nenabiha W2000 - restart

[dape]

tak zde je MBAM po provedeni zmen :
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databßze: 4052

Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000

7.5.2010 13:38:23
mbam-log-2010-05-07 (13-38-23).txt

Typ skenu: Rychlř sken
SkenovanÚ objekty: 157494
Uplynulř Ŕas: 13 minuta(y), 13 sekunda(y)

InfikovanÚ procesy v pamýti: 0
InfikovanÚ moduly v pamýti: 0
InfikovanÚ klÝŔe registru: 5
InfikovanÚ hodnoty registru: 0
InfikovanÚ datovÚ polo×ky registru: 3
InfikovanÚ slo×ky: 0
InfikovanÚ soubory: 260

InfikovanÚ procesy v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ moduly v pamýti:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ klÝŔe registru:
HKEY_CLASSES_ROOT\Interface\{00ada225-ea6c-4fb3-82e8-68189201ccb9} (Adware.Winad) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\egcomlib.egcomlibrary.1 (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject (Adware.EGDAccess) -> No action taken.
HKEY_CLASSES_ROOT\navihelper.navihelperobject.1 (Adware.EGDAccess) -> No action taken.

InfikovanÚ hodnoty registru:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ datovÚ polo×ky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

InfikovanÚ slo×ky:
(ÄßdnÚ ÜkodlivÚ polo×ky nebyly zjiÜtýny)

InfikovanÚ soubory:
C:\WINNT\Temp\DWH108C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12E5.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH12ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH13F7.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1448.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH15AC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1645.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1650.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1733.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1765.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1803.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1847.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1AA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH1B54.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1E23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH1F86.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH1F90.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2075.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH21BE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2405.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2491.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH24C8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH2871.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A0F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2A4A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH2AB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2C61.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2E52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2EB3.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH2F82.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH30D2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH31CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH31D0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH33AC.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH347F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH34CA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH34F9.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH35AE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH35E1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH35EE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3656.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3811.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH398B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3A34.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3C55.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH3CEB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH3E62.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH3EAD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4037.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH413.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH41ED.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4290.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4322.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH432F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH43A2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH43A7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4557.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4567.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4572.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH46E6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4842.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH48F9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH493C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4969.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4AFC.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4B5F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4C91.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH4D47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4D9F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EDD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH4EF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH4F56.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH50DB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH51D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH524F.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH52C9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5323.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH539C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5402.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5472.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5550.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5580.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH55A0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH55B6.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH56BD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5784.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5892.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5899.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5977.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5A47.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C1C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH5C6F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5D1D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH5F5D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH5F92.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6139.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH62C4.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH62E.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH62E2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6309.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6377.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH63F1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH656E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6683.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH66AB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6705.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6762.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6880.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6912.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH6A6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6A93.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6AA7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6CC0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D6E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6D7D.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH6EB1.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH6EB4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH6F32.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH70C7.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH71D6.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWH732A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7486.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH75D3.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7702.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7715.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH779E.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7800.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7AD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7B66.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7BBA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7BFD.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7C23.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7D99.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH7E07.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH7FE5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH7FEF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH807C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH808.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH822D.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8261.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH82C9.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8347.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH856A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH859E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH88FE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH89C0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8A01.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH8AC9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH8BC2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D4A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8D52.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8DE4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8F7C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH8FF8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH913A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9161.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH920B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9489.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH98A7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH99E8.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH99FA.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9A3A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWH9D3B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9DF2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9E16.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EAF.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWH9EFD.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWH9FE6.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0E0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA0F5.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA1CC.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA20A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA218.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA37B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA44D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA4F4.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHA654.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHA81.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHA8A0.tmp (Spyware.OnlineGames) -> No action taken.
C:\WINNT\Temp\DWHAAF2.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAB9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHABA5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHAC8B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHAE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB08.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB117.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB223.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB310.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB4BB.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHB56C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB6B7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB7A9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB7B9.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHB85F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHB9BD.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHBAA2.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBE9B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBE9E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHBF2C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHBFA1.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC088.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC0F0.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC2C0.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC4C5.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC71A.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHC734.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHC7BB.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHC889.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCA43.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD45.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHCD5A.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHCF50.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD43B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHD543.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD636.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHD807.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD83D.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHD97B.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDAA7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDB0C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDC4C.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHDD4.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHDFF7.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE038.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE03B.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE136.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE442.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE4E8.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE50C.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE513.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHE568.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE74A.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE839.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHE98C.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE993.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHE99F.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE17.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHEE7D.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHEEBE.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF0EA.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF11.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF330.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF451.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF524.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF582.tmp (Malware.Packer.Gen) -> No action taken.
C:\WINNT\Temp\DWHF70E.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF747.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF771.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHF91F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHF94B.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFA30.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFA9F.tmp (Trojan.Downloader) -> No action taken.
C:\WINNT\Temp\DWHFBB2.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\Temp\DWHFFBE.tmp (Worm.Netsky) -> No action taken.
C:\WINNT\system32\vx.tll (Malware.Trace) -> No action taken.

[JaRon]

jezkove usi - to je zbierka daj vsetko odstranit v MBAM - restart a zopakuj kontrolu MBAM

[dape]

v MBAM odstraneno, restart, MBAM znovu, zde je log:
---
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4052

Windows 5.0.2195 Service Pack 4 (Safe Mode)
Internet Explorer 6.0.2600.0000

7.5.2010 14:07:11
mbam-log-2010-05-07 (14-07-11).txt

Typ skenu: Rychlý sken
Skenované objekty: 157188
Uplynulý čas: 13 minuta(y), 35 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[JaRon]

vypada to fajn - este stale nejde normal mod
ak nie tak este spust ComboFix v nudzovom rezime - log vloz

[dape]

pred spustenim combofixu nejely W2000 v normal modu, jen v nouzaku. Dle instrukci jsem spustil combofix, provedl restart. Zde je log:
ComboFix 10-05-05.0A - david 07.05.2010 14:21:31.1.1 - x86 NETWORK
Microsoft Windows 2000 Professional 5.0.2195.4.1250.420.1029.18.504.393 [GMT 2:00]
Spuštěný z: c:\aaa\ComboFix.exe

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\System
c:\system\INSTALL.LOG
c:\winnt\system32\4nr5s67n.dat
c:\winnt\system32\68601031.exe
c:\winnt\system32\68607437.exe
c:\winnt\system32\zlbw.dll
c:\winnt\Web\default.htt

c:\winnt\system32\comres.dll . . . je infikován!!

c:\winnt\system32\comres.dll . . . je infikován!!

