

Je to vše? Myslím že to ok, jestli je to vše tak moc děkuji a určitě doporučím ostatním příjemnou zkušenost s tímto fórem. (Nemusí všichni všechno řešit formátem

)

VIRY.CZ

Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard.A

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard

Re: Zavirované PC Rootkit.Kryptik.BB, Injector.BNJ a Otlard