VIRY.CZ

antivir - avast!, FW: Sunbelt Kerio Personal Firewall4 ... ani jedno teď nejde uvést zpátky do chodu...

odinstalovat combofix, ikonu combofixu premenuj na uninstall a spust.
1:restart do nudzoveho rezimu s pracou v sieti:
2:Znovu spustis oprava.cmd
3:Stiahnes na plochu http://download.bleepingcomputer.com/grinler/rkill.scr
spustis.
4:stiahnes combofix takto, pravy klik na odkaz>>ulozit odkaz ako.. napises stell.com a ulozis na plochu, spustis, ked bude pripravovat log ,,cakat na log.
http://www.bleepingcomputer.com/combofi ... t-combofix

Při načtení logu se mi objevila chybová hláška "Soubor nebo ardesář \WINDOWS\inf\rootau.PNF je poskozeny a je necitelny. Spustte pomucku Chkdsk" a pak jeste asi 20 podobnejch souborů. Nicméně log mi ty vyplivlo...

ComboFix 11-01-05.01 - Hana 05.01.2011 23:26:10.2.1 - FAT32x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.447.266 [GMT 1:00]
Spuštěný z: c:\documents and settings\Hana\Plocha\stell.com.exe
FW: Sunbelt Kerio Personal Firewall *Enabled* {E659E0EE-10E6-49B7-8696-60F38D0EB174}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Hana\Data aplikací\NetPumper
c:\documents and settings\Hana\Data aplikací\NetPumper\Hana.ini
c:\documents and settings\Hana\Dokumenty\cc_20110105_165511.reg
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\Cache\00034F27
c:\program files\myglobalsearch\bar\Cache\01559165.bin
c:\program files\myglobalsearch\bar\Cache\01559487.bin
c:\program files\myglobalsearch\bar\Cache\015596D5.bin
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\program files\MySearch
c:\program files\MySearch\bar\History\search2
c:\program files\MySearch\bar\Settings\prevcfg2.htm
c:\windows\regedit.com
c:\windows\system32\pfxzmtsmtspm.dll
c:\windows\system32\pfxzmtwbmail.dll
c:\windows\system32\sfxzmtsmtspm.dll
c:\windows\system32\taskmgr.com
c:\windows\system32\UNWISE.EXE

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-05 do 2011-01-05 )))))))))))))))))))))))))))))))
.

2011-01-05 20:27 . 2011-01-05 20:27 -------- d-----w- C:\ComboFix
2011-01-05 17:54 . 2011-01-05 17:54 -------- d-----w- c:\program files\Windows Resource Kits
2011-01-05 16:24 . 2011-01-05 16:24 -------- d-----w- c:\program files\trend micro
2011-01-05 16:23 . 2011-01-05 16:24 -------- d-----w- C:\rsit
2011-01-05 15:56 . 2007-07-14 11:48 253952 ----a-w- c:\program files\Uninstall My Search Bar.dll
2011-01-05 15:51 . 2011-01-05 15:51 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2004-10-01 14:00 . 2006-12-26 13:38 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"RaidTool"="c:\program files\VIA\RAID\raid_tool.exe" [2005-04-28 589824]
"VTTimer"="VTTimer.exe" [2005-03-09 53248]
"VTTrayp"="VTtrayp.exe" [2005-03-12 147456]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \0
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ Lite

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Search Uninstall]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerBar]
2004-04-21 09:26 86016 ------w- c:\program files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ------w- c:\program files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]
2004-03-26 13:40 794624 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-04-01 09:52 1368064 ----a-w- c:\program files\Analog Devices\SoundMAX\SMax4PNP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\WINDOWS\\System32\\dplaysvr.exe"=
"c:\\Documents and Settings\\Hana\\Plocha\\BULANCI.EXE"=
"c:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\Programy\\µtorrent\\utorrent.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"d:\programy\µtorrent\utorrent.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12.1.2008 9:19 639224]
R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [20.2.2007 13:34 302000]
S1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [20.2.2007 13:34 71088]
S3 NtApm;Ovladač rozhraní služby NT Apm/Legacy;c:\windows\system32\drivers\NtApm.sys [26.12.2005 14:51 9472]
S3 SUSCOM;Susteen Serial port driver;c:\windows\system32\drivers\SUSCOM.SYS [26.5.2006 18:34 40448]
S3 trid3d;trid3d;c:\windows\system32\drivers\trid3dm.sys [26.12.2005 14:50 222336]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\DRIVERS\wlanNDS.sys --> c:\windows\system32\DRIVERS\wlanNDS.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-05 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2009-04-01 21:18]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {C494B592-0B69-4976-A7CA-FE4C986E5946} = 213.226.240.126,194.213.224.1
TCP: {F81AE142-88F2-4CE5-9CE4-A960A824566A} = 213.226.240.126,194.213.224.1
FF - ProfilePath - c:\documents and settings\Hana\Data aplikací\Mozilla\Firefox\Profiles\j92wt4vp.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-pdfSaver3 - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-05 23:31
Windows 5.1.2600 Service Pack 2 FAT NTAPI

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...


c:\docume~1\Hana\LOCALS~1\Temp\WASBAC0.tmp\c:\docume~1\Hana\LOCALS~1\Temp\WASBAC0.tmp\ä}
c:\docume~1\Hana\LOCALS~1\Temp\WASBAC0.tmp\
c:\docume~1\Hana\LOCALS~1\Temp\WASBAC0.tmp\  jh4¬0.

sken byl úspešně dokončen
skryté soubory: 4

**************************************************************************
.
Celkový čas: 2011-01-05 23:32:41
ComboFix-quarantined-files.txt 2011-01-05 22:32

Před spuštěním: 1 542 324 224
Po spuštění: 1 503 666 176

- - End Of File - - 6ECFF1EEB914383E3C374C7F7F8FEE6A

1:do prikazoveho riadku napis chkdsk /f/r
enter>>suhlasis>>restart> a nechas aby chkdsk skontroloval hd

2:Vloz instalacne CD>>ak sa ti otvory instalacia>>zatvor>>do prikazoveho riadku napis sfc /scannow
[enter]
nechas prebehnut kontrolu.

3:Pri tejto akcii je nutné mať ComboFix na ploche.

Vypni>FIREWALL>Antivir>Antispyware>vsetko rezidentne.

Otvor Notepad (Poznámkový blok) a zkopíruj do neho celý zeleny tex: Potom klik na Subor -> Uložiť ako.. .. -> Ako je Názov souboru tak do toho riadku napiš:CFScript.txt
Typ súboru tak tam vyberies *všetky súbory
A ulož ho na plochu.> Pozor CFScript.txt>Neotvarat a nemoze byt ani>CFScript.txt.txt A Urobis Toto :


Po skonceni skenu vlož log čo ComboFix vytvorí

4: napis ze co je noveho.

Pomuze taky naformatovani C:\ a instalace novych windows???

ano, mozes ak chces, ale pri instalacii odstran aj particie, nakolko mas tam FAT32, systemove subory, treba dat NTFS

ok, radši to udělám tak. Díky za rady!

nemas zaco.

Tak reinstall hotov. Prosím o kontrolu logu.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Hana at 2011-01-06 16:25:42
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 7 GB (75%) free of 9 GB
Total RAM: 447 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:21, on 6.1.2011
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Documents and Settings\Hana\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Hana.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Toolbar - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\tbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 3747 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{91da5e8a-3318-4f8c-b67e-5964de3ab546}]
ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{91da5e8a-3318-4f8c-b67e-5964de3ab546} - ZoneAlarm Security Toolbar - C:\Program Files\ZoneAlarm_Security\tbZone.dll [2010-12-01 2735200]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2010-11-05 599544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-09 53248]
"VTTrayp"=C:\WINDOWS\system32\VTtrayp.exe [2005-03-12 147456]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-12-13 281768]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2010-11-16 1043968]
"ISW"=C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [2010-11-05 738808]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\ZoneLabs\vsmon.exe"="C:\WINDOWS\system32\ZoneLabs\vsmon.exe:*:Enabled:vsmon"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-01-06 16:25:44 ----D---- C:\Program Files\trend micro
2011-01-06 16:25:42 ----D---- C:\rsit
2011-01-06 16:21:06 ----SHD---- C:\RECYCLER
2011-01-06 16:20:29 ----D---- C:\Program Files\CCleaner
2011-01-06 16:18:43 ----A---- C:\WINDOWS\system32\h323log.txt
2011-01-06 16:17:17 ----D---- C:\Documents and Settings\Hana\Data aplikací\Mozilla
2011-01-06 16:16:54 ----D---- C:\Program Files\Mozilla Firefox
2011-01-06 16:06:29 ----D---- C:\Documents and Settings\Hana\Data aplikací\CheckPoint
2011-01-06 16:05:39 ----D---- C:\Program Files\ZoneAlarm_Security
2011-01-06 16:05:39 ----D---- C:\Program Files\Conduit
2011-01-06 16:05:01 ----D---- C:\Program Files\CheckPoint
2011-01-06 16:04:45 ----A---- C:\WINDOWS\system32\vsregexp.dll
2011-01-06 16:04:42 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2011-01-06 16:04:42 ----A---- C:\WINDOWS\system32\zlcomm.dll
2011-01-06 16:04:34 ----A---- C:\WINDOWS\system32\vswmi.dll
2011-01-06 16:04:33 ----A---- C:\WINDOWS\system32\zpeng25.dll
2011-01-06 16:04:33 ----A---- C:\WINDOWS\system32\vsxml.dll
2011-01-06 16:04:32 ----D---- C:\WINDOWS\system32\ZoneLabs
2011-01-06 16:04:32 ----A---- C:\WINDOWS\system32\vspubapi.dll
2011-01-06 16:04:32 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2011-01-06 16:04:30 ----A---- C:\WINDOWS\system32\vsdatant.sys
2011-01-06 16:03:19 ----A---- C:\WINDOWS\system32\vsutil.dll
2011-01-06 16:03:19 ----A---- C:\WINDOWS\system32\vsinit.dll
2011-01-06 16:03:19 ----A---- C:\WINDOWS\system32\vsdata.dll
2011-01-06 16:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB943232$
2011-01-06 16:00:52 ----D---- C:\Program Files\Zone Labs
2011-01-06 16:00:29 ----D---- C:\WINDOWS\Internet Logs
2011-01-06 15:56:32 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-01-06 15:56:15 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2011-01-06 15:55:56 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-01-06 15:55:30 ----A---- C:\WINDOWS\system32\drivers\ssmdrv.sys
2011-01-06 15:55:24 ----A---- C:\WINDOWS\system32\drivers\avipbb.sys
2011-01-06 15:55:24 ----A---- C:\WINDOWS\system32\drivers\avgntmgr.sys
2011-01-06 15:55:24 ----A---- C:\WINDOWS\system32\drivers\avgntflt.sys
2011-01-06 15:55:24 ----A---- C:\WINDOWS\system32\drivers\avgntdd.sys
2011-01-06 15:55:23 ----D---- C:\Program Files\Avira
2011-01-06 15:55:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2011-01-06 15:54:42 ----A---- C:\WINDOWS\system32\drivers\fetnd5.sys
2011-01-06 15:54:39 ----A---- C:\WINDOWS\system32\usbui.dll
2011-01-06 15:54:27 ----A---- C:\WINDOWS\system32\drivers\GAGP30KX.SYS
2011-01-06 15:52:42 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-06 15:52:41 ----SHD---- C:\WINDOWS\Installer
2011-01-06 15:52:40 ----D---- C:\Program Files\Common Files\ODBC
2011-01-06 15:52:40 ----A---- C:\WINDOWS\ODBCINST.INI
2011-01-06 15:52:36 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-01-06 15:52:35 ----RD---- C:\Program Files
2011-01-06 15:52:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-06 15:52:35 ----D---- C:\Program Files\Common Files
2011-01-06 15:52:31 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-01-06 15:52:31 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-01-06 15:52:31 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-01-06 15:52:29 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-01-06 15:52:28 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-01-06 15:52:28 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-01-06 15:52:27 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-01-06 15:52:27 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-01-06 15:52:27 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-01-06 15:52:26 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-01-06 15:52:26 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-01-06 15:52:26 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-01-06 15:52:26 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-01-06 15:52:25 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-01-06 15:52:25 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-01-06 15:52:25 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-01-06 15:52:25 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-01-06 15:52:25 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-01-06 15:52:21 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-01-06 15:52:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-01-06 15:52:19 ----A---- C:\WINDOWS\system32\irclass.dll
2011-01-06 15:52:19 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-01-06 15:52:19 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-01-06 15:52:19 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-01-06 15:52:17 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-01-06 15:52:17 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-01-06 15:52:17 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-01-06 15:52:17 ----A---- C:\WINDOWS\system32\batt.dll
2011-01-06 15:52:16 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-01-06 15:52:14 ----A---- C:\WINDOWS\system32\storprop.dll
2011-01-06 15:52:02 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-01-06 15:52:01 ----RA---- C:\WINDOWS\SET25.tmp
2011-01-06 15:51:56 ----RA---- C:\WINDOWS\SET8.tmp
2011-01-06 15:51:51 ----RA---- C:\WINDOWS\SET4.tmp
2011-01-06 15:51:48 ----RA---- C:\WINDOWS\SET3.tmp
2011-01-06 15:51:41 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-06 15:51:41 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-06 15:51:34 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-06 15:51:06 ----D---- C:\Documents and Settings
2011-01-06 15:51:05 ----SHD---- C:\System Volume Information
2011-01-06 15:49:23 ----SH---- C:\boot.ini
2011-01-06 15:47:17 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-01-06 15:47:14 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-01-06 15:47:11 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-01-06 15:47:00 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-01-06 15:46:58 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-01-06 15:46:55 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-01-06 15:46:53 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-01-06 15:46:50 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-01-06 15:46:47 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-01-06 15:46:45 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-01-06 15:46:41 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-01-06 15:46:33 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-01-06 15:46:33 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-01-06 15:46:33 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-01-06 15:45:20 ----HD---- C:\BJPrinter
2011-01-06 15:43:16 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-06 15:43:16 ----RSD---- C:\WINDOWS\Fonts
2011-01-06 15:43:16 ----RD---- C:\WINDOWS\Web
2011-01-06 15:43:16 ----HD---- C:\WINDOWS\inf
2011-01-06 15:43:16 ----D---- C:\WINDOWS\WinSxS
2011-01-06 15:43:16 ----D---- C:\WINDOWS\twain_32
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Temp
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\wins
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\wbem
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\usmt
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\spool
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\ShellExt
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\Setup
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\ras
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\oobe
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\npp
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\mui
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\IME
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\icsxml
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\ias
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\export
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\drivers
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\dhcp
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\config
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\3com_dmi
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\3076
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\2052
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1054
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1042
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1041
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1037
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1033
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1031
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1029
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1028
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32\1025
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system32
2011-01-06 15:43:16 ----D---- C:\WINDOWS\system
2011-01-06 15:43:16 ----D---- C:\WINDOWS\security
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Resources
2011-01-06 15:43:16 ----D---- C:\WINDOWS\repair
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Provisioning
2011-01-06 15:43:16 ----D---- C:\WINDOWS\pchealth
2011-01-06 15:43:16 ----D---- C:\WINDOWS\PeerNet
2011-01-06 15:43:16 ----D---- C:\WINDOWS\mui
2011-01-06 15:43:16 ----D---- C:\WINDOWS\msapps
2011-01-06 15:43:16 ----D---- C:\WINDOWS\msagent
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Media
2011-01-06 15:43:16 ----D---- C:\WINDOWS\java
2011-01-06 15:43:16 ----D---- C:\WINDOWS\ime
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Help
2011-01-06 15:43:16 ----D---- C:\WINDOWS\ehome
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Driver Cache
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Debug
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Cursors
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Connection Wizard
2011-01-06 15:43:16 ----D---- C:\WINDOWS\Config
2011-01-06 15:43:16 ----D---- C:\WINDOWS\AppPatch
2011-01-06 15:43:16 ----D---- C:\WINDOWS\addins
2011-01-06 15:43:16 ----D---- C:\WINDOWS
2011-01-06 15:43:16 ----ASH---- C:\pagefile.sys
2011-01-06 15:42:33 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-01-06 15:41:57 ----D---- C:\Documents and Settings\Hana\Data aplikací\Identities
2011-01-06 15:41:56 ----HD---- C:\Program Files\Uninstall Information
2011-01-06 15:41:47 ----ASH---- C:\Documents and Settings\Hana\Data aplikací\desktop.ini
2011-01-06 15:41:46 ----SD---- C:\Documents and Settings\Hana\Data aplikací\Microsoft
2011-01-06 15:41:19 ----A---- C:\WINDOWS\system32\wpa.bak
2011-01-06 15:39:19 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-06 15:39:08 ----D---- C:\WINDOWS\Prefetch
2011-01-06 15:39:07 ----SD---- C:\WINDOWS\system32\Microsoft
2011-01-06 15:39:07 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-01-06 15:33:16 ----D---- C:\WINDOWS\system32\xircom
2011-01-06 15:33:16 ----D---- C:\Program Files\xerox
2011-01-06 15:33:16 ----D---- C:\Program Files\microsoft frontpage
2011-01-06 15:32:45 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-01-06 15:32:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-06 15:32:20 ----RASH---- C:\MSDOS.SYS
2011-01-06 15:32:20 ----RASH---- C:\IO.SYS
2011-01-06 15:32:20 ----A---- C:\WINDOWS\control.ini
2011-01-06 15:32:20 ----A---- C:\CONFIG.SYS
2011-01-06 15:32:20 ----A---- C:\AUTOEXEC.BAT
2011-01-06 15:31:45 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-01-06 15:29:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-06 15:29:42 ----RD---- C:\WINDOWS\Offline Web Pages
2011-01-06 15:29:42 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-01-06 15:29:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-01-06 15:29:24 ----HD---- C:\Program Files\WindowsUpdate
2011-01-06 15:29:15 ----D---- C:\Program Files\Online Services
2011-01-06 15:28:51 ----D---- C:\WINDOWS\system32\DirectX
2011-01-06 15:28:30 ----A---- C:\WINDOWS\system32\atrace.dll
2011-01-06 15:28:28 ----A---- C:\WINDOWS\system32\desktop.ini
2011-01-06 15:28:28 ----A---- C:\WINDOWS\desktop.ini
2011-01-06 15:28:22 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-01-06 15:28:21 ----A---- C:\WINDOWS\system32\acctres.dll
2011-01-06 15:28:20 ----D---- C:\Program Files\Common Files\Services
2011-01-06 15:28:17 ----SD---- C:\WINDOWS\Tasks
2011-01-06 15:28:17 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-01-06 15:28:16 ----D---- C:\Program Files\Common Files\MSSoap
2011-01-06 15:28:12 ----D---- C:\WINDOWS\srchasst
2011-01-06 15:28:11 ----D---- C:\WINDOWS\system32\Macromed
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wups.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-01-06 15:28:08 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-01-06 15:28:07 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-01-06 15:28:07 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-01-06 15:28:07 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-01-06 15:28:07 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-01-06 15:28:07 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-01-06 15:28:03 ----D---- C:\Program Files\Movie Maker
2011-01-06 15:27:59 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-01-06 15:27:59 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-01-06 15:27:59 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-01-06 15:27:59 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-01-06 15:27:55 ----D---- C:\WINDOWS\system32\Restore
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\srclient.dll
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-01-06 15:27:55 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\msconf.dll
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-01-06 15:27:54 ----A---- C:\WINDOWS\system32\ils.dll
2011-01-06 15:27:51 ----D---- C:\Program Files\NetMeeting
2011-01-06 15:27:51 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-01-06 15:27:51 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-01-06 15:27:50 ----A---- C:\WINDOWS\system32\inetres.dll
2011-01-06 15:27:50 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-01-06 15:27:48 ----D---- C:\Program Files\Outlook Express
2011-01-06 15:27:48 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-01-06 15:27:48 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-01-06 15:27:48 ----A---- C:\WINDOWS\system32\mstask.dll
2011-01-06 15:27:47 ----A---- C:\WINDOWS\system32\isign32.dll
2011-01-06 15:27:47 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-01-06 15:27:47 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-01-06 15:27:47 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-01-06 15:27:41 ----D---- C:\Program Files\Common Files\System
2011-01-06 15:27:39 ----D---- C:\Program Files\Internet Explorer
2011-01-06 15:26:42 ----D---- C:\Program Files\ComPlus Applications
2011-01-06 15:26:37 ----A---- C:\WINDOWS\vbaddin.ini
2011-01-06 15:26:37 ----A---- C:\WINDOWS\vb.ini
2011-01-06 15:26:28 ----D---- C:\WINDOWS\Registration
2011-01-06 15:26:13 ----D---- C:\Program Files\Windows Media Player
2011-01-06 15:26:03 ----D---- C:\Program Files\Messenger
2011-01-06 15:25:59 ----D---- C:\Program Files\MSN Gaming Zone
2011-01-06 15:25:59 ----A---- C:\WINDOWS\system32\write.exe
2011-01-06 15:25:48 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-01-06 15:25:48 ----A---- C:\WINDOWS\system32\hticons.dll
2011-01-06 15:25:48 ----A---- C:\WINDOWS\system32\avwav.dll
2011-01-06 15:25:47 ----A---- C:\WINDOWS\system32\winchat.exe
2011-01-06 15:25:47 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-01-06 15:25:47 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-01-06 15:25:39 ----A---- C:\WINDOWS\system32\charmap.exe
2011-01-06 15:25:39 ----A---- C:\WINDOWS\system32\getuname.dll
2011-01-06 15:25:39 ----A---- C:\WINDOWS\system32\calc.exe
2011-01-06 15:25:38 ----A---- C:\WINDOWS\system32\winmine.exe
2011-01-06 15:25:38 ----A---- C:\WINDOWS\system32\sol.exe
2011-01-06 15:25:38 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\tskill.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\tscon.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\reset.exe
2011-01-06 15:25:37 ----A---- C:\WINDOWS\system32\freecell.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\shadow.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\regini.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\msg.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\logoff.exe
2011-01-06 15:25:36 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-01-06 15:25:35 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-01-06 15:25:35 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-01-06 15:25:35 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-01-06 15:25:34 ----A---- C:\WINDOWS\system32\stclient.dll
2011-01-06 15:25:34 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-01-06 15:25:34 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-01-06 15:25:34 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-01-06 15:25:34 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-01-06 15:25:27 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-01-06 15:25:26 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-01-06 15:25:25 ----D---- C:\Program Files\Windows NT
2011-01-06 15:25:25 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-01-06 15:25:25 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-01-06 15:25:25 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\spider.exe
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-01-06 15:25:24 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-01-06 15:25:23 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-01-06 15:25:22 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-01-06 15:25:21 ----D---- C:\WINDOWS\system32\MsDtc
2011-01-06 15:25:21 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-01-06 15:25:21 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-01-06 15:25:21 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-01-06 15:25:21 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-01-06 15:25:21 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-01-06 15:25:20 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-01-06 15:25:20 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-01-06 15:25:20 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-01-06 15:25:19 ----D---- C:\WINDOWS\system32\Com
2011-01-06 15:25:19 ----A---- C:\WINDOWS\system32\colbact.dll
2011-01-06 15:25:19 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-01-06 15:25:19 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-01-06 15:25:19 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-01-06 15:25:19 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-01-06 15:25:18 ----A---- C:\WINDOWS\system32\comuid.dll
2011-01-06 15:25:18 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-01-06 15:25:17 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-01-06 15:25:10 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-01-06 15:25:10 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-01-06 15:25:10 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-01-06 15:25:10 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-01-06 15:25:06 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-01-06 15:25:06 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 months======

2011-01-06 15:52:33 ----A---- C:\WINDOWS\system.ini
2011-01-06 15:32:20 ----A---- C:\WINDOWS\win.ini
2011-01-06 15:31:22 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2004-08-04 46464]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2005-04-28 60928]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-12-13 135096]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2010-05-13 532224]
R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-12-13 61960]
R2 ISWKL;ZoneAlarm Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys []
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2004-04-08 116176]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-04-27 381056]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2004-06-07 266880]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2006-03-02 20480]
R3 viagfx;viagfx; C:\WINDOWS\system32\DRIVERS\vtmini.sys [2005-05-19 227200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-12-13 267944]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-12-13 135336]
R2 IswSvc;ZoneAlarm Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2010-11-05 488952]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2010-11-16 2435592]

-----------------EOF-----------------

Log je ok

tak konečně:) Ještě jednou díky moc!!:)

nemas zaco.