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NDISRD
-------\Service_ndisrd


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-07 do 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-07 11:24 . 2010-04-29 13:39 38224 ----a-w- c:\winnt\system32\drivers\mbamswissarmy.sys
2010-05-07 11:24 . 2010-05-07 11:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-07 11:24 . 2010-04-29 13:39 19288 ----a-w- c:\winnt\system32\drivers\mbam.sys
2010-05-07 10:27 . 2003-06-19 10:05 847872 -c--a-w- c:\winnt\system32\dllcache\msimsg.dll
2010-05-07 10:27 . 2003-06-19 10:05 39936 -c--a-w- c:\winnt\system32\dllcache\msisip.dll
2010-05-07 10:27 . 2003-06-19 10:05 64512 -c--a-w- c:\winnt\system32\dllcache\msiexec.exe
2010-05-07 10:27 . 2003-06-19 10:05 305664 -c--a-w- c:\winnt\system32\dllcache\msihnd.dll
2010-05-07 10:27 . 2003-06-19 10:05 2017792 -c--a-w- c:\winnt\system32\dllcache\msi.dll
2010-05-07 09:45 . 2010-05-07 09:45 -------- d-----w- C:\rsit
2010-05-06 16:08 . 2010-05-06 16:25 1312 --sha-w- c:\winnt\system32\drivers\fidbox2.dat
2010-05-06 16:08 . 2010-05-06 16:13 19744 --sha-w- c:\winnt\system32\drivers\fidbox.dat
2010-05-06 13:12 . 2010-05-06 13:12 -------- d-----w- c:\program files\Common Files\ParetoLogic
2010-05-06 13:12 . 2010-05-06 13:12 -------- d-----w- c:\program files\ParetoLogic
2010-05-05 13:17 . 2010-05-05 13:17 -------- d-----w- c:\program files\ICQToolbar
2010-05-05 13:15 . 2010-05-05 13:28 -------- d---a-w- c:\program files\ICQLite

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 11:12 . 2009-05-28 12:51 -------- d-----w- c:\program files\pdfforge Toolbar
2010-05-07 10:05 . 2008-08-07 13:58 -------- d-----w- c:\program files\Trend Micro
2010-05-06 16:08 . 2010-05-06 16:08 32 --sha-w- c:\winnt\system32\drivers\fidbox2.idx
2010-05-06 16:08 . 2010-05-06 16:08 32 --sha-w- c:\winnt\system32\drivers\fidbox.idx
2010-05-06 14:32 . 2004-01-16 13:24 -------- d---a-w- c:\program files\ICQ
2010-05-05 08:01 . 2005-10-06 09:14 -------- d-----w- c:\program files\Symantec AntiVirus
2010-05-04 11:00 . 2007-07-02 13:53 -------- d-----w- c:\program files\SpamBayes-D
2010-04-01 07:26 . 2005-10-06 12:22 -------- d-----w- c:\program files\Opera
2010-03-31 15:19 . 2010-03-31 15:19 -------- d-----w- c:\program files\Sigmatek
2010-03-24 11:15 . 2005-08-08 14:17 -------- d-----w- c:\program files\Google
2010-03-01 13:49 . 2010-02-03 15:22 15688 ----a-w- c:\winnt\system32\lsdelete.exe
2004-03-11 11:27 . 2005-08-11 07:38 40960 ----a-w- c:\program files\Uninstall_CDS.exe
2004-01-13 14:46 . 2004-01-13 14:46 22034 ---h--w- c:\program files\folder.htt
2006-01-10 13:21 . 2005-03-23 08:15 56 --sh--r- c:\winnt\system32\239A898C81.sys
2009-11-11 13:18 . 2005-03-23 08:15 12208 --sha-w- c:\winnt\system32\KGyGaAvL.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [2000-03-20 20752]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ"="c:\program files\ICQ\Icq.exe" [2003-01-21 2089541]
"ICQ Lite"="c:\program files\ICQLite\ICQLite.exe" [2006-05-07 3139164]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"="TCAUDIAG.exe -on" [X]
"Synchronization Manager"="mobsync.exe" [2000-03-20 111888]
"IgfxTray"="c:\winnt\system32\igfxtray.exe" [2005-06-21 155648]
"HotKeysCmds"="c:\winnt\system32\hkcmd.exe" [2005-06-21 126976]
"SoundMan"="SOUNDMAN.EXE" [2002-09-11 46592]
"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2004-09-07 1400944]
"RunIWTray"="c:\program files\Norman Security Suite\IWTray.exe" [2001-05-09 49152]
"ADUserMon"="c:\program files\Iomega\AutoDisk\ADUserMon.exe" [2002-01-24 106496]
"Iomega Startup Options"="c:\program files\Iomega\Common\ImgStart.exe" [2001-01-17 45056]
"Iomega Drive Icons"="c:\program files\Iomega\DriveIcons\ImgIcon.exe" [2001-11-20 57344]
"Deskup"="c:\program files\Iomega\DriveIcons\deskup.exe" [2001-10-01 28672]
"RemoteControl"="c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"NeroFilterCheck"="c:\winnt\system32\NeroCheck.exe" [2001-07-09 155648]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2004-06-09 66680]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2004-10-06 161096]
"Norton Ghost 9.0"="c:\program files\Symantec\Norton Ghost\Agent\GhostTray.exe" [2004-07-29 1122304]
"ScheduleSync.Siemens.SmartSync.5.2.exe"="c:\program files\Mobile Phone Manager\SmartSync\ScheduleSync.exe" [2004-08-27 45056]
"MaxtorOneTouch"="c:\program files\Maxtor\OneTouch\utils\Onetouch.exe" [2004-12-22 823296]
"PinnacleDriverCheck"="c:\winnt\system32\PSDrvCheck.exe" [2003-12-04 406016]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2006-06-01 26112]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"WinVNC"="c:\program files\TightVNC\WinVNC.exe" [2007-05-07 589824]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-02-07 488984]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2007-02-07 774168]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"Mirabilis ICQ"="c:\program files\ICQ\ICQNet.exe" [2003-01-13 49230]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"="internat.exe" [2000-03-20 20752]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"^SetupICWDesktop"="c:\program files\Internet Explorer\Connection Wizard\icwconn1.exe" [2003-06-19 188688]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe [2003-7-17 217180]
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2004-1-16 113664]
NkbMonitor.exe.lnk - c:\program files\Nikon\PictureProject\NkbMonitor.exe [2007-7-16 118784]
Portfolio Express.lnk - c:\program files\Extensis\Portfolio 6.0\Portfolio Express.exe [2004-1-16 2035712]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2007-6-6 394856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

R0 iwfile;iwfile;c:\winnt\system32\drivers\iwfile.sys [14.1.2004 9:41 129888]
R0 iwmemlck;Norman Memory Lock Driver;c:\winnt\system32\drivers\IWMemLck.sys [14.1.2004 9:41 47592]
R0 ppa;Ovladač filtru paralelního portu Iomega;c:\winnt\system32\drivers\ppa.sys [14.4.2004 10:22 17520]
R0 PQV2i;PQV2i;c:\winnt\system32\drivers\PQV2i.sys [29.7.2004 4:33 138780]
R1 WRDRV;WRDRV;c:\winnt\system32\drivers\wrdrv.sys [23.1.2004 9:58 64000]
R3 usbhub20;USB 2.0 Root Hub Support;c:\winnt\system32\drivers\usbhub20.sys [14.1.2004 8:24 49776]
S0 Lbd;Lbd;c:\winnt\system32\drivers\Lbd.sys [30.4.2009 12:31 64160]
S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board;c:\winnt\system32\drivers\DCxxMJPG.sys [24.5.2006 13:17 132604]
S1 PQIMount;PQIMount;c:\winnt\system32\drivers\PQIMount.sys [29.7.2004 5:13 46779]
S1 PVR101Disk;PVR101Disk;c:\winnt\system32\drivers\pvr101disk.sys [4.10.2006 22:02 7936]
S2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6.12.2007 22:03 660768]
S2 DCamUSB20;USB 2.0 Capture;c:\winnt\system32\drivers\CsMini20.sys [1.6.2006 14:13 46216]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [9.3.2009 21:06 1029456]
S2 tcaicchg;tcaicchg;c:\winnt\system32\TCAICCHG.SYS [7.6.2000 3:08 21233]
S2 TCAITDI;TCAITDI Protocol;c:\winnt\system32\drivers\TCAITDI.SYS [4.9.2001 20:22 19534]
S2 WinRoute;WinRoute Pro 4.2;c:\program files\WinRoute Pro\winroute.exe [23.1.2004 9:58 507956]
S2 ZeppelinService;plasservice;c:\program files\Common Files\ParetoLogic\PLAS\plasservice.exe [14.1.2010 11:27 587216]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [6.10.2004 17:56 173392]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - SHAREDACCESS
.
Obsah adresáře 'Naplánované úlohy'

2010-05-05 c:\winnt\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 13:49]

2010-05-06 c:\winnt\Tasks\ParetoLogic Anti-Virus PLUS.job
- c:\program files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe [2010-01-14 09:28]

2010-05-06 c:\winnt\Tasks\ParetoLogic Anti-Virus PLUS_dbsummary.job
- c:\program files\ParetoLogic\Anti-Virus PLUS\Pareto_AV.exe [2010-01-14 09:28]

2010-05-06 c:\winnt\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2008-02-22 10:25]

2010-05-06 c:\winnt\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2008-02-22 10:25]
.
.
------- Doplňkový sken -------
.
IE: &ICQ Toolbar Search - c:\program files\ICQToolbar\toolbaru.dll/SEARCH.HTML
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
LSP: c:\winnt\system32\INetHTTPFilter.dll
LSP: %SystemRoot%\system32\msafd.dll
TCP: {AF6CF5ED-1491-4271-923A-90C32022562E} = 81.19.0.67,81.19.10.34
TCP: {CEA094F5-DB2B-49D8-9352-2C09F6B7496E} = 213.246.64.3
DPF: DirectAnimation Java Classes - file://c:\winnt\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\david.STUDIO\Data aplikací\Mozilla\Firefox\Profiles\6q3pryti.default\
FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
SSODL-000CBFFC-{085701B8-7D55-2EB0-5BBF-482043847E2C} - c:\winnt\system32\Hdlcnh32.dll



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 14:31
Windows 5.0.2195 Service Pack 4 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Iomega Activity Disk2]
"ImagePath"="\"\""
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(328)
c:\winnt\system32\IW2kGina.dll
c:\winnt\system32\IWCPKI.dll
c:\winnt\system32\ODBC32.dll
c:\winnt\system32\iwp61err.dll
c:\winnt\system32\IWENC.DLL
c:\winnt\system32\IWCard.dll
c:\winnt\system32\PcsLibD.dll
c:\winnt\system32\IWODBC.dll
c:\winnt\system32\IWAudLog.dll
c:\winnt\System32\odbcjt32.dll
c:\winnt\System32\msjet40.dll
c:\winnt\System32\mswstr10.dll
c:\winnt\System32\odbcji32.dll
c:\winnt\System32\msjter40.dll
c:\winnt\System32\MSJINT40.DLL
c:\winnt\system32\odbccp32.dll
c:\winnt\system32\VBAJET32.DLL
c:\program files\Norman Security Suite\IWLogFd.dll
c:\winnt\system32\wzcdlg.dll
c:\winnt\system32\WZCSAPI.DLL

- - - - - - - > 'lsass.exe'(376)
c:\winnt\system32\rsabase.dll
c:\winnt\system32\INetHTTPFilter.dll

- - - - - - - > 'Explorer.exe'(424)
c:\winnt\system32\MSI.DLL
c:\program files\Microsoft Office\OFFICE11\msohev.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\winnt\System32\WBEM\WinMgmt.exe
c:\program files\Norman Security Suite\SESSION.EXE
.
**************************************************************************
.
Celkový čas: 2010-05-07 14:36:12 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-07 12:36

Před spuštěním: Volných bajtů: 25 664 856 064
Po spuštění: Volných bajtů: 25 696 940 032

- - End Of File - - B9EE02F44262A752563101299DC6C96B

[dape]

... musim psat na www na jinem PC, zala zlobit OPERA i FireFox, zavira se po nacteni stranky.

[JaRon]

ZMAZ subory:
c:\winnt\Tasks\Ad-Aware Update (Weekly).job
c:\winnt\Tasks\ParetoLogic Anti-Virus PLUS.job
c:\winnt\Tasks\ParetoLogic Anti-Virus PLUS_dbsummary.job
c:\winnt\Tasks\ParetoLogic Registration.job
c:\winnt\Tasks\ParetoLogic Update Version2.job
+
odinstaluj
c:\program files\Norman Security Suite

[dape]

OK, soubory smazany.

Co se tyce Norman Security Suite, tak ten bych nerad mazal, nebot ten dela jen to, ze umoznuji mi pristup na sit, kde jsou sifrovane soubory a umoznuje prihlasit do Windows. Kdybych to smazal, nevim, jak bych se prihlasil, nebot on nahrazuje prihlasovaci okno. Nejedna se o antivir, ale jen o on-line sifrovani souboru, ktere jsou ulozene na siti.

... ale zalezi na Vasich instrukcich.

[dape]

... jak tedy? Je nejaka sance, ze se to da dohromady?
Uz jsem z toho fest vyrizenej.

[JaRon]

otestuj na www.virustotal.com subory:
c:\winnt\system32\comres.dll
c:\winnt\system32\239A898C81.sys

toho Normana nechaj

preventivne prescanuj PC s CureIT - uplna kontrola

[dape]

preskenoval jsem 239a898c81.sys - ten byl ok, 0%.
Ten druhy soubor comres.dll v uvedenem adresari neni.
Co dal?

[dape]

... tak nakonec (a predtim to neslo!!!) pomohlo Win2000-SP4. Je to OK.
Prosim, jeste o kontrolu logu, zda je to uplne OK.
- je rozdelen, byl vetsi nez 60kB

Dekuji.
D.

Logfile of random's system information tool 1.07 (written by random/random)
Run by david at 2010-05-10 13:49:17
Microsoft Windows 2000 Professional Service Pack 4
System drive C: has 24 GB (32%) free of 76 GB
Total RAM: 504 MB (1% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:49:49, on 10.5.2010
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP4 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\GEARSec.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\PROGRA~1\Iomega\System32\AppServices.exe
C:\Program Files\Norman Security Suite\SESSION.EXE
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\WinRoute Pro\winroute.exe
C:\WINNT\Explorer.EXE
C:\Program Files\TightVNC\WinVNC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
C:\WINNT\system32\ZipToA.exe
C:\Program Files\Iomega\AutoDisk\ADService.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\igfxtray.exe
C:\WINNT\system32\hkcmd.exe
C:\WINNT\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Norman Security Suite\IWTray.exe
C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\ICQ\ICQ.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\WINNT\system32\wuauclt.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_02\bin\jucheck.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
C:\aaa\RSIT.exe
C:\Program Files\trend micro\david.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: @msdxmLC.dll,-1@1029,&Rádio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - (no file)
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [RunIWTray] "C:\Program Files\Norman Security Suite\IWTray.exe"
O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program Files\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -on
O4 - HKLM\..\Run: [ScheduleSync.Siemens.SmartSync.5.2.exe] C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\TightVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Mirabilis ICQ] C:\Program Files\ICQ\ICQNet.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\RunOnce: [ICQ] C:\Program Files\ICQ\ICQ.exe -trayboot
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O4 - Global Startup: Portfolio Express.lnk = C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Program Files\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll (file missing)
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINNT\system32\Shdocvw.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O10 - Unknown file in Winsock LSP: c:\winnt\system32\inethttpfilter.dll
O12 - Plugin for .TIF: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O14 - IERESET.INF: START_PAGE_URL=http://msn.atlas.cz
O14 - IERESET.INF: MS_START_PAGE_URL=http://msn.atlas.cz
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://88.83.230.74/plugin/h263ctrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF6CF5ED-1491-4271-923A-90C32022562E}: NameServer = 81.19.0.67,81.19.10.34
O17 - HKLM\System\CCS\Services\Tcpip\..\{CEA094F5-DB2B-49D8-9352-2C09F6B7496E}: NameServer = 213.246.64.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: 000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINNT\System32\GEARSec.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe
O23 - Service: IomegaAccess - Iomega Corporation - C:\WINNT\system32\IomegaAccess.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: WinRoute Pro 4.2 (WinRoute) - Unknown owner - C:\Program Files\WinRoute Pro\winroute.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe
O23 - Service: plasservice (ZeppelinService) - ParetoLogic Inc. - C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe
O23 - Service: ZipToA - Iomega Corporation - C:\WINNT\system32\ZipToA.exe
O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe

--
End of file - 13656 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
AcroIEToolbarHelper Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E718888-423F-11D2-876E-00A0C9082467} - @msdxmLC.dll,-1@1029,&Rádio - C:\WINNT\System32\msdxm.ocx [2003-06-19 844828]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 6.0 CE\Acrobat\AcroIEFavClient.dll [2003-05-12 147456]
{B922D405-6D13-4A2B-AE89-08A030DA4402}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQ Toolbar - C:\Program Files\ICQToolbar\toolbaru.dll [2005-01-19 446464]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=mobsync.exe /logon []
"IgfxTray"=C:\WINNT\system32\igfxtray.exe [2005-06-21 155648]
"HotKeysCmds"=C:\WINNT\system32\hkcmd.exe [2005-06-21 126976]
"SoundMan"=C:\WINNT\SOUNDMAN.EXE [2002-09-11 46592]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2004-09-07 1400944]
"RunIWTray"=C:\Program Files\Norman Security Suite\IWTray.exe [2001-05-09 49152]
"ADUserMon"=C:\Program Files\Iomega\AutoDisk\ADUserMon.exe [2002-01-24 106496]
"Iomega Startup Options"=C:\Program Files\Iomega\Common\ImgStart.exe [2001-01-17 45056]
"Iomega Drive Icons"=C:\Program Files\Iomega\DriveIcons\ImgIcon.exe [2001-11-20 57344]
"Deskup"=C:\Program Files\Iomega\DriveIcons\deskup.exe [2001-10-01 28672]
"RemoteControl"=C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe [2003-12-08 32768]
"NeroFilterCheck"=C:\WINNT\system32\NeroCheck.exe [2001-07-09 155648]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2004-06-09 66680]
"vptray"=C:\PROGRA~1\SYMANT~1\VPTray.exe [2004-10-06 161096]
"Norton Ghost 9.0"=C:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe [2004-07-29 1122304]
"TCASUTIEXE"=TCAUDIAG.exe -on []
"ScheduleSync.Siemens.SmartSync.5.2.exe"=C:\Program Files\Mobile Phone Manager\SmartSync\ScheduleSync.exe [2004-08-27 45056]
"MaxtorOneTouch"=C:\Program Files\Maxtor\OneTouch\utils\Onetouch.exe [2004-12-22 823296]
"PinnacleDriverCheck"=C:\WINNT\system32\PSDrvCheck.exe [2003-12-04 406016]
"RealTray"=C:\Program Files\Real\RealPlayer\RealPlay.exe [2006-06-01 26112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe [2007-07-12 132496]
"CloneCDTray"=C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe [2006-09-28 57344]
"WinVNC"=C:\Program Files\TightVNC\WinVNC.exe [2007-05-07 589824]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [2007-02-08 488984]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [2007-02-08 774168]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"Mirabilis ICQ"=C:\Program Files\ICQ\ICQNet.exe [2003-01-13 49230]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"internat.exe"=C:\WINNT\system32\internat.exe [2000-03-20 20752]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ"=C:\Program Files\ICQ\ICQ.exe [2003-01-21 2089541]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 6.0 CE\Distillr\acrotray.exe
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
Portfolio Express.lnk - C:\Program Files\Extensis\Portfolio 6.0\Portfolio Express.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINNT\system32\igfxsrvc.dll [2005-06-21 348160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
C:\WINNT\system32\NavLogon.dll [2004-10-06 83272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
000CBFFC - {085701B8-7D55-2EB0-5BBF-482043847E2C} - C:\WINNT\system32\Hdlcnh32.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINNT\system32\split.exe"="C:\WINNT\system32\split.exe:*:Enabled:SMSSERVER"
"C:\Documents and Settings\david\Local Settings\Temp\1E.scr"="C:\Documents and Settings\david\Local Settings\Temp\1E.scr:*:Enabled:SMSSERVER"
"C:\Documents and Settings\david\Local Settings\Temp\20.scr"="C:\Documents and Settings\david\Local Settings\Temp\20.scr:*:Enabled:SMSSERVER"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\WINNT\system32\Notepad.exe %1
.vbs - edit - C:\WINNT\system32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-05-10 13:34:17 ----A---- C:\WINNT\system32\igfxres.dll
2010-05-10 13:29:35 ----A---- C:\WINNT\system32\igfxzoom.exe
2010-05-10 13:29:35 ----A---- C:\WINNT\system32\igfxtray.exe
2010-05-10 13:29:34 ----A---- C:\WINNT\system32\igfxsrvc.dll
2010-05-10 13:29:33 ----A---- C:\WINNT\system32\igfxress.dll
2010-05-10 13:29:33 ----A---- C:\WINNT\system32\igfxpph.dll
2010-05-10 13:29:32 ----A---- C:\WINNT\system32\igfxhk.dll
2010-05-10 13:29:32 ----A---- C:\WINNT\system32\igfxext.exe
2010-05-10 13:29:32 ----A---- C:\WINNT\system32\igfxexps.dll
2010-05-10 13:29:32 ----A---- C:\WINNT\system32\igfxeud.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\igfxdo.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\igfxdiag.exe
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\igfxdgps.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\igfxdev.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\igfxcfg.exe
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmrnt5.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmrem.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmgicd.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmgdev.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmdnt5.dll
2010-05-10 13:29:31 ----A---- C:\WINNT\system32\ialmdev5.dll
2010-05-10 13:29:30 ----A---- C:\WINNT\system32\ialmdd5.dll
2010-05-10 13:29:30 ----A---- C:\WINNT\system32\hkcmd.exe
2010-05-10 13:29:30 ----A---- C:\WINNT\system32\hccutils.dll
2010-05-10 12:13:26 ----A---- C:\WINNT\winrep.exe
2010-05-10 12:13:26 ----A---- C:\WINNT\winhlp32.exe
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\XENROLL.DLL
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\xactsrv.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wupdinfo.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wsock32.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wsnmp32.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wshtcpip.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wshirda.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wshatm.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\ws2_32.dll
2010-05-10 12:13:25 ----A---- C:\WINNT\system32\wpnpinst.exe
2010-05-10 12:13:25 ----A---- C:\WINNT\hh.exe
2010-05-10 12:13:25 ----A---- C:\WINNT\explorer.exe
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\wow32.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\wmicore.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\wlnotify.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\WLDAP32.DLL
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\winver.exe
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\WINTRUST.DLL
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\winsta.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\winsmon.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\winscard.dll
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\WINLOGON.EXE
2010-05-10 12:13:24 ----A---- C:\WINNT\system32\wininet.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\winfax.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\webcheck.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\webhits.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\wavemsp.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\w95upgnt.dll
2010-05-10 12:13:23 ----A---- C:\WINNT\system32\w32tm.exe
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\w32time.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\vga.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\vfpodbc.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\version.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\vbscript.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\vbajet32.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\utilman.exe
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\utildll.dll
2010-05-10 12:13:22 ----A---- C:\WINNT\system32\usp10.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\USERENV.DLL
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\USER32.DLL
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\usbmon.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\urlmon.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\url.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\uniplat.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\unimdmat.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\umandlg.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\trkwks.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\traffic.dll
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\tlntsvr.exe
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\tlntsess.exe
2010-05-10 12:13:21 ----A---- C:\WINNT\system32\thumbvw.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tftp.exe
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tcpmon.ini
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tcpmon.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tcpmib.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\TASKMGR.EXE
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tapisrv.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\TAPI32.DLL
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\tapi3.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\svcpack.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\strmdll.dll
2010-05-10 12:13:20 ----A---- C:\WINNT\system32\storprop.dll
2010-05-10 12:13:19 ----A---- C:\WINNT\system32\stobject.dll
2010-05-10 12:13:19 ----A---- C:\WINNT\system32\stisvc.exe
2010-05-10 12:13:19 ----A---- C:\WINNT\system32\stimon.exe
2010-05-10 12:13:19 ----A---- C:\WINNT\system32\sti.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\sqlwoa.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\sqlwid.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\sqlstr.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\sqlsrv32.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\snmpsnap.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\SNMPAPI.DLL
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\smlogsvc.exe
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\smlogcfg.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\skeys.exe
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\skdll.dll
2010-05-10 12:13:18 ----A---- C:\WINNT\system32\sisbkup.dll
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\shmgrate.exe
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\shlwapi.dll
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\shim.dll
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\SHELL32.DLL
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\shdocvw.dll
2010-05-10 12:13:17 ----A---- C:\WINNT\system32\shdoclc.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sfcfiles.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sfc.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\servdeps.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sensapi.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sens.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sendmail.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\secur32.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\seclogon.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\secedit.exe
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\scrrun.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\scrobj.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\scripto.dll
2010-05-10 12:13:16 ----A---- C:\WINNT\system32\sclgntfy.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\scesrv.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\scecli.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\runas.exe
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rtm.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsvpsp.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsvp.exe
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsnotify.exe
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsm.exe
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsh.exe
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rsfsaps.dll
2010-05-10 12:13:15 ----A---- C:\WINNT\system32\rpcss.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\rpcrt4.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\rpcns4.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\routeext.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\RNR20.DLL
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\riched20.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\RESUTILS.DLL
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\rend.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\REGSVR32.EXE
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\regsvc.exe
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\regedt32.exe
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\regapi.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\rastls.dll
2010-05-10 12:13:14 ----A---- C:\WINNT\system32\RASSCRPT.DLL
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\RASSAPI.DLL
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\rasppp.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\rasmontr.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\rasmans.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\RASCHAP.DLL
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\rapilib.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\query.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\quartz.dll
2010-05-10 12:13:13 ----A---- C:\WINNT\system32\qcap.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\PSBASE.DLL
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\profmap.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\powrprof.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\polstore.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\polagent.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\pngfilt.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\perfproc.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\perfdisk.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\pdh.dll
2010-05-10 12:13:12 ----A---- C:\WINNT\system32\osk.exe
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\OPENGL32.DLL
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\olethk32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\OLEPRO32.DLL
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\oleprn.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\OLE32.DLL
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\offfilt.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\odtext32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\odpdx32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\odfox32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\odexl32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\oddbse32.dll
2010-05-10 12:13:11 ----A---- C:\WINNT\system32\ODBCTRAC.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcjt32.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcji32.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcint.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbccu32.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbccr32.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbccp32.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcconf.exe
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcconf.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\odbcbcp.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\ODBCAD32.exe
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\ODBC32GT.dll
2010-05-10 12:13:10 ----A---- C:\WINNT\system32\ODBC32.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\ocmanage.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\occache.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\objsel.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\oakley.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\ntmssvc.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\ntmsdba.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\ntmsapi.dll
2010-05-10 12:13:09 ----A---- C:\WINNT\system32\NTMARTA.DLL
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsutil.exe
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdskcc.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsetup.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsbsrv.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsbcli.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsatq.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsapi.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\ntdsa.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\nlhtml.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\newdev.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\netui0.dll
2010-05-10 12:13:08 ----A---- C:\WINNT\system32\NETSTAT.EXE
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\netshell.dll
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\netplwiz.dll
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\netman.dll
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\NETLOGON.DLL
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\netid.dll
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\NETDDE.EXE
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\netcfgx.dll
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\NETAPI32.DLL
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\net1.exe
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\NDDEAPIR.EXE
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\NDDEAPI.DLL
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\narrator.exe
2010-05-10 12:13:07 ----A---- C:\WINNT\system32\mydocs.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\mycomput.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\mtxclu.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\msxml.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\msxbde40.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\mswstr10.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\mswsock.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\mswdat10.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\msw3prt.dll
2010-05-10 12:13:06 ----A---- C:\WINNT\system32\msvfw32.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\MSVBVM60.DLL
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\mstext40.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\mstask.exe
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\mstask.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msswchx.exe
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msswch.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\MSSIGN32.DLL
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msrle32.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msrepl40.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msrd3x40.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msrd2x40.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\msrating.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\MSPRIVS.DLL
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\mspbde40.dll
2010-05-10 12:13:05 ----A---- C:\WINNT\system32\mspatcha.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msorcl32.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msoert2.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msoeacct.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msltus40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msjtes40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msjter40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msjint40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msjetoledb40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msjet40.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msieftp.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msidntld.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\msident.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\mshtmler.dll
2010-05-10 12:13:04 ----A---- C:\WINNT\system32\mshtmled.dll
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\mshtml.dll
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\mshta.exe
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\MSGINA.DLL
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\msexch40.dll
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\msexcl40.dll
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\msdxmlc.dll
2010-05-10 12:13:03 ----A---- C:\WINNT\system32\msdart32.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mscpxl32.dLL
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\msclus.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\msafd.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mprui.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mprdim.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mprddm.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mpr.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\modemui.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mobsync.exe
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mobsync.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mmcndmgr.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mmc.exe
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mlang.dll
2010-05-10 12:13:02 ----A---- C:\WINNT\system32\mimefilt.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\mfc42u.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\mfc42.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\mdminst.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\mdhcp.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\magnify.exe
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\lz32.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\lpk.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\loghours.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\LODCTR.EXE
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\localsec.dll
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\LOADPERF.DLL
2010-05-10 12:13:01 ----A---- C:\WINNT\system32\KRNL386.EXE
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\kerberos.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\jscript.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\JET500.DLL
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\ixsso.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\itss.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\itircl.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\isign32.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\irmon.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\iprtrmgr.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\IPROP.DLL
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\ipnathlp.dll
2010-05-10 12:13:00 ----A---- C:\WINNT\system32\IPHLPAPI.DLL
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\inseng.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\INITPKI.DLL
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\infosoft.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\inetres.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\inetpp.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\INETMIB1.DLL
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\inetcplc.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\inetcomm.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\imm32.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\imgutil.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\iesetup.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\iepeers.dll
2010-05-10 12:12:59 ----A---- C:\WINNT\system32\iedkcs32.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\idq.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\icm32.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iassvcs.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iassdo.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iassam.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iasrad.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iasperf.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iasnap.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iasads.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\iasacct.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\hotplug.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\hlink.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\hid.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\hhsetup.dll
2010-05-10 12:12:58 ----A---- C:\WINNT\system32\h323msp.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\gptext.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\gpedit.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\GDI32.DLL
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\FONTEXT.DLL
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\findstr.exe
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\filemgmt.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\fdeploy.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\faxui.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\faxt30.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\FAXSVC.EXE
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\faxdrv.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\faxcom.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\faxadmin.dll
2010-05-10 12:12:57 ----A---- C:\WINNT\system32\expsrv.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\EVENTLOG.DLL
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\eudcedit.exe
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\esentutl.exe
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\esent.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\es.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\els.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\dxmrtp.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\dxmasf.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\dxdiag.exe
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\dsuiext.dll
2010-05-10 12:12:56 ----A---- C:\WINNT\system32\dssec.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dsquery.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dsprop.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dskquoui.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dskquota.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dsfolder.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dsauth.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\ds32gt.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dnsrslvr.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dnsapi.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmutil.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmserver.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmremote.exe
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmintf.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmdskres.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmdskmgr.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmdlgs.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmconfig.dll
2010-05-10 12:12:55 ----A---- C:\WINNT\system32\dmadmin.exe
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dllhst3g.exe
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\DLLHOST.EXE
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\diskperf.exe
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\diskcopy.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\DINPUT.DLL
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dhcpmon.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dfsshlex.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dfrgsnap.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dfrgntfs.exe
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dfrgfat.exe
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\devmgr.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\DCOMCNFG.EXE
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dbnmpntw.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dbmsvinn.dLL
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dbmsspxn.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dbmsrpcn.dll
2010-05-10 12:12:54 ----A---- C:\WINNT\system32\dbmsadsn.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\CSRSS.EXE
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\cscui.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\cscdll.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\CRYPTUI.DLL
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\cryptsvc.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\CRYPTNET.DLL
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\cryptdll.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\CRYPTDLG.DLL
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\CRYPT32.DLL
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\control.exe
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\conime.exe
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\confmsp.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\compobj.dll
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\command.com
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\COMCAT.DLL
2010-05-10 12:12:53 ----A---- C:\WINNT\system32\cmutil.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\CHKNTFS.EXE
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cmstp.exe
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cmprops.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cmnquery.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cmdial32.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\CMD.EXE
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\CLUSTER.EXE
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\CLUSAPI.DLL
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cliconfg.exe
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cliconfg.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cipher.exe
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\ciadmin.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\certmgr.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\certcli.dll
2010-05-10 12:12:52 ----A---- C:\WINNT\system32\cdosys.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\cdonts.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\cdm.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\cdfview.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\capesnpn.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\browseui.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\browser.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\browselc.dll
2010-05-10 12:12:51 ----A---- C:\WINNT\system32\batmeter.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\BASESRV.DLL
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\avifil32.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\autolfn.exe
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\atmlib.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\atmfd.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\atl.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\atkctrs.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\at.exe
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\ASYCFILT.DLL
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\appmgr.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\appmgmts.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\advpack.dll
2010-05-10 12:12:50 ----A---- C:\WINNT\system32\adsnw.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\HAL.DLL
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\adsnt.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\adsnds.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\adsmsext.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\adsldpc.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\adsldp.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\actxprxy.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\activeds.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\aclui.dll
2010-05-10 12:12:49 ----A---- C:\WINNT\system32\acctres.dll
2010-05-10 10:33:58 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\IsolatedStorage
2010-05-07 14:49:31 ----SHD---- C:\RECYCLER
2010-05-07 14:36:12 ----A---- C:\ComboFix.txt
2010-05-07 14:27:57 ----D---- C:\WINNT\temp
2010-05-07 14:19:23 ----A---- C:\WINNT\zip.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\SWXCACLS.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\SWSC.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\SWREG.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\sed.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\PEV.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\NIRCMD.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\MBR.exe
2010-05-07 14:19:23 ----A---- C:\WINNT\grep.exe
2010-05-07 14:19:05 ----D---- C:\WINNT\ERDNT
2010-05-07 14:19:05 ----D---- C:\ComboFix
2010-05-07 13:24:18 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Malwarebytes
2010-05-07 13:24:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-05-07 13:24:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-05-07 11:45:11 ----D---- C:\rsit
2010-05-06 16:32:31 ----D---- C:\Qoobox
2010-05-06 15:34:23 ----A---- C:\rollback.ini
2010-05-06 15:12:47 ----D---- C:\Program Files\ParetoLogic
2010-05-06 15:12:47 ----D---- C:\Program Files\Common Files\ParetoLogic
2010-05-06 15:12:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic Anti-Virus PLUS
2010-05-06 15:12:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ParetoLogic
2010-05-05 15:41:23 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\GARMIN
2010-05-05 15:17:18 ----D---- C:\Program Files\ICQToolbar
2010-05-05 15:15:25 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\ICQLite
2010-05-05 15:15:25 ----AD---- C:\Program Files\ICQLite
2010-05-04 13:51:04 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Mozilla
2010-05-04 13:15:31 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Search Settings
2010-05-04 13:15:31 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\pdfforge
2010-05-04 13:00:33 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\SpamBayes
2010-05-04 12:54:22 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Macromedia
2010-05-04 12:53:42 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Opera
2010-05-04 12:16:18 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Adobe
2010-05-04 11:35:56 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Active Disk
2010-05-04 11:33:00 ----D---- C:\Documents and Settings\david.STUDIO\Data aplikací\Identities
2010-05-04 11:32:33 ----SD---- C:\Documents and Settings\david.STUDIO\Data aplikací\Microsoft

======List of files/folders modified in the last 1 months======

2010-05-10 13:49:30 ----D---- C:\Program Files\Trend Micro
2010-05-10 13:49:19 ----AD---- C:\WINNT\system32
2010-05-10 13:48:58 ----A---- C:\WINNT\wincmd.ini
2010-05-10 13:37:50 ----AD---- C:\WINNT
2010-05-10 13:37:49 ----HD---- C:\WINNT\inf
2010-05-10 13:36:22 ----D---- C:\Program Files\Symantec AntiVirus
2010-05-10 13:35:38 ----AD---- C:\WINNT\Debug
2010-05-10 13:30:55 ----A---- C:\WINNT\SchedLgU.Txt
2010-05-10 13:29:56 ----AD---- C:\WINNT\system32\drivers
2010-05-10 13:29:21 ----D---- C:\aaa
2010-05-10 13:13:35 ----AD---- C:\Documents and Settings
2010-05-10 12:27:14 ----AHD---- C:\Program Files\WindowsUpdate
2010-05-10 12:21:45 ----AD---- C:\WINNT\security
2010-05-10 12:15:44 ----A---- C:\WINNT\ntbtlog.txt
2010-05-10 12:15:25 ----RASD---- C:\WINNT\Fonts
2010-05-10 12:15:25 ----AD---- C:\WINNT\system32\wbem
2010-05-10 12:13:34 ----AD---- C:\WINNT\Help
2010-05-10 12:13:32 ----AD---- C:\WINNT\system32\export
2010-05-10 12:13:32 ----AD---- C:\WINNT\AppPatch
2010-05-10 12:13:28 ----AD---- C:\WINNT\system32\ias
2010-05-10 12:13:27 ----AD---- C:\WINNT\system32\Setup
2010-05-10 12:13:25 ----AD---- C:\WINNT\system
2010-05-10 12:12:43 ----RSH---- C:\NTDETECT.COM
2010-05-10 11:08:28 ----D---- C:\Program Files\Mozilla Firefox
2010-05-07 15:31:36 ----D---- C:\WINNT\Minidump
2010-05-07 14:49:32 ----ASD---- C:\WINNT\Tasks
2010-05-07 14:31:42 ----A---- C:\WINNT\system.ini
2010-05-07 14:27:42 ----SD---- C:\WINNT\Web
2010-05-07 14:24:33 ----AD---- C:\Program Files\Common Files
2010-05-07 13:48:12 ----RSD---- C:\WINNT\assembly
2010-05-07 13:24:04 ----AD---- C:\Program Files
2010-05-07 13:21:33 ----SHD---- C:\WINNT\Installer
2010-05-07 13:12:20 ----D---- C:\Program Files\pdfforge Toolbar
2010-05-07 13:01:38 ----RASH---- C:\boot.ini
2010-05-07 13:01:20 ----AD---- C:\WINNT\msagent
2010-05-07 12:27:15 ----RASHDC---- C:\WINNT\system32\dllcache
2010-05-07 12:02:45 ----SHD---- C:\WINNT\CSC
2010-05-06 16:32:36 ----AD---- C:\Program Files\ICQ
2010-05-06 15:13:18 ----AD---- C:\Config.Msi
2010-05-05 15:44:59 ----D---- C:\totalcmd
2010-05-05 10:00:27 ----D---- C:\WINNT\system32\NtmsData
2010-05-04 13:00:16 ----D---- C:\Program Files\SpamBayes-D
2010-05-04 12:46:22 ----A---- C:\WINNT\ODBC.INI
2010-05-04 11:33:05 ----A---- C:\WINNT\OEWABLog.txt
2010-05-04 11:33:03 ----D---- C:\Program Files\Outlook Express
2010-05-04 11:33:03 ----D---- C:\Program Files\Common Files\System
2010-05-04 11:33:03 ----D---- C:\Program Files\Common Files\Services
2010-05-04 11:33:03 ----AD---- C:\Program Files\Common Files\Microsoft Shared
2010-05-04 11:09:58 ----AD---- C:\WINNT\system32\appmgmt
2010-05-03 15:05:37 ----D---- C:\zaloha
2010-04-28 14:58:02 ----D---- C:\TEMP
2010-04-28 14:52:27 ----D---- C:\ddd
2010-04-21 13:37:12 ----D---- C:\palirna
2010-04-13 10:51:42 ----A---- C:\WINNT\NeroDigital.ini
2010-04-12 16:17:49 ----D---- C:\bbb

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ElbyCDIO;ElbyCDIO Driver; C:\WINNT\System32\Drivers\ElbyCDIO.sys [2007-02-28 15440]
R1 GearAspiWDM;GearAspiWDM; C:\WINNT\system32\drivers\GearAspiWDM.sys [2004-07-29 14384]
R1 giveio;giveio; \??\C:\WINNT\system32\giveio.sys []
R1 InCDPass;InCDPass; C:\WINNT\System32\DRIVERS\InCDPass.sys [2004-09-07 28544]
R1 incdrm;InCD EasyWrite Reader; C:\WINNT\system32\drivers\incdrm.sys [2003-07-15 25488]
R1 KLIF;KLIF; C:\WINNT\System32\DRIVERS\klif.sys [2010-01-14 186128]
R1 PQIMount;PQIMount; C:\WINNT\system32\drivers\PQIMount.sys [2004-07-29 46779]
R1 PVR101Disk;PVR101Disk; C:\WINNT\system32\drivers\PVR101Disk.sys [2006-10-04 7936]
R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
R1 speedfan;speedfan; \??\C:\WINNT\system32\speedfan.sys []
R1 SYMTDI;SYMTDI; C:\WINNT\System32\Drivers\SYMTDI.SYS [2004-06-11 263736]
R1 WRDRV;WRDRV; C:\WINNT\system32\drivers\wrdrv.sys [2002-01-31 64000]
R2 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
R2 tcaicchg;tcaicchg; \??\C:\WINNT\system32\tcaicchg.sys []
R2 TCAITDI;TCAITDI Protocol; C:\WINNT\system32\DRIVERS\TCAITDI.sys [2001-09-04 19534]
R3 actser;actser; C:\WINNT\system32\drivers\actser.sys [2004-08-23 29440]
R3 ALCXWDM;Service for Avance AC97 Audio (WDM); C:\WINNT\system32\drivers\ALCXWDM.SYS [2002-09-16 941516]
R3 AnyDVD;AnyDVD; C:\WINNT\System32\Drivers\AnyDVD.sys [2007-04-13 73928]
R3 ASAPIW2k;ASAPIW2K; C:\WINNT\system32\drivers\ASAPIW2k.sys [2003-12-04 11264]
R3 ElbyCDFL;ElbyCDFL; C:\WINNT\System32\Drivers\ElbyCDFL.sys [2006-12-26 34760]
R3 ialm;ialm; C:\WINNT\System32\DRIVERS\ialmnt5.sys [2005-06-21 807998]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINNT\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100509.002\naveng.sys []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100509.002\navex15.sys []
R3 pcouffin;VSO Software pcouffin; C:\WINNT\System32\Drivers\pcouffin.sys [2007-04-17 47360]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINNT\System32\Drivers\RootMdm.sys [2000-03-20 6032]
R3 rtl8139;Realtek RTL8139/810x Family Fast Etnernet NIC NT Driver; C:\WINNT\System32\DRIVERS\R8139n5.SYS [2002-06-13 47926]
R3 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
R3 uhcd;Ovladač univerzálního hostitelského řadiče USB; C:\WINNT\System32\DRIVERS\uhcd.sys [2003-06-19 32848]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINNT\System32\DRIVERS\usbehci.sys [2003-06-19 19728]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINNT\System32\DRIVERS\usbhub.sys [2003-06-19 40176]
R3 usbhub20;USB 2.0 Root Hub Support; C:\WINNT\System32\DRIVERS\usbhub20.sys [2003-06-19 49776]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINNT\System32\DRIVERS\USBSTOR.SYS [2003-06-19 21552]
R4 InCDfs;InCD File System; C:\WINNT\system32\drivers\InCDfs.sys [2004-09-07 91136]
S1 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINNT\system32\drivers\ialmsbw.sys [2002-10-25 91774]
S1 DCxxMJPG;Pinnacle DC10plus, Motion-JPEG VideoIO Board; C:\WINNT\system32\drivers\DCxxMJPG.sys [2002-02-21 132604]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINNT\System32\DRIVERS\kbdhid.sys [2000-03-08 13744]
S2 DCamUSB20;USB 2.0 Capture; C:\WINNT\System32\Drivers\CsMini20.sys [2003-03-19 46216]
S2 HidUsb;Ovladač třídy standardu HID; C:\WINNT\System32\DRIVERS\hidusb.sys [1999-10-05 13904]
S2 Usb20Scan;USB 2.0 Still Image; C:\WINNT\System32\Drivers\CresScan.sys [2002-11-05 12692]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINNT\system32\drivers\ialmkchw.sys [2002-10-25 71514]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINNT\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINNT\system32\drivers\DSI_SiUSBXp_3_1.sys [2007-09-06 14848]
S3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINNT\system32\DRIVERS\EL2K_2K.sys [2003-06-04 147328]
S3 grmnusb;grmnusb; C:\WINNT\system32\drivers\grmnusb.sys [2009-01-22 8320]
S3 LVcKap;Logitech AEC Driver; C:\WINNT\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\WINNT\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINNT\system32\DRIVERS\LVUSBSta.sys [2007-10-12 41752]
S3 mouhid;Ovladač myši standardu HID; C:\WINNT\System32\DRIVERS\mouhid.sys [2003-06-19 11632]
S3 MPE;BDA MPE Filter; C:\WINNT\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINNT\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 MXOFX;USB Storage Adapter FX (MXO); C:\WINNT\system32\DRIVERS\MXOFX.SYS [2003-10-10 32640]
S3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINNT\system32\DRIVERS\mxopswd.sys [2004-10-07 15360]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINNT\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINNT\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\WINNT\system32\DRIVERS\LV302V32.SYS [2007-10-12 1279000]
S3 Ser2pl;SIEMENS Serial port driver; C:\WINNT\system32\DRIVERS\ser2pl.sys [2003-05-07 41472]
S3 SLIP;BDA Slip De-Framer; C:\WINNT\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 streamip;BDA IPSink; C:\WINNT\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 SYMREDRV;SYMREDRV; C:\WINNT\System32\Drivers\SYMREDRV.SYS [2004-06-11 16280]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINNT\system32\drivers\usbaudio.sys [1999-10-12 68912]
S3 usbprint;Třída USB Printer; C:\WINNT\System32\DRIVERS\usbprint.sys [2003-06-19 21872]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINNT\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S4 IntelIde;IntelIde; C:\WINNT\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


-----------------EOF-----------------

[dape]

... a zde je zbytek:

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 _IOMEGA_ACTIVE_DISK_SERVICE_;Iomega Active Disk; C:\Program Files\Iomega\AutoDisk\ADService.exe [2002-01-24 126976]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [2007-12-06 660768]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2004-06-09 255096]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2004-06-09 242808]
R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2004-10-06 30024]
R2 GEARSecurity;GEARSecurity; C:\WINNT\System32\GEARSec.exe [2004-07-29 53248]
R2 HidServ;HID Input Service; C:\WINNT\system32\hidserv.exe [2003-06-19 19728]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-09-07 1151090]
R2 Iomega App Services;Iomega App Services; C:\PROGRA~1\Iomega\System32\AppServices.exe [2002-01-14 73728]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Norton Ghost;Norton Ghost; C:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [2004-07-29 1269760]
R2 StiSvc;Still Image Service; C:\WINNT\system32\stisvc.exe [2003-06-19 61712]
R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2004-10-06 1275216]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2003-11-12 49152]
R2 WinRoute;WinRoute Pro 4.2; C:\Program Files\WinRoute Pro\winroute.exe [2002-02-04 507956]
R2 winvnc;VNC Server; C:\Program Files\TightVNC\WinVNC.exe [2007-05-07 589824]
R2 ZeppelinService;plasservice; C:\Program Files\Common Files\ParetoLogic\PLAS\plasservice.exe [2010-01-14 587216]
R2 ZipToA;ZipToA; C:\WINNT\system32\ZipToA.exe [2001-01-05 364544]
S2 IomegaAccess;IomegaAccess; C:\WINNT\system32\IomegaAccess.exe [2001-02-08 356352]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-03-01 1029456]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-09-05 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2004-06-09 87160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-04 136120]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2004-10-06 173392]
S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2004-06-11 201944]
S4 Iomega Activity Disk2;Iomega Activity Disk2; []

-----------------EOF-----------------

[JaRon]

nevidim tam ziadne infiltracie