Kontrola po zotavení z Olmarik.ajl

[Stoon]

Hezký den,
před několika dny se mi nepodařilo vůbec najet do systému, počítač se kousl hned po provedení POST. Zkoušel jsem vše možné, nakonec jsem disk připojil přes USB adaptér k jinému počítači a zjistil, že v MBR sektoru disku se usídlil Olmarik.ajl, a proto nemůžu počítač nabootovat. Po krátkém hledání na internetu se mi podařilo najít postup, jak do systému najet, přes konzoli pro zotavení systému a příkaz FIXMBR se mi podařilo vytvořit nový master boot record a do systému se od té doby zase normálně dostanu. Nevěřím ale, že tento postup Olmarika odstranil. Nainstalovaný Microsoft security essentials, ani online Symantec nebo Eset testy ale vůbec nic nenašly. Proto prosím pro jistotu o kontrolu logy, abych věděl, mám-li se tím nějak dále zabývat nebo ne. Počítač (systém) je čerstvě (neco přes týden) přeinstalovaný.

Log z RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by Ing. Pavel Stoklasa at 2011-02-01 17:31:38
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 36 GB (71%) free of 50 GB
Total RAM: 1022 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:32:15, on 1.2.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\hasplms.exe
C:\Program Files\Nero\Update\NASvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\totalcmd\TOTALCMD.EXE
c:\registry\RSIT.exe
C:\Program Files\trend micro\Ing. Pavel Stoklasa.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Ing. Pavel Stoklasa\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5553316796
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 4.15.0.cab
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (Prvek AcPreview) - file:///C:/Program%20Files/AutoCAD%20LT%202002%20Cz/AcPreview.ocx
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: HASP License Manager (hasplms) - Aladdin Knowledge Systems Ltd. - C:\WINDOWS\system32\hasplms.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6623 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-2147184337-839522115-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1659004503-2147184337-839522115-1004UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-10-11 1244040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-12-30 19972712]
"JMB36X IDE Setup"=C:\WINDOWS\RaidTool\xInsIDE.exe [2007-03-20 36864]
"36X Raid Configurer"=C:\WINDOWS\system32\xRaidSetup.exe [2007-11-19 1966080]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=C:\Documents and Settings\Ing. Pavel Stoklasa\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-01-20 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2010-12-03 141368]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\WINDOWS\system32\hasplms.exe"="C:\WINDOWS\system32\hasplms.exe:*:Enabled:HASP LLM"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

[Stoon]

pokračování logu:

======List of files/folders created in the last 1 months======

2011-02-01 17:31:39 ----D---- C:\Program Files\trend micro
2011-02-01 17:31:38 ----D---- C:\rsit
2011-02-01 17:09:03 ----SHD---- C:\Config.Msi
2011-01-31 23:32:04 ----D---- C:\Program Files\MSXML 4.0
2011-01-31 22:02:54 ----D---- C:\Program Files\ESET
2011-01-31 20:49:22 ----A---- C:\TDSSKiller.2.4.15.0_31.01.2011_20.49.22_log.txt
2011-01-31 20:49:08 ----A---- C:\TDSSKiller.2.4.15.0_31.01.2011_20.49.08_log.txt
2011-01-31 20:15:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2011-01-31 20:02:51 ----A---- C:\WINDOWS\system32\muweb.dll
2011-01-31 20:02:51 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2011-01-31 20:02:51 ----A---- C:\WINDOWS\system32\mucltui.dll
2011-01-30 23:12:44 ----ASH---- C:\pagefile.sys
2011-01-30 12:34:34 ----D---- C:\MSI2fecd.tmp
2011-01-27 17:22:01 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-01-27 17:22:00 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-01-27 17:21:59 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-01-25 06:40:53 ----D---- C:\1
2011-01-24 16:34:52 ----A---- C:\WINDOWS\TZW.INI
2011-01-24 16:32:26 ----D---- C:\Program Files\Common Files\Aladdin Shared
2011-01-24 16:32:24 ----A---- C:\WINDOWS\system32\hasplms.exe
2011-01-24 16:32:24 ----A---- C:\WINDOWS\system32\aksllmtp.exe
2011-01-24 16:32:23 ----A---- C:\WINDOWS\system32\drivers\aksfridge.sys
2011-01-24 16:32:22 ----A---- C:\WINDOWS\system32\drivers\hardlock.sys
2011-01-24 16:26:17 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\PROTECH
2011-01-24 16:24:36 ----A---- C:\WINDOWS\system32\msvcr90.dll
2011-01-24 16:24:36 ----A---- C:\WINDOWS\system32\msvcp90.dll
2011-01-24 16:24:36 ----A---- C:\WINDOWS\system32\msvcm90.dll
2011-01-24 16:24:07 ----D---- C:\Program Files\PROTECH
2011-01-24 15:54:02 ----A---- C:\WINDOWS\ccolwiz.ini
2011-01-24 15:53:33 ----A---- C:\WINDOWS\HPLTLNK.EXE
2011-01-24 15:32:45 ----RA---- C:\WINDOWS\system32\TSKMON.DLL
2011-01-24 15:28:31 ----A---- C:\WINDOWS\system32\DrvSetupLang.dll
2011-01-24 15:22:22 ----D---- C:\Program Files\PrintServer Utilities
2011-01-24 15:22:22 ----A---- C:\WINDOWS\system32\PSX64.dll
2011-01-24 15:22:22 ----A---- C:\WINDOWS\system32\pswin.dll
2011-01-24 15:22:22 ----A---- C:\WINDOWS\system32\psnt.dll
2011-01-24 15:22:22 ----A---- C:\WINDOWS\system32\Bot.dll
2011-01-24 15:22:22 ----A---- C:\WINDOWS\PSXLPR.INI
2011-01-24 14:59:30 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Carambis
2011-01-24 14:57:56 ----D---- C:\Program Files\MonitorDriver
2011-01-22 11:41:40 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Apple Computer
2011-01-21 22:03:23 ----D---- C:\Program Files\The KMPlayer
2011-01-21 14:58:17 ----D---- C:\Program Files\MSECache
2011-01-21 14:33:11 ----A---- C:\WINDOWS\system32\gdpdfplug.dll
2011-01-21 14:33:09 ----A---- C:\WINDOWS\system32\cdintf450.dll
2011-01-21 14:33:03 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\InstallShield
2011-01-21 14:32:57 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\602XML
2011-01-21 14:32:53 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\602Installer
2011-01-21 14:32:45 ----D---- C:\Program Files\Common Files\soft602
2011-01-21 14:32:43 ----D---- C:\Program Files\Common Files\Freedom Scientific
2011-01-21 14:32:42 ----D---- C:\Program Files\Software602
2011-01-21 14:14:21 ----D---- C:\Program Files\Visual Integrity
2011-01-21 14:06:35 ----A---- C:\WINDOWS\ODBC.INI
2011-01-21 14:06:29 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-01-21 14:05:52 ----D---- C:\Program Files\Common Files\DESIGNER
2011-01-21 14:05:39 ----D---- C:\WINDOWS\SHELLNEW
2011-01-21 14:05:38 ----D---- C:\Program Files\Microsoft.NET
2011-01-21 14:05:38 ----D---- C:\Program Files\Microsoft Office
2011-01-21 13:31:58 ----D---- C:\Program Files\SkiJo
2011-01-21 12:59:47 ----D---- C:\Program Files\AutoCAD LT 2009
2011-01-21 12:55:11 ----D---- C:\Program Files\MSBuild
2011-01-21 12:51:58 ----D---- C:\WINDOWS\system32\XPSViewer
2011-01-21 12:51:56 ----D---- C:\WINDOWS\system32\en-us
2011-01-21 12:51:15 ----D---- C:\Program Files\Reference Assemblies
2011-01-21 12:50:52 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-01-21 11:57:07 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\AskToolbar
2011-01-21 11:07:10 ----A---- C:\WINDOWS\system32\Scp32.dll
2011-01-21 11:07:10 ----A---- C:\WINDOWS\system32\Mrt7enu.dll
2011-01-21 11:07:10 ----A---- C:\WINDOWS\system32\Hlp95en.dll
2011-01-21 11:07:10 ----A---- C:\WINDOWS\system32\hhactivex.dll
2011-01-21 11:07:10 ----A---- C:\WINDOWS\system32\acdbres.dll
2011-01-21 11:06:48 ----D---- C:\Program Files\Volo View Express
2011-01-21 11:06:34 ----A---- C:\WINDOWS\uninst.exe
2011-01-21 11:05:56 ----D---- C:\Program Files\Common Files\Wextech Shared
2011-01-21 11:05:42 ----D---- C:\Program Files\AutoCAD LT 2002 Cz
2011-01-21 10:45:36 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Autodesk
2011-01-21 10:41:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2011-01-21 10:39:29 ----D---- C:\Program Files\Common Files\Autodesk Shared
2011-01-21 10:39:25 ----D---- C:\Program Files\Autodesk
2011-01-21 10:36:50 ----RSD---- C:\WINDOWS\assembly
2011-01-21 10:36:50 ----D---- C:\WINDOWS\Microsoft.NET
2011-01-21 10:36:48 ----D---- C:\WINDOWS\system32\URTTemp
2011-01-21 09:57:09 ----D---- C:\Program Files\Google
2011-01-21 09:44:03 ----SHD---- C:\RECYCLER
2011-01-21 09:43:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2011-01-21 09:43:02 ----D---- C:\Program Files\Common Files\Nero
2011-01-21 09:42:55 ----D---- C:\Program Files\Nero
2011-01-21 09:41:53 ----A---- C:\WINDOWS\system32\hidserv.dll
2011-01-21 09:41:45 ----A---- C:\WINDOWS\system32\drivers\hidusb.sys
2011-01-21 09:41:28 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2011-01-21 01:32:01 ----D---- C:\registry
2011-01-21 01:28:54 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2011-01-21 01:28:51 ----D---- C:\Program Files\PDFCreator
2011-01-21 01:28:51 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2011-01-21 01:20:43 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\QIP
2011-01-21 01:19:54 ----D---- C:\Program Files\QIP Infium
2011-01-21 01:17:00 ----D---- C:\Program Files\IrfanView
2011-01-21 01:13:23 ----D---- C:\Program Files\Microsoft Silverlight
2011-01-21 01:12:52 ----D---- C:\Program Files\Ask.com
2011-01-21 01:12:17 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-01-21 01:12:01 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2011-01-21 01:08:22 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2011-01-21 01:05:53 ----D---- C:\Program Files\Microsoft Security Client
2011-01-21 00:57:43 ----D---- C:\Program Files\Common Files\Skype
2011-01-21 00:57:42 ----RD---- C:\Program Files\Skype
2011-01-21 00:57:41 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Skype
2011-01-21 00:57:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2011-01-21 00:54:57 ----D---- C:\Program Files\Common Files\Adobe
2011-01-21 00:54:57 ----D---- C:\Program Files\Adobe
2011-01-21 00:53:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-01-21 00:51:06 ----D---- C:\Program Files\CCleaner
2011-01-21 00:48:49 ----D---- C:\totalcmd
2011-01-21 00:48:49 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\GHISLER
2011-01-21 00:48:49 ----A---- C:\WINDOWS\UC.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\RAR.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\PKZIP.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\PKUNZIP.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\NOCLOSE.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\LHA.PIF
2011-01-21 00:48:49 ----A---- C:\WINDOWS\ARJ.PIF
2011-01-21 00:48:07 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla
2011-01-21 00:43:44 ----D---- C:\Program Files\SystemRequirementsLab
2011-01-21 00:04:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA Corporation
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\nvgenco322040.dll
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\nvdispco322090.dll
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2011-01-21 00:03:46 ----A---- C:\WINDOWS\system32\nvcuda.dll
2011-01-21 00:03:45 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2011-01-21 00:03:31 ----D---- C:\Program Files\NVIDIA Corporation
2011-01-21 00:03:12 ----D---- C:\NVIDIA
2011-01-21 00:02:48 ----A---- C:\WINDOWS\system32\yk51x86.dll
2011-01-20 23:50:09 ----D---- C:\WINDOWS\nview
2011-01-20 23:50:09 ----A---- C:\WINDOWS\system32\nvudisp.exe
2011-01-20 23:50:01 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2011-01-20 23:49:45 ----A---- C:\WINDOWS\system32\nvwssr.dll
2011-01-20 23:49:45 ----A---- C:\WINDOWS\system32\nvwss.dll
2011-01-20 23:49:45 ----A---- C:\WINDOWS\system32\nvvitvsr.dll
2011-01-20 23:49:45 ----A---- C:\WINDOWS\system32\nvvitvs.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvmoblsr.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvmobls.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvmccssr.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvmccss.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvhwvid.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvgamesr.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvgames.dll
2011-01-20 23:49:44 ----A---- C:\WINDOWS\system32\nvexpbar.dll
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvdispsr.dll
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvdisps.dll
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvcplui.exe
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvcodins.dll
2011-01-20 23:49:43 ----A---- C:\WINDOWS\system32\nvcod.dll
2011-01-20 23:49:42 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-01-20 23:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB835221WXP$
2011-01-20 23:47:58 ----A---- C:\WINDOWS\system32\xRaidSetup.exe
2011-01-20 23:47:58 ----A---- C:\WINDOWS\system32\xRaidAPI.dll
2011-01-20 23:47:57 ----D---- C:\RaidTool
2011-01-20 23:47:53 ----D---- C:\WINDOWS\RaidTool
2011-01-20 23:47:23 ----A---- C:\WINDOWS\system32\drivers\jraid.sys
2011-01-20 23:44:13 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-20 23:44:13 ----D---- C:\Program Files\Intel
2011-01-20 23:44:13 ----A---- C:\WINDOWS\system32\CSVer.dll
2011-01-20 23:44:03 ----D---- C:\Intel
2011-01-20 23:42:13 ----A---- C:\WINDOWS\system32\drivers\DrvAgent32.sys
2011-01-20 23:09:05 ----D---- C:\WINDOWS\system32\Lang
2011-01-20 23:07:34 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2011-01-20 23:07:33 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2011-01-20 23:07:32 ----A---- C:\WINDOWS\system32\drivers\DMusic.sys
2011-01-20 23:07:31 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2011-01-20 23:07:30 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2011-01-20 23:07:29 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2011-01-20 23:07:28 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2011-01-20 23:07:26 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2011-01-20 23:07:25 ----A---- C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011-01-20 23:07:24 ----A---- C:\WINDOWS\system32\drivers\MSPQM.sys
2011-01-20 23:07:23 ----A---- C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011-01-20 23:07:18 ----D---- C:\WINDOWS\system32\RTCOM
2011-01-20 23:07:16 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-01-20 23:07:16 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2011-01-20 23:07:15 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2011-01-20 23:07:10 ----A---- C:\WINDOWS\vncutil.exe
2011-01-20 23:07:10 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2011-01-20 23:07:10 ----A---- C:\WINDOWS\SkyTel.exe
2011-01-20 23:07:10 ----A---- C:\WINDOWS\RtlUpd.exe
2011-01-20 23:07:09 ----A---- C:\WINDOWS\system32\RtkCoInstXP.dll
2011-01-20 23:07:09 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011-01-20 23:07:09 ----A---- C:\WINDOWS\RTLCPL.EXE
2011-01-20 23:07:09 ----A---- C:\WINDOWS\RtkAudioService.exe
2011-01-20 23:07:08 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys
2011-01-20 23:07:08 ----A---- C:\WINDOWS\RTHDCPL.EXE
2011-01-20 23:07:08 ----A---- C:\WINDOWS\MicCal.exe
2011-01-20 23:07:07 ----D---- C:\Program Files\Realtek
2011-01-20 23:07:07 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys
2011-01-20 23:07:07 ----A---- C:\WINDOWS\ALCWZRD.EXE
2011-01-20 23:07:07 ----A---- C:\WINDOWS\ALCMTR.EXE
2011-01-20 23:07:02 ----A---- C:\WINDOWS\RtlExUpd.dll
2011-01-20 22:47:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-20 22:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2011-01-20 22:46:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2011-01-20 22:46:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-01-20 22:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2011-01-20 22:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-01-20 22:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2011-01-20 22:46:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-01-20 22:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-01-20 22:46:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-01-20 22:46:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-01-20 22:46:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-01-20 22:46:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-01-20 22:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-01-20 22:46:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-01-20 22:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-01-20 22:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-01-20 22:46:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-01-20 22:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-01-20 22:45:57 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-01-20 22:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-01-20 22:45:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-01-20 22:45:46 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-01-20 22:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2011-01-20 22:45:35 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-01-20 22:45:31 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-01-20 22:45:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-01-20 22:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-01-20 22:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2011-01-20 22:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-01-20 22:45:02 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-01-20 22:44:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-01-20 22:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-01-20 22:44:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-01-20 22:36:20 ----D---- C:\WINDOWS\Prefetch
2011-01-20 22:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-01-20 22:34:51 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-01-20 22:34:44 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-01-20 22:34:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-01-20 22:34:36 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-01-20 22:34:32 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-01-20 22:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-01-20 22:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-01-20 22:34:20 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-01-20 22:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-01-20 22:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-01-20 22:34:08 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-01-20 22:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-01-20 22:33:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-01-20 22:33:55 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-01-20 22:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-01-20 22:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-01-20 22:33:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-01-20 22:33:39 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-01-20 22:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-01-20 22:33:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-01-20 22:33:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-01-20 22:33:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-01-20 22:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-01-20 22:33:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-01-20 22:33:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-01-20 22:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-01-20 22:33:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-01-20 22:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-01-20 22:32:55 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-01-20 22:32:51 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-01-20 22:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-01-20 22:32:41 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-01-20 22:32:37 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-01-20 22:32:33 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-01-20 22:32:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-01-20 22:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-01-20 22:32:21 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-01-20 22:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-01-20 22:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-01-20 22:32:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-01-20 22:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-01-20 22:31:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-01-20 22:31:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-01-20 22:31:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-01-20 22:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-01-20 22:31:42 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-01-20 22:31:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-01-20 22:31:34 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-01-20 22:31:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-01-20 22:31:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-01-20 22:31:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-01-20 22:31:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-01-20 22:31:13 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-01-20 22:31:09 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-01-20 22:31:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-01-20 22:28:46 ----D---- C:\WINDOWS\system32\cs
2011-01-20 22:28:46 ----D---- C:\WINDOWS\l2schemas
2011-01-20 22:26:01 ----D---- C:\WINDOWS\network diagnostic
2011-01-20 22:17:48 ----N---- C:\WINDOWS\system32\wmphoto.dll
2011-01-20 22:17:42 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-01-20 22:17:40 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2011-01-20 22:17:40 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2011-01-20 22:17:36 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-01-20 22:17:33 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-01-20 22:17:33 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-01-20 22:17:18 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-01-20 22:17:17 ----N---- C:\WINDOWS\system32\setupn.exe
2011-01-20 22:17:15 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-01-20 22:17:15 ----D---- C:\WINDOWS\ie8updates
2011-01-20 22:17:13 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-01-20 22:17:11 ----N---- C:\WINDOWS\system32\qutil.dll
2011-01-20 22:17:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-01-20 22:17:09 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-01-20 22:17:09 ----N---- C:\WINDOWS\system32\qagent.dll
2011-01-20 22:17:07 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2011-01-20 22:17:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-01-20 22:16:52 ----N---- C:\WINDOWS\system32\napstat.exe
2011-01-20 22:16:52 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-01-20 22:16:52 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-01-20 22:16:50 ----N---- C:\WINDOWS\system32\msxml6r.dll
2011-01-20 22:16:50 ----N---- C:\WINDOWS\system32\msxml6.dll
2011-01-20 22:16:47 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-01-20 22:16:47 ----N---- C:\WINDOWS\system32\mssha.dll
2011-01-20 22:16:37 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-01-20 22:16:37 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-01-20 22:16:37 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-01-20 22:16:37 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-01-20 22:16:31 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-01-20 22:16:31 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-01-20 22:16:30 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-01-20 22:16:30 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-01-20 22:16:30 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-01-20 22:16:30 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-01-20 22:16:27 ----N---- C:\WINDOWS\system32\ieencode.dll
2011-01-20 22:16:22 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-01-20 22:16:20 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-01-20 22:16:20 ----A---- C:\WINDOWS\004975_.tmp
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-01-20 22:16:19 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-01-20 22:16:18 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-01-20 22:16:18 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-01-20 22:16:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-01-20 22:16:17 ----N---- C:\WINDOWS\system32\credssp.dll
2011-01-20 22:16:15 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-01-20 22:16:15 ----N---- C:\WINDOWS\system32\azroles.dll
2011-01-20 22:16:12 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-01-20 22:15:47 ----D---- C:\WINDOWS\WBEM
2011-01-20 22:14:10 ----HDC---- C:\WINDOWS\ie8
2011-01-20 22:14:10 ----D---- C:\WINDOWS\system32\cs-CZ
2011-01-20 22:09:45 ----D---- C:\Program Files\Safari
2011-01-20 22:09:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2011-01-20 22:09:22 ----D---- C:\Program Files\Common Files\Apple
2011-01-20 22:09:05 ----D---- C:\Program Files\Apple Software Update
2011-01-20 22:09:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2011-01-20 22:06:22 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Opera
2011-01-20 22:06:18 ----D---- C:\Program Files\Opera
2011-01-20 22:05:30 ----D---- C:\Program Files\Mozilla Firefox
2011-01-20 22:04:39 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Macromedia
2011-01-20 22:04:39 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Adobe
2011-01-20 21:53:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2011-01-20 21:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2011-01-20 21:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2011-01-20 21:53:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2011-01-20 21:53:30 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2011-01-20 21:53:26 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2011-01-20 21:53:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2011-01-20 21:53:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2011-01-20 21:53:17 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2011-01-20 21:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2011-01-20 21:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2011-01-20 21:53:05 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2011-01-20 21:53:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2011-01-20 21:52:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2011-01-20 21:52:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2011-01-20 21:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2011-01-20 21:52:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-01-20 21:52:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2011-01-20 21:52:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2011-01-20 21:52:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2011-01-20 21:52:31 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2011-01-20 21:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2011-01-20 21:52:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2011-01-20 21:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2011-01-20 21:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2011-01-20 21:52:12 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2011-01-20 21:52:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-01-20 21:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2011-01-20 21:52:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2011-01-20 21:51:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2011-01-20 21:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2011-01-20 21:51:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2011-01-20 21:51:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2011-01-20 21:51:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2011-01-20 21:51:37 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2011-01-20 21:51:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-01-20 21:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2011-01-20 21:51:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2011-01-20 21:51:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2011-01-20 21:51:21 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2011-01-20 21:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-01-20 21:51:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2011-01-20 21:51:08 ----A---- C:\WINDOWS\system32\MRT.exe
2011-01-20 21:51:02 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2011-01-20 21:35:18 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2011-01-20 21:35:15 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2011-01-20 21:35:11 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2011-01-20 21:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2011-01-20 21:35:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2011-01-20 21:34:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2011-01-20 21:34:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2011-01-20 21:34:52 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2011-01-20 21:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2011-01-20 21:34:45 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2011-01-20 21:34:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2011-01-20 21:34:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2011-01-20 21:34:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2011-01-20 21:34:22 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2011-01-20 21:34:16 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2011-01-20 21:34:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2011-01-20 21:34:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2011-01-20 21:34:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2011-01-20 21:34:03 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2011-01-20 21:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2011-01-20 21:33:57 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2011-01-20 21:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2011-01-20 21:33:51 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2011-01-20 21:33:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2011-01-20 21:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2011-01-20 21:33:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2011-01-20 21:33:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2011-01-20 21:33:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2011-01-20 21:31:58 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-01-20 21:31:42 ----N---- C:\WINDOWS\system32\browserchoice.exe
2011-01-20 21:16:31 ----D---- C:\WINDOWS\provisioning
2011-01-20 21:16:31 ----D---- C:\WINDOWS\peernet
2011-01-20 21:15:54 ----D---- C:\WINDOWS\ServicePackFiles
2011-01-20 21:14:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-01-20 21:13:22 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-01-20 21:13:20 ----D---- C:\WINDOWS\EHome
2011-01-20 21:11:10 ----N---- C:\WINDOWS\system32\spnpinst.exe
2011-01-20 21:01:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-01-20 20:58:48 ----D---- C:\WINDOWS\system32\PreInstall
2011-01-20 20:58:48 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-01-20 20:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-01-20 20:58:47 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-20 20:58:38 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-01-20 20:58:32 ----D---- C:\WINDOWS\system32\bits
2011-01-20 20:58:28 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2011-01-20 20:58:07 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2011-01-20 20:58:07 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2011-01-20 20:58:07 ----A---- C:\WINDOWS\system32\winhttp.dll
2011-01-20 20:58:07 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-01-20 20:56:43 ----A---- C:\WINDOWS\system32\wpa.bak
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wups2.dll
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wups.dll
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2011-01-20 20:55:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-01-20 20:55:24 ----D---- C:\WINDOWS\SoftwareDistribution
2011-01-20 20:51:37 ----D---- C:\Program Files\Marvell
2011-01-20 20:41:10 ----D---- C:\Program Files\Lavalys
2011-01-20 20:27:51 ----RA---- C:\WINDOWS\system32\ntsim.sys
2011-01-20 20:22:03 ----D---- C:\WINDOWS\OPTIONS
2011-01-20 20:22:00 ----RA---- C:\WINDOWS\system32\UpdDrv2K.exe
2011-01-20 20:22:00 ----RA---- C:\WINDOWS\system32\TDInst2K.exe
2011-01-20 20:21:22 ----A---- C:\WINDOWS\IsUninst.exe
2011-01-20 19:51:35 ----SD---- C:\WINDOWS\system32\Microsoft
2011-01-20 19:49:52 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-20 19:49:44 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-20 19:38:29 ----A---- C:\WINDOWS\system32\h323log.txt
2011-01-20 19:35:40 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2011-01-20 19:35:24 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2011-01-20 19:35:01 ----A---- C:\WINDOWS\system32\usbui.dll
2011-01-20 19:34:38 ----A---- C:\WINDOWS\imsins.BAK
2011-01-20 19:34:36 ----D---- C:\Program Files\Common Files\ODBC
2011-01-20 19:34:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-20 19:34:36 ----A---- C:\WINