Trojan jak vyšitý :/

Zpráva

goffy1985 · #31 Příspěvek od **goffy1985** » 20 říj 2011 12:38

CF:

ComboFix 11-10-20.03 - Zdenek 20.10.2011 13:28:05.3.4 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1551 [GMT 2:00]
Spuštěný z: c:\documents and settings\Zdenek\Plocha\Beruska.com
Použité ovládací přepínače :: c:\docume~1\Zdenek\Plocha\CFScript.txt
AV: Emsisoft Anti-Malware *Enabled/Outdated* {0F8591BB-342B-4493-91C3-4E948ED21255}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\$AVG
c:\$avg\$VAULT\V_00000001.fil
c:\$avg\$VAULT\V_00000002.fil
c:\$avg\$VAULT\V_00000003.fil
c:\$avg\$VAULT\V_00000004.fil
c:\$avg\$VAULT\V_00000005.fil
c:\$avg\$VAULT\V_00000006.fil
c:\$avg\$VAULT\V_00000007.fil
c:\$avg\$VAULT\V_00000008.fil
c:\$avg\$VAULT\V_00000009.fil
c:\$avg\$VAULT\V_00000010.fil
c:\$avg\$VAULT\V_00000011.fil
c:\$avg\$VAULT\V_00000012.fil
c:\$avg\$VAULT\vvfolder.idx
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_A2ACC
-------\Legacy_A2ANTIMALWARE
-------\Legacy_A2INJECTIONDRIVER
-------\Legacy_A2UTIL
-------\Legacy_MPKSL345F8C49
-------\Legacy_MPKSL44739E07
-------\Legacy_MPKSL4C77A88B
-------\Legacy_MPKSLA17ECE7F
-------\Legacy_MPKSLD194E339
-------\Service_a2acc
-------\Service_a2AntiMalware
-------\Service_a2injectiondriver
-------\Service_a2util
-------\Service_MpKsl345f8c49
-------\Service_MpKsl44739e07
-------\Service_MpKsl4c77a88b
-------\Service_MpKsla17ece7f
-------\Service_MpKsld194e339
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-20 do 2011-10-20 )))))))))))))))))))))))))))))))
.
.
2011-10-20 07:54 . 2011-10-20 08:21 -------- d-----w- C:\Beruska
2011-10-19 18:35 . 2011-10-19 18:37 -------- d-----w- C:\rsit
2011-10-17 10:16 . 2011-10-17 10:16 -------- d-----w- C:\Ubisoft Game Launcher
2011-10-16 19:36 . 2011-10-16 19:36 -------- d-----w- C:\ProgramData
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-29 07:07 . 2011-10-16 17:28 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-08-08 . 1E603EA2A3FDBAE9E5B88A8CB3C03124 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((( SnapShot@2011-10-20_08.37.57 )))))))))))))))))))))))))))))))))))))))))
.
- 2001-10-25 12:00 . 2011-10-20 08:39 75286 c:\windows\system32\perfc009.dat
+ 2001-10-25 12:00 . 2011-10-20 11:22 75286 c:\windows\system32\perfc009.dat
- 2001-10-25 12:00 . 2011-10-20 08:39 88936 c:\windows\system32\perfc005.dat
+ 2001-10-25 12:00 . 2011-10-20 11:22 88936 c:\windows\system32\perfc005.dat
- 2011-10-20 07:31 . 2011-10-20 08:37 12984 c:\windows\system32\drivers\SWDUMon.sys
+ 2011-10-20 11:18 . 2011-10-20 11:35 12984 c:\windows\system32\drivers\SWDUMon.sys
+ 2011-10-20 11:20 . 2011-08-31 15:00 22216 c:\windows\system32\drivers\mbam.sys
+ 2011-10-20 11:35 . 2011-10-20 10:18 12984 c:\windows\LastGood\system32\DRIVERS\SWDUMon.sys
+ 2001-10-25 12:00 . 2011-10-20 11:22 455208 c:\windows\system32\perfh009.dat
- 2001-10-25 12:00 . 2011-10-20 08:39 455208 c:\windows\system32\perfh009.dat
+ 2001-10-25 12:00 . 2011-10-20 11:22 452174 c:\windows\system32\perfh005.dat
- 2001-10-25 12:00 . 2011-10-20 08:39 452174 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlimDrivers"="c:\program files\SlimDrivers\SlimDrivers.exe" [2011-09-07 27473760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2000-01-01 20064872]
"Six Engine"="c:\program files\ASUS\EPU-4 Engine\FourEngine.exe" [2008-06-25 5625344]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2000-01-01 13892200]
"NvMediaCenter"="NvMCTray.dll" [2000-01-01 111208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mouseElf]
2006-03-13 07:28 471157 ----a-w- c:\progra~1\SLIMST~1\MouseElf.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
2011-09-07 09:32 27473760 ----a-w- c:\program files\SlimDrivers\SlimDrivers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2011-10-17 09:16 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ7.6\\ICQ.exe"=
"d:\\Games\\ACB\\ACBSP.exe"=
"d:\\Games\\ACB\\ACBMP.exe"=
"d:\\Games\\ACB\\AssassinsCreedBrotherhood.exe"=
"d:\\Games\\ACB\\UPlayBrowser.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Mozilla Firefox\\plugin-container.exe"=
"c:\\Program Files\\SlimDrivers\\SlimDrivers.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"c:\\Program Files\\Common Files\\Microsoft Shared\\DW\\DW20.EXE"=
"c:\\WINDOWS\\system32\\mshta.exe"=
"c:\\Program Files\\Microsoft Security Client\\msseces.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\Mozilla Firefox\\crashreporter.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
.
R0 mrdd;Marvell Removable Disk Control Driver;c:\windows\system32\drivers\mrdd.sys [16.10.2011 19:33 18984]
R1 MpKslf7cc2d85;MpKslf7cc2d85;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74482BE9-9B7E-419C-80F8-F643D37CDC3D}\MpKslf7cc2d85.sys [20.10.2011 13:35 28752]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [16.10.2011 19:35 2255464]
R3 genmcmnUSB;USB Scroll Mouse Driver;c:\windows\system32\drivers\gflmouhid.sys [16.10.2011 20:04 7808]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [19.10.2011 10:47 442200]
S1 MpKsl2ed2cca2;MpKsl2ed2cca2;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74482BE9-9B7E-419C-80F8-F643D37CDC3D}\MpKsl2ed2cca2.sys [20.10.2011 13:18 28752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [16.10.2011 20:21 1691480]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [20.10.2011 13:18 12984]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSLF7CC2D85
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 13:39]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 217.170.96.24 217.170.96.2
FF - ProfilePath - c:\documents and settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\pm92zr9l.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-20 13:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\WPAEvents]
@Denied: (Full) (LocalSystem)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1780)
c:\windows\system32\IEFRAME.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\system32\nvsvc32.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RunDLL32.exe
.
**************************************************************************
.
Celkový čas: 2011-10-20 13:37:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-20 11:37
ComboFix2.txt 2011-10-20 10:21
ComboFix3.txt 2011-10-20 08:40
.
Před spuštěním: Volných bajtů: 227 622 141 952
Po spuštění: Volných bajtů: 227 598 700 544
.
- - End Of File - - C515227676CEF4A3EAE3FF01BA7A1319

goffy1985 · #32 Příspěvek od **goffy1985** » 20 říj 2011 12:39

MBAM:

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

20.10.2011 13:22:29
mbam-log-2011-10-20 (13-22-29).txt

Typ: Rychlá kontrola
Kontrolované objekty: 176899
Uplynulý čas: 1 minut, 44 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

#33 Příspěvek od **vyosek** » 20 říj 2011 12:40

Fajn, poprosim jeste o novy log z RSIT

goffy1985 · #34 Příspěvek od **goffy1985** » 20 říj 2011 12:44

mimochodem, jak se CF restartoval, tak mi to opět vyhodilo bsod, tentokrát s "driver_irql_not_less_or_equal"...

RAM: dual channel asi ano...mám 2x2GB, tyhle mrchy...http://www.czechcomputer.cz/product.jsp?artno=49801

kdyby to nestačilo, deska asus P5Q SE...

goffy1985 · #35 Příspěvek od **goffy1985** » 20 říj 2011 12:44

RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Zdenek at 2011-10-20 13:44:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 217 GB (86%) free of 252 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:44:15, on 20.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\SlimDrivers\SlimDrivers.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Zdenek\Plocha\RSIT.exe
C:\Program Files\trend micro\Zdenek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Six Engine] "C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe" -r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [SlimDrivers] "C:\Program Files\SlimDrivers\SlimDrivers.exe" -boot
O4 - HKUS\S-1-5-21-1078081533-448539723-682003330-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1078081533-448539723-682003330-1004\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

--
End of file - 5047 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\MP Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\pm92zr9l.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npLegitCheckPlugin.dll
NPOFFICE.DLL
nppdf32.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\pm92zr9l.default\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07}

C:\Documents and Settings\Zdenek\Data aplikací\Mozilla\Firefox\Profiles\pm92zr9l.default\searchplugins\
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2011-09-06 806456]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2000-01-01 20064872]
"Six Engine"=C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe [2008-06-25 5625344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2000-01-01 13892200]
"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SlimDrivers"=C:\Program Files\SlimDrivers\SlimDrivers.exe [2011-09-07 27473760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mouseElf]
C:\PROGRA~1\SLIMST~1\MouseElf.EXE [2006-03-13 471157]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
C:\Program Files\SlimDrivers\SlimDrivers.exe [2011-09-07 27473760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2011-10-17 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll [2008-08-08 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"
"D:\Games\ACB\ACBSP.exe"="D:\Games\ACB\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"D:\Games\ACB\ACBMP.exe"="D:\Games\ACB\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"D:\Games\ACB\AssassinsCreedBrotherhood.exe"="D:\Games\ACB\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"D:\Games\ACB\UPlayBrowser.exe"="D:\Games\ACB\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Mozilla Firefox\plugin-container.exe"="C:\Program Files\Mozilla Firefox\plugin-container.exe:*:Disabled:Plugin Container for Firefox"
"C:\Program Files\SlimDrivers\SlimDrivers.exe"="C:\Program Files\SlimDrivers\SlimDrivers.exe:*:Enabled:SlimDrivers"
"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE"="C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE:*:Enabled:Microsoft Application Error Reporting"
"C:\WINDOWS\system32\mshta.exe"="C:\WINDOWS\system32\mshta.exe:*:Enabled:Microsoft (R) HTML Application host"
"C:\Program Files\Microsoft Security Client\msseces.exe"="C:\Program Files\Microsoft Security Client\msseces.exe:*:Enabled:Microsoft Security Client User Interface"
"C:\Program Files\Windows Media Player\wmplayer.exe"="C:\Program Files\Windows Media Player\wmplayer.exe:*:Enabled:Windows Media Player"
"C:\Program Files\Mozilla Firefox\crashreporter.exe"="C:\Program Files\Mozilla Firefox\crashreporter.exe:*:Enabled:crashreporter"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:UbisoftGameLauncher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.6\ICQ.exe"="C:\Program Files\ICQ7.6\ICQ.exe:*:Enabled:ICQ7.6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-20 13:37:45 ----D---- C:\WINDOWS\temp
2011-10-20 13:37:44 ----A---- C:\ComboFix.txt
2011-10-20 13:20:29 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Malwarebytes
2011-10-20 13:20:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2011-10-20 13:20:20 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2011-10-20 13:18:40 ----D---- C:\WINDOWS\LastGood
2011-10-20 13:18:40 ----A---- C:\WINDOWS\system32\drivers\SWDUMon.sys
2011-10-20 10:23:07 ----A---- C:\Boot.bak
2011-10-20 10:23:00 ----RASHD---- C:\cmdcons
2011-10-20 10:22:11 ----A---- C:\WINDOWS\zip.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\SWXCACLS.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\SWSC.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\SWREG.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\sed.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\PEV.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\NIRCMD.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\MBR.exe
2011-10-20 10:22:11 ----A---- C:\WINDOWS\grep.exe
2011-10-20 10:13:49 ----A---- C:\WINDOWS\system32\drivers\zcvknwfk.sys
2011-10-20 10:01:18 ----A---- C:\WINDOWS\system32\drivers\qzgqrerp.sys
2011-10-20 10:01:17 ----A---- C:\WINDOWS\system32\drivers\qjcwfjpy.sys
2011-10-20 09:54:41 ----D---- C:\WINDOWS\ERDNT
2011-10-20 09:54:41 ----D---- C:\Beruska
2011-10-20 09:49:03 ----D---- C:\Qoobox
2011-10-20 09:35:43 ----A---- C:\WINDOWS\system32\drivers\vqkotpis.sys
2011-10-20 09:35:42 ----A---- C:\WINDOWS\system32\drivers\bptegptx.sys
2011-10-20 09:22:24 ----D---- C:\WINDOWS\CSC
2011-10-20 08:34:04 ----D---- C:\Program Files\CCleaner
2011-10-19 20:35:17 ----D---- C:\rsit
2011-10-19 20:35:17 ----D---- C:\Program Files\trend micro
2011-10-19 17:43:15 ----A---- C:\WINDOWS\system32\drivers\rejnbkuy.sys
2011-10-19 17:42:00 ----A---- C:\WINDOWS\system32\drivers\xrqumnth.sys
2011-10-19 17:33:49 ----A---- C:\WINDOWS\system32\drivers\amjegydu.sys
2011-10-19 17:18:48 ----A---- C:\WINDOWS\system32\drivers\fxjrcwfu.sys
2011-10-19 16:54:02 ----A---- C:\WINDOWS\system32\drivers\qejgfkzm.sys
2011-10-19 16:53:32 ----A---- C:\WINDOWS\system32\drivers\wuxikxii.sys
2011-10-19 16:52:25 ----A---- C:\WINDOWS\system32\drivers\uzmhrpiw.sys
2011-10-19 16:52:25 ----A---- C:\WINDOWS\system32\drivers\odwhnpqd.sys
2011-10-19 16:52:06 ----A---- C:\WINDOWS\system32\drivers\kkorgjef.sys
2011-10-19 16:52:06 ----A---- C:\WINDOWS\system32\drivers\cokvuwxt.sys
2011-10-19 16:51:38 ----A---- C:\WINDOWS\system32\drivers\zhxpycpn.sys
2011-10-19 16:51:38 ----A---- C:\WINDOWS\system32\drivers\dfzaeuyp.sys
2011-10-19 16:50:25 ----A---- C:\WINDOWS\system32\drivers\mqdwjhzs.sys
2011-10-19 16:45:22 ----A---- C:\WINDOWS\system32\drivers\inmaaop.sys
2011-10-19 16:45:22 ----A---- C:\Program Files\rbvip.txt
2011-10-19 16:44:48 ----A---- C:\WINDOWS\system32\drivers\zcvagcne.sys
2011-10-19 16:21:42 ----A---- C:\WINDOWS\system32\drivers\daihpzed.sys
2011-10-19 16:16:04 ----A---- C:\WINDOWS\system32\drivers\airiujxz.sys
2011-10-19 15:54:09 ----A---- C:\WINDOWS\system32\drivers\vyaomuei.sys
2011-10-19 15:42:26 ----A---- C:\WINDOWS\system32\drivers\fhidgrgj.sys
2011-10-19 15:21:38 ----A---- C:\WINDOWS\system32\drivers\sppkfqnm.sys
2011-10-19 15:20:28 ----A---- C:\WINDOWS\system32\drivers\ednffflf.sys
2011-10-19 15:06:11 ----A---- C:\WINDOWS\system32\drivers\iedjlneg.sys
2011-10-19 15:02:44 ----A---- C:\WINDOWS\system32\drivers\l1e51x86.sys
2011-10-19 14:51:06 ----A---- C:\WINDOWS\system32\drivers\oornrqfp.sys
2011-10-19 14:48:53 ----A---- C:\WINDOWS\system32\drivers\ihirktvu.sys
2011-10-19 14:48:08 ----A---- C:\WINDOWS\system32\drivers\okvusrjs.sys
2011-10-19 14:02:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-10-19 13:12:26 ----D---- C:\Program Files\Microsoft Security Client
2011-10-19 13:11:45 ----HD---- C:\WINDOWS\system32\GroupPolicy
2011-10-19 13:04:50 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-10-19 12:02:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-10-19 10:47:58 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-10-19 10:47:46 ----A---- C:\WINDOWS\avastSS.scr
2011-10-19 10:46:23 ----D---- C:\WINDOWS\system32\appmgmt
2011-10-19 10:05:05 ----D---- C:\Program Files\AVAST Software
2011-10-19 09:14:06 ----D---- C:\Avenger
2011-10-19 08:40:39 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2011-10-19 08:40:39 ----A---- C:\WINDOWS\system32\nvcolor.exe
2011-10-19 08:40:38 ----A---- C:\WINDOWS\system32\nvwddi.dll
2011-10-19 08:40:38 ----A---- C:\WINDOWS\system32\nvmctray.dll
2011-10-19 08:40:38 ----A---- C:\WINDOWS\system32\nvcpl.dll
2011-10-19 08:40:38 ----A---- C:\WINDOWS\system32\easyupdatusapiu.dll
2011-10-18 21:08:35 ----A---- C:\WINDOWS\Ascd_log.ini
2011-10-18 21:06:51 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-10-18 21:06:50 ----A---- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2011-10-18 20:50:52 ----HD---- C:\Documents and Settings\All Users\Data aplikací\Common Files
2011-10-18 20:27:51 ----D---- C:\WINDOWS\SxsCaPendDel
2011-10-18 20:04:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\MFAData
2011-10-18 18:33:36 ----D---- C:\WINDOWS\AC54E5443E42443CA91DA00A6974C592.TMP
2011-10-18 18:33:10 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-10-18 18:22:18 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-10-18 14:28:42 ----A---- C:\WINDOWS\system32\drivers\MSTEE.sys
2011-10-18 14:28:31 ----A---- C:\WINDOWS\system32\drivers\NdisIP.sys
2011-10-18 14:28:22 ----A---- C:\WINDOWS\system32\drivers\StreamIP.sys
2011-10-18 14:28:12 ----A---- C:\WINDOWS\system32\drivers\SLIP.sys
2011-10-18 14:28:02 ----A---- C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2011-10-18 14:27:52 ----A---- C:\WINDOWS\system32\drivers\NABTSFEC.sys
2011-10-18 14:27:43 ----A---- C:\WINDOWS\system32\drivers\CCDECODE.sys
2011-10-18 14:27:19 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2011-10-18 14:27:05 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2011-10-18 14:27:05 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2011-10-18 14:26:53 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2011-10-18 13:11:37 ----D---- C:\Program Files\Common Files\Java
2011-10-18 13:11:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2011-10-18 13:11:30 ----A---- C:\WINDOWS\system32\javaws.exe
2011-10-18 13:11:30 ----A---- C:\WINDOWS\system32\javaw.exe
2011-10-18 13:11:30 ----A---- C:\WINDOWS\system32\java.exe
2011-10-18 13:11:30 ----A---- C:\WINDOWS\system32\deployJava1.dll
2011-10-18 13:11:23 ----D---- C:\Program Files\Java
2011-10-18 13:11:07 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Sun
2011-10-18 13:09:13 ----D---- C:\Program Files\Intelore
2011-10-17 19:27:45 ----D---- C:\Program Files\Common Files\DirectX
2011-10-17 19:27:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Airline Tycoon 2
2011-10-17 19:27:35 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Kalypso Media
2011-10-17 15:38:31 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-10-17 15:38:31 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-10-17 15:38:31 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-10-17 15:38:30 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-10-17 15:38:29 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-10-17 15:38:29 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-10-17 15:38:28 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-10-17 15:38:28 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-10-17 15:38:28 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-10-17 15:38:27 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-10-17 15:38:27 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-10-17 15:38:26 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-10-17 15:38:26 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-10-17 12:49:49 ----D---- C:\Program Files\Kalypso Media
2011-10-17 12:16:15 ----D---- C:\Ubisoft Game Launcher
2011-10-17 11:34:44 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Ubisoft
2011-10-17 11:34:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2011-10-17 11:30:05 ----A---- C:\WINDOWS\ODBC.INI
2011-10-17 11:30:03 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-10-17 11:29:26 ----D---- C:\Program Files\Common Files\DESIGNER
2011-10-17 11:29:21 ----D---- C:\WINDOWS\SHELLNEW
2011-10-17 11:29:05 ----D---- C:\Program Files\Microsoft Office
2011-10-17 11:24:10 ----D---- C:\WINDOWS\system32\LogFiles
2011-10-17 11:23:38 ----D---- C:\Program Files\Ubisoft
2011-10-17 11:23:24 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-10-17 11:23:23 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-10-17 11:23:22 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-10-17 11:23:22 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-10-17 11:23:21 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-10-17 11:23:20 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-10-17 11:23:20 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-10-17 11:23:19 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2011-10-17 11:23:12 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-10-17 11:23:12 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-10-17 11:23:11 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-10-17 11:23:11 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-10-17 11:23:11 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-10-17 11:23:10 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-10-17 11:23:09 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-10-17 11:23:09 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-10-17 11:23:08 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-10-17 11:23:08 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-10-17 11:23:07 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-10-17 11:23:07 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-10-17 11:23:06 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-10-17 11:23:06 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-10-17 11:23:05 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-10-17 11:23:04 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-10-17 11:23:04 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-10-17 11:23:04 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-10-17 11:23:03 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-10-17 11:23:03 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-10-17 11:23:01 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-10-17 11:23:01 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-10-17 11:23:00 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-10-17 11:22:59 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-10-17 11:22:58 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-10-17 11:22:58 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-10-17 11:22:58 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-10-17 11:22:57 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-10-17 11:22:57 ----A---- C:\WINDOWS\system32\x3daudio1_2.dll
2011-10-17 11:22:56 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-10-17 11:22:56 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-10-17 11:22:56 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-10-17 11:22:55 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-10-17 11:22:54 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-10-17 11:22:54 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-10-17 11:22:54 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-10-17 11:22:52 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-10-17 11:22:49 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2011-10-17 11:22:48 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-10-17 11:22:48 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-10-17 11:22:48 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-10-17 11:22:48 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-10-17 11:22:48 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-10-17 11:22:45 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-10-17 11:22:44 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-10-17 11:22:44 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-10-17 11:22:44 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-10-17 11:22:44 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-10-17 11:16:28 ----D---- C:\Program Files\Common Files\Steam
2011-10-17 11:16:27 ----D---- C:\Program Files\Steam
2011-10-17 08:48:57 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\NVIDIA
2011-10-17 08:03:47 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-10-17 08:03:47 ----D---- C:\WINDOWS\system32\PreInstall
2011-10-17 08:03:47 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-10-17 08:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-10-17 08:03:46 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-17 08:02:46 ----D---- C:\Program Files\Windows Sidebar
2011-10-17 08:02:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2011-10-17 07:52:05 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2011-10-17 07:52:03 ----A---- C:\WINDOWS\system32\hccoin.dll
2011-10-17 07:51:49 ----A---- C:\WINDOWS\system32\usbui.dll
2011-10-17 07:51:49 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2011-10-17 07:51:49 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2011-10-17 07:51:49 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2011-10-17 07:51:47 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2011-10-17 07:51:37 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys
2011-10-17 07:51:37 ----A---- C:\WINDOWS\system32\drivers\atapi.sys
2011-10-17 07:51:36 ----A---- C:\WINDOWS\system32\drivers\pciide.sys
2011-10-17 07:51:34 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2011-10-17 07:41:15 ----D---- C:\Config.Msi
2011-10-17 07:39:18 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-10-17 07:39:17 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-10-17 07:39:17 ----A---- C:\WINDOWS\system32\wups.dll
2011-10-17 07:39:17 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-10-17 07:39:16 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-10-17 07:39:16 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-10-17 07:39:16 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-10-17 07:39:16 ----A---- C:\WINDOWS\system32\cdm.dll
2011-10-17 07:38:47 ----D---- C:\Program Files\WhoCrashed
2011-10-16 21:54:18 ----D---- C:\WINDOWS\system32\NtmsData
2011-10-16 21:50:59 ----D---- C:\Program Files\Common Files\Adobe
2011-10-16 21:50:59 ----D---- C:\Program Files\Adobe
2011-10-16 21:50:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-10-16 21:48:07 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-10-16 21:48:07 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-10-16 21:48:02 ----A---- C:\WINDOWS\system32\drivers\PciBus.sys
2011-10-16 21:48:02 ----A---- C:\WINDOWS\system32\drivers\Entech64.sys
2011-10-16 21:48:01 ----D---- C:\WINDOWS\system32\Futuremark
2011-10-16 21:48:01 ----A---- C:\WINDOWS\system32\drivers\Entech.sys
2011-10-16 21:46:38 ----D---- C:\Program Files\Futuremark
2011-10-16 21:42:12 ----D---- C:\Program Files\Your Company Name
2011-10-16 21:42:12 ----A---- C:\WINDOWS\system32\drivers\REGISTER.SYS
2011-10-16 21:42:06 ----A---- C:\WINDOWS\IsUninst.exe
2011-10-16 21:38:28 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Origin
2011-10-16 21:38:17 ----D---- C:\Program Files\Origin Games
2011-10-16 21:38:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2011-10-16 21:37:06 ----D---- C:\Program Files\Origin
2011-10-16 21:36:29 ----D---- C:\ProgramData
2011-10-16 21:36:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2011-10-16 21:36:24 ----D---- C:\WINDOWS\Minidump
2011-10-16 21:09:28 ----D---- C:\Program Files\Electronic Arts
2011-10-16 21:03:03 ----A---- C:\WINDOWS\system32\drivers\AsIO.sys
2011-10-16 21:03:03 ----A---- C:\WINDOWS\system32\AsIO.dll
2011-10-16 21:03:01 ----D---- C:\Program Files\ASUS
2011-10-16 21:03:01 ----A---- C:\WINDOWS\system32\drivers\AsInsHelp64.sys
2011-10-16 21:03:01 ----A---- C:\WINDOWS\system32\drivers\AsInsHelp32.sys
2011-10-16 20:33:37 ----A---- C:\WINDOWS\system32\h323log.txt
2011-10-16 20:33:05 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-10-16 20:33:04 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-10-16 20:33:02 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-10-16 20:33:00 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-10-16 20:32:59 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-10-16 20:32:57 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-10-16 20:32:56 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-10-16 20:32:54 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-10-16 20:32:53 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-10-16 20:32:51 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-10-16 20:32:50 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-10-16 20:32:46 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-10-16 20:32:20 ----D---- C:\WINDOWS\system32\RTCOM
2011-10-16 20:32:19 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-10-16 20:32:19 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-10-16 20:32:19 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-10-16 20:31:40 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-10-16 20:27:56 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-16 20:27:55 ----SHD---- C:\WINDOWS\Installer
2011-10-16 20:27:55 ----D---- C:\Program Files\Common Files\ODBC
2011-10-16 20:27:55 ----A---- C:\WINDOWS\ODBCINST.INI
2011-10-16 20:27:52 ----RD---- C:\Program Files
2011-10-16 20:27:52 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-10-16 20:27:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-10-16 20:27:52 ----D---- C:\Program Files\Common Files
2011-10-16 20:27:48 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-10-16 20:27:48 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-10-16 20:27:48 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-10-16 20:27:47 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-10-16 20:27:47 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-10-16 20:27:47 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-10-16 20:27:47 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-10-16 20:27:46 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-10-16 20:27:45 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-10-16 20:27:45 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-10-16 20:27:45 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-10-16 20:27:44 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-10-16 20:27:44 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-10-16 20:27:44 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-10-16 20:27:44 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-10-16 20:27:43 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-10-16 20:27:43 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-10-16 20:27:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-10-16 20:27:43 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-10-16 20:27:43 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdro.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2011-10-16 20:27:38 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2011-10-16 20:27:38 ----D---- C:\Program Files\XnView
2011-10-16 20:27:37 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2011-10-16 20:27:37 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2011-10-16 20:27:37 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2011-10-16 20:27:36 ----A---- C:\WINDOWS\system32\irclass.dll
2011-10-16 20:27:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-10-16 20:27:35 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-10-16 20:27:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-10-16 20:27:35 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-10-16 20:27:33 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-10-16 20:27:33 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-10-16 20:27:33 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-10-16 20:27:33 ----A---- C:\WINDOWS\system32\batt.dll
2011-10-16 20:27:32 ----A---- C:\WINDOWS\system32\storprop.dll
2011-10-16 20:27:32 ----A---- C:\WINDOWS\NOTEPAD.EXE
2011-10-16 20:27:25 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-10-16 20:27:22 ----RA---- C:\WINDOWS\SET8.tmp
2011-10-16 20:27:21 ----RA---- C:\WINDOWS\SET4.tmp
2011-10-16 20:27:20 ----RA---- C:\WINDOWS\SET3.tmp
2011-10-16 20:27:16 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-16 20:27:16 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-16 20:27:10 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-10-16 20:27:01 ----SHD---- C:\WINDOWS\ftpcache
2011-10-16 20:25:15 ----D---- C:\WINDOWS\pss
2011-10-16 20:21:22 ----A---- C:\WINDOWS\vncutil.exe
2011-10-16 20:21:19 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2011-10-16 20:21:19 ----A---- C:\WINDOWS\RtkAudioService.exe
2011-10-16 20:21:16 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2011-10-16 20:21:07 ----D---- C:\Program Files\Realtek
2011-10-16 20:21:07 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2011-10-16 20:21:02 ----A---- C:\WINDOWS\RtlExUpd.dll
2011-10-16 20:20:57 ----D---- C:\Program Files\Common Files\InstallShield
2011-10-16 20:20:02 ----A---- C:\WINDOWS\system32\drivers\L8042Kbd.sys
2011-10-16 20:19:39 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-10-16 20:18:03 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011-10-16 20:17:57 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2011-10-16 20:17:57 ----A---- C:\WINDOWS\SkyTel.exe
2011-10-16 20:17:57 ----A---- C:\WINDOWS\RtlUpd.exe
2011-10-16 20:17:57 ----A---- C:\WINDOWS\RTLCPL.EXE
2011-10-16 20:17:56 ----A---- C:\WINDOWS\RTHDCPL.EXE
2011-10-16 20:17:56 ----A---- C:\WINDOWS\MicCal.exe
2011-10-16 20:17:55 ----A---- C:\WINDOWS\ALCWZRD.EXE
2011-10-16 20:17:55 ----A---- C:\WINDOWS\ALCMTR.EXE
2011-10-16 20:13:26 ----A---- C:\WINDOWS\system32\drivers\ASACPI.sys
2011-10-16 20:12:42 ----D---- C:\WINDOWS\DriverPacks
2011-10-16 20:12:35 ----SHD---- C:\System Volume Information
2011-10-16 20:12:35 ----D---- C:\Documents and Settings
2011-10-16 20:12:34 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2011-10-16 20:12:00 ----RASH---- C:\boot.ini
2011-10-16 20:09:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-10-16 20:09:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-10-16 20:09:31 ----RSD---- C:\WINDOWS\Fonts
2011-10-16 20:09:31 ----RD---- C:\WINDOWS\Web
2011-10-16 20:09:31 ----HD---- C:\WINDOWS\inf
2011-10-16 20:09:31 ----DC---- C:\WINDOWS\$NtUninstallKB5728$
2011-10-16 20:09:31 ----D---- C:\WINDOWS\WinSxS
2011-10-16 20:09:31 ----D---- C:\WINDOWS\WBEM
2011-10-16 20:09:31 ----D---- C:\WINDOWS\twain_32
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\wins
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\wbem
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\usmt
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\spool
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\ShellExt
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\Setup
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\ras
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\oobe
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\npp
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\mui
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\inetsrv
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\IME
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\icsxml
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\ias
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\export
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\drivers\UMDF
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\drivers
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\dhcp
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\cs-cz
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\cs
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\config
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\3com_dmi
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\3076
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\2052
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1054
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1042
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1041
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1037
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1033
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1031
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1029
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1028
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32\1025
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system32
2011-10-16 20:09:31 ----D---- C:\WINDOWS\system
2011-10-16 20:09:31 ----D---- C:\WINDOWS\security
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Resources
2011-10-16 20:09:31 ----D---- C:\WINDOWS\repair
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Provisioning
2011-10-16 20:09:31 ----D---- C:\WINDOWS\pchealth
2011-10-16 20:09:31 ----D---- C:\WINDOWS\PeerNet
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Offline Web Pages
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Network Diagnostic
2011-10-16 20:09:31 ----D---- C:\WINDOWS\mui
2011-10-16 20:09:31 ----D---- C:\WINDOWS\msapps
2011-10-16 20:09:31 ----D---- C:\WINDOWS\msagent
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Media
2011-10-16 20:09:31 ----D---- C:\WINDOWS\L2Schemas
2011-10-16 20:09:31 ----D---- C:\WINDOWS\java
2011-10-16 20:09:31 ----D---- C:\WINDOWS\ime
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Help
2011-10-16 20:09:31 ----D---- C:\WINDOWS\ehome
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Driver Cache
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Debug
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Cursors
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Connection Wizard
2011-10-16 20:09:31 ----D---- C:\WINDOWS\Config
2011-10-16 20:09:31 ----D---- C:\WINDOWS\AppPatch
2011-10-16 20:09:31 ----D---- C:\WINDOWS\addins
2011-10-16 20:09:31 ----D---- C:\WINDOWS
2011-10-16 20:09:31 ----ASH---- C:\pagefile.sys
2011-10-16 20:04:56 ----A---- C:\WINDOWS\system32\TaskKeyHook.dll
2011-10-16 20:04:56 ----A---- C:\WINDOWS\system32\drivers\GMFILTR.SYS
2011-10-16 20:04:56 ----A---- C:\WINDOWS\system32\drivers\gHidUsbF.sys
2011-10-16 20:04:56 ----A---- C:\WINDOWS\system32\drivers\gflmouhid.sys
2011-10-16 20:04:55 ----D---- C:\Program Files\SlimStar R610
2011-10-16 20:03:03 ----D---- C:\Program Files\SlimDrivers
2011-10-16 19:55:26 ----D---- C:\Program Files\ICQ6Toolbar
2011-10-16 19:55:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2011-10-16 19:55:18 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\ICQ
2011-10-16 19:55:12 ----D---- C:\Program Files\ICQ7.6
2011-10-16 19:53:27 ----D---- C:\Program Files\SMPlayer
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\vxblock.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxwma.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxwave.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxsfs.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxmas.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxdrv.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\pxafs.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\px.dll
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\drivers\PxHelp20.sys
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\drivers\cdralw2k.sys
2011-10-16 19:53:11 ----N---- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2011-10-16 19:53:09 ----D---- C:\Program Files\Winamp
2011-10-16 19:45:24 ----D---- C:\WINDOWS\Logs
2011-10-16 19:45:23 ----D---- C:\WINDOWS\system32\xlive
2011-10-16 19:45:19 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE
2011-10-16 19:40:01 ----RSD---- C:\WINDOWS\assembly
2011-10-16 19:39:50 ----D---- C:\WINDOWS\system32\en-US
2011-10-16 19:39:48 ----D---- C:\Program Files\Microsoft.NET
2011-10-16 19:39:47 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-16 19:38:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2011-10-16 19:35:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2011-10-16 19:35:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2011-10-16 19:35:30 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-10-16 19:35:21 ----D---- C:\Program Files\NVIDIA Corporation
2011-10-16 19:35:17 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Macromedia
2011-10-16 19:35:16 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Adobe
2011-10-16 19:35:09 ----D---- C:\NVIDIA
2011-10-16 19:33:32 ----A---- C:\WINDOWS\system32\drivers\mrdd.sys
2011-10-16 19:33:31 ----D---- C:\Program Files\Marvell
2011-10-16 19:32:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-10-16 19:32:27 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-10-16 19:32:27 ----A---- C:\WINDOWS\system32\CSVer.dll
2011-10-16 19:32:26 ----D---- C:\Program Files\Intel
2011-10-16 19:32:20 ----D---- C:\Intel
2011-10-16 19:31:40 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\WinRAR
2011-10-16 19:31:38 ----D---- C:\Program Files\WinRAR
2011-10-16 19:30:55 ----A---- C:\WINDOWS\Language_trs.ini
2011-10-16 19:28:30 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Mozilla
2011-10-16 19:28:28 ----D---- C:\Program Files\Mozilla Firefox
2011-10-16 19:25:52 ----D---- C:\WINDOWS\system32\Atheros_L1e
2011-10-16 19:25:49 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-16 19:24:20 ----D---- C:\WINDOWS\system32\Lang
2011-10-16 19:24:04 ----D---- C:\Documents and Settings\Zdenek\Data aplikací\Identities
2011-10-16 19:24:03 ----HD---- C:\Program Files\Uninstall Information
2011-10-16 19:18:06 ----SH---- C:\Documents and Settings\Zdenek\Data aplikací\desktop.ini
2011-10-16 19:18:05 ----SD---- C:\Documents and Settings\Zdenek\Data aplikací\Microsoft
2011-10-16 19:16:27 ----D---- C:\WINDOWS\SoftwareDistribution
2011-10-16 19:16:26 ----D---- C:\WINDOWS\Prefetch
2011-10-16 19:16:25 ----SD---- C:\WINDOWS\system32\Microsoft
2011-10-16 19:16:25 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-16 19:14:28 ----AS---- C:\WINDOWS\bootstat.dat
2011-10-16 19:13:18 ----D---- C:\WINDOWS\system32\xircom
2011-10-16 19:13:18 ----D---- C:\Program Files\xerox
2011-10-16 19:13:18 ----D---- C:\Program Files\microsoft frontpage
2011-10-16 19:13:05 ----RASH---- C:\MSDOS.SYS
2011-10-16 19:13:05 ----A---- C:\WINDOWS\control.ini
2011-10-16 19:13:04 ----RASH---- C:\IO.SYS
2011-10-16 19:13:04 ----A---- C:\CONFIG.SYS
2011-10-16 19:13:04 ----A---- C:\AUTOEXEC.BAT
2011-10-16 19:12:52 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-10-16 19:12:15 ----HD---- C:\Program Files\WindowsUpdate
2011-10-16 19:12:12 ----D---- C:\Program Files\Online Services
2011-10-16 19:11:59 ----D---- C:\WINDOWS\system32\DirectX
2011-10-16 19:11:52 ----A---- C:\WINDOWS\system32\atrace.dll
2011-10-16 19:11:50 ----A---- C:\WINDOWS\system32\desktop.ini
2011-10-16 19:11:50 ----A---- C:\WINDOWS\desktop.ini
2011-10-16 19:11:44 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-10-16 19:11:43 ----D---- C:\Program Files\Common Files\Services
2011-10-16 19:11:43 ----A---- C:\WINDOWS\system32\acctres.dll
2011-10-16 19:11:40 ----SD---- C:\WINDOWS\Tasks
2011-10-16 19:11:40 ----D---- C:\Program Files\Common Files\MSSoap
2011-10-16 19:11:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-10-16 19:11:36 ----D---- C:\WINDOWS\system32\Macromed
2011-10-16 19:11:36 ----D---- C:\WINDOWS\srchasst
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.wusetup.152953.bak
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuaucpl.cpl.wusetup.152359.bak
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2011-10-16 19:11:34 ----A---- C:\WINDOWS\system32\wuauclt.exe.wusetup.152218.bak
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\wuapi.dll.wusetup.152062.bak
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2011-10-16 19:11:33 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2011-10-16 19:11:30 ----D---- C:\Program Files\Movie Maker
2011-10-16 19:11:14 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-10-16 19:11:14 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-10-16 19:11:14 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-10-16 19:11:14 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-10-16 19:11:11 ----A---- C:\WINDOWS\system32\fltMc.exe
2011-10-16 19:11:11 ----A---- C:\WINDOWS\system32\fltlib.dll
2011-10-16 19:11:11 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2011-10-16 19:11:10 ----D---- C:\WINDOWS\system32\Restore
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\srclient.dll
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\ils.dll
2011-10-16 19:11:10 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-10-16 19:11:09 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-10-16 19:11:09 ----A---- C:\WINDOWS\system32\msconf.dll
2011-10-16 19:11:09 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-10-16 19:11:09 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-10-16 19:11:07 ----D---- C:\Program Files\NetMeeting
2011-10-16 19:11:06 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-10-16 19:11:06 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-10-16 19:11:06 ----A---- C:\WINDOWS\system32\inetres.dll
2011-10-16 19:11:05 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-10-16 19:11:04 ----D---- C:\Program Files\Outlook Express
2011-10-16 19:11:04 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-10-16 19:11:04 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-10-16 19:11:04 ----A---- C:\WINDOWS\system32\mstask.dll
2011-10-16 19:11:03 ----A---- C:\WINDOWS\system32\isign32.dll
2011-10-16 19:11:03 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-10-16 19:11:03 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-10-16 19:11:03 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-10-16 19:10:58 ----D---- C:\Program Files\Common Files\System
2011-10-16 19:10:57 ----D---- C:\Program Files\Internet Explorer
2011-10-16 19:10:37 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2011-10-16 19:10:29 ----D---- C:\Program Files\ComPlus Applications
2011-10-16 19:10:28 ----A---- C:\WINDOWS\vbaddin.ini
2011-10-16 19:10:28 ----A---- C:\WINDOWS\vb.ini
2011-10-16 19:10:24 ----D---- C:\WINDOWS\Registration
2011-10-16 19:10:08 ----D---- C:\Program Files\Windows Media Player
2011-10-16 19:10:08 ----D---- C:\Program Files\Windows Media Connect 2
2011-10-16 19:10:06 ----D---- C:\Program Files\Messenger
2011-10-16 19:10:03 ----D---- C:\Program Files\MSN Gaming Zone
2011-10-16 19:10:03 ----A---- C:\WINDOWS\system32\write.exe
2011-10-16 19:09:55 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-10-16 19:09:55 ----A---- C:\WINDOWS\system32\hticons.dll
2011-10-16 19:09:54 ----A---- C:\WINDOWS\system32\winchat.exe
2011-10-16 19:09:54 ----A---- C:\WINDOWS\system32\avwav.dll
2011-10-16 19:09:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-10-16 19:09:54 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-10-16 19:09:47 ----A---- C:\WINDOWS\system32\sol.exe
2011-10-16 19:09:47 ----A---- C:\WINDOWS\system32\charmap.exe
2011-10-16 19:09:47 ----A---- C:\WINDOWS\system32\getuname.dll
2011-10-16 19:09:47 ----A---- C:\WINDOWS\system32\calc.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\winmine.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\tskill.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\tscon.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\reset.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-10-16 19:09:46 ----A---- C:\WINDOWS\system32\freecell.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\shadow.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\regini.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\msg.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\logoff.exe
2011-10-16 19:09:45 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-10-16 19:09:39 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-10-16 19:09:39 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-10-16 19:09:38 ----D---- C:\Program Files\Windows NT
2011-10-16 19:09:38 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-10-16 19:09:38 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-10-16 19:09:38 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-10-16 19:09:38 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-10-16 19:09:37 ----A---- C:\WINDOWS\system32\spider.exe
2011-10-16 19:09:37 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-10-16 19:09:37 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\tsgqec.dll
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-10-16 19:09:36 ----A---- C:\WINDOWS\system32\aaclient.dll
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-10-16 19:09:35 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-10-16 19:09:34 ----D---- C:\WINDOWS\system32\MsDtc
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-10-16 19:09:34 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-10-16 19:09:33 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-10-16 19:09:33 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-10-16 19:09:33 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-10-16 19:09:33 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-10-16 19:09:32 ----D---- C:\WINDOWS\system32\Com
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\stclient.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\colbact.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-10-16 19:09:32 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\comuid.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-10-16 19:09:31 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-10-16 19:09:25 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-10-16 19:09:25 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-10-16 19:09:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-10-16 19:09:25 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-10-16 19:09:22 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-10-16 19:09:21 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

======List of files/folders modified in the last 1 month======

2011-10-20 13:35:33 ----A---- C:\WINDOWS\system.ini
2011-10-18 14:26:44 ----A---- C:\WINDOWS\win.ini
2011-10-16 19:12:43 ----ASH---- C:\WINDOWS\fonts\desktop.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mrdd;Marvell Removable Disk Control Driver; C:\WINDOWS\system32\DRIVERS\mrdd.sys [2008-11-12 18984]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-08-08 77568]
R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2007-12-17 12400]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslf7cc2d85;MpKslf7cc2d85; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74482BE9-9B7E-419C-80F8-F643D37CDC3D}\MpKslf7cc2d85.sys []
R3 catchme;catchme; \??\C:\Beruska24156B\catchme.sys []
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-07-12 7808]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2000-01-01 6435432]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1e51x86.sys [2008-06-26 36864]
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2006-07-19 13568]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2006-02-26 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2000-01-01 12542592]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
S1 MpKsl2ed2cca2;MpKsl2ed2cca2; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{74482BE9-9B7E-419C-80F8-F643D37CDC3D}\MpKsl2ed2cca2.sys []
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2000-01-01 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 mbr;mbr; \??\C:\DOCUME~1\Zdenek\LOCALS~1\Temp\mbr.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2000-01-01 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SWDUMon;SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [2011-10-20 12984]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2008-08-08 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-08-08 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-10-19 4164]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2000-01-01 139144]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2000-01-01 2255464]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

....vyhodil jsem jednu tu ramku a jedu jen na jednu

#36 Příspěvek od **vyosek** » 20 říj 2011 12:47

Padim ted na jednu prednasku a bohuzel tam neni wifina, takze tak kolem seste-pul sedme hodim dalsi postup, jeste tam havet mame

goffy1985 · #37 Příspěvek od **goffy1985** » 21 říj 2011 07:46

vyosek píše:Padim ted na jednu prednasku a bohuzel tam neni wifina, takze tak kolem seste-pul sedme hodim dalsi postup, jeste tam havet mame

ok, čekám na instrukce

#38 Příspěvek od **cernohous13** » 21 říj 2011 09:02

Zdravím, aby ses nenudil než se uvolní kolega můžeš provést

stáhni a spusť http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
dej volbu 2 - vytvořený log sem zkopíruj

opakuj s volbou 3 a 4 (logy sem dej)

#39 Příspěvek od **vyosek** » 21 říj 2011 09:06

Omlouvam se, vcera jsem to uplne zazdil...

Provedte krok co psal kolega a odpoledne tu bude navod na mazani, tentokrat uz to mam poznacene

goffy1985 · #40 Příspěvek od **goffy1985** » 21 říj 2011 09:15

vyosek píše:Omlouvam se, vcera jsem to uplne zazdil...

Provedte krok co psal kolega a odpoledne tu bude navod na mazani, tentokrat uz to mam poznacene

nic se neděje, myslím, že ta havěť nikam neuteče

ok, jdu na to

goffy1985 · #41 Příspěvek od **goffy1985** » 21 říj 2011 09:16

2)
RogueKiller V6.1.3 [10/14/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Zdenek [Admin rights]
Mode: Remove -- Date : 10/21/2011 10:15:29

Bad processes: 0

Registry Entries: 1
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED ()

Particular Files / Folders:

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost

Finished : << RKreport[1].txt >>
RKreport[1].txt

3)
RogueKiller V6.1.3 [10/14/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Zdenek [Admin rights]
Mode: HOSTSFix -- Date : 10/21/2011 10:16:15

Bad processes: 0

Driver: [LOADED]

HOSTS File:
127.0.0.1 localhost

Resetted HOSTS:
127.0.0.1 localhost

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

4)
RogueKiller V6.1.3 [10/14/2011] by Tigzy
contact at http://www.sur-la-toile.com
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.sur-la-toile.com/discussion- ... ntees.html

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Zdenek [Admin rights]
Mode: ProxyFix -- Date : 10/21/2011 10:16:32

Bad processes: 0

Driver: [LOADED]

Registry Entries: 0

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

....na ploše mi vznikla složka RK_Quarantine...smáznout? čekat na další kroky?

#42 Příspěvek od **vyosek** » 21 říj 2011 12:27

Nic nemazte, pouklizime az na zaver

Stahnete Avenger (viz muj podpis)

Pokud pouzivate Win Vista ci W7, kliknete na Avenger pravym a dejte Run As Administrator ci Spustit jako spravce
Po spusteni Vas program upozorni, ze vse co delate, delate na vlastni riziko - Dejte OK
Po potvrzeni uz na Vas koukne hlavni okno, kam vlozite skript, ktery mate nize

Kód: Vybrat vše

Begin copying here:

Files to delete:
C:\WINDOWS\system32\drivers\zcvknwfk.sys
C:\WINDOWS\system32\drivers\qzgqrerp.sys
C:\WINDOWS\system32\drivers\qjcwfjpy.sys
C:\WINDOWS\system32\drivers\vqkotpis.sys
C:\WINDOWS\system32\drivers\bptegptx.sys
C:\WINDOWS\system32\drivers\rejnbkuy.sys
C:\WINDOWS\system32\drivers\xrqumnth.sys
C:\WINDOWS\system32\drivers\amjegydu.sys
C:\WINDOWS\system32\drivers\fxjrcwfu.sys
C:\WINDOWS\system32\drivers\qejgfkzm.sys
C:\WINDOWS\system32\drivers\wuxikxii.sys
C:\WINDOWS\system32\drivers\uzmhrpiw.sys
C:\WINDOWS\system32\drivers\odwhnpqd.sys
C:\WINDOWS\system32\drivers\kkorgjef.sys
C:\WINDOWS\system32\drivers\cokvuwxt.sys
C:\WINDOWS\system32\drivers\zhxpycpn.sys
C:\WINDOWS\system32\drivers\dfzaeuyp.sys
C:\WINDOWS\system32\drivers\mqdwjhzs.sys
C:\WINDOWS\system32\drivers\inmaaop.sys
C:\WINDOWS\system32\drivers\zcvagcne.sys
C:\WINDOWS\system32\drivers\daihpzed.sys
C:\WINDOWS\system32\drivers\airiujxz.sys
C:\WINDOWS\system32\drivers\vyaomuei.sys
C:\WINDOWS\system32\drivers\fhidgrgj.sys
C:\WINDOWS\system32\drivers\sppkfqnm.sys
C:\WINDOWS\system32\drivers\ednffflf.sys
C:\WINDOWS\system32\drivers\iedjlneg.sys
C:\WINDOWS\system32\drivers\l1e51x86.sys
C:\WINDOWS\system32\drivers\oornrqfp.sys
C:\WINDOWS\system32\drivers\ihirktvu.sys
C:\WINDOWS\system32\drivers\okvusrjs.sys
C:\WINDOWS\SET8.tmp
C:\WINDOWS\SET4.tmp
C:\WINDOWS\SET3.tmp

Drivers to delete:
MpKslf7cc2d85
MpKsl2ed2cca2

Do ctverecku u Scan for rootkits a Automatically disable any rootkits found dejte fajecku
Nyni uz kliknete na Execute a potvrdte Yes v nasledujicim okne - timto potvrdite spusteni skriptu
Na otazku Reboot now odpovezte opet OK - timto se PC restartuje
Po restartu by se mel otevrit poznamkovy blok s logem a jeho obsah vlozte sem. Pokud se tak nestane, naleznete pozadovany dokument v C:\avenger.txt

goffy1985 · #43 Příspěvek od **goffy1985** » 21 říj 2011 12:56

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\system32\drivers\zcvknwfk.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\qzgqrerp.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\qjcwfjpy.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\vqkotpis.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\bptegptx.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\rejnbkuy.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\xrqumnth.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\amjegydu.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\fxjrcwfu.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\qejgfkzm.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\wuxikxii.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\uzmhrpiw.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\odwhnpqd.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\kkorgjef.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\cokvuwxt.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\zhxpycpn.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\dfzaeuyp.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\mqdwjhzs.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\inmaaop.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\zcvagcne.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\daihpzed.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\airiujxz.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\vyaomuei.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\fhidgrgj.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\sppkfqnm.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\ednffflf.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\iedjlneg.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\l1e51x86.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\oornrqfp.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\ihirktvu.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\okvusrjs.sys" deleted successfully.
File "C:\WINDOWS\SET8.tmp" deleted successfully.
File "C:\WINDOWS\SET4.tmp" deleted successfully.
File "C:\WINDOWS\SET3.tmp" deleted successfully.

Error: registry key "\Registry\Machine\System\CurrentControlSet\Services\MpKslf7cc2d85" not found!
Deletion of driver "MpKslf7cc2d85" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist

Driver "MpKsl2ed2cca2" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

až na to, že po restartu opět BSOD s driver_irql_not_less_or_equal...

#44 Příspěvek od **vyosek** » 21 říj 2011 13:11

Zkuste tohle

StrejdaProšek píše: Ohledně toho dual channelu musíš mít paměti vždy ve stejných barvách (žlutá-žlutá, nebo černá-černá).
A taky zkontroluj, jestli jsou správně usazené a některý desky važadujou povolení dual channelu v biosu.
Zkus proházet paměti do různých slotů, ale vždy do dual channelu (stejná barva)!!

goffy1985 · #45 Příspěvek od **goffy1985** » 21 říj 2011 15:07

vyosek píše:Zkuste tohle
StrejdaProšek píše: Ohledně toho dual channelu musíš mít paměti vždy ve stejných barvách (žlutá-žlutá, nebo černá-černá).
A taky zkontroluj, jestli jsou správně usazené a některý desky važadujou povolení dual channelu v biosu.
Zkus proházet paměti do různých slotů, ale vždy do dual channelu (stejná barva)!!

byly naházené ve žlutých, tak jsem to zkusil prcnout do černých...uvidíme, ještě mrknu do biosu, jestli je tam někde zmínka o dual channelu

VIRY.CZ

Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/

Re: Trojan jak vyšitý :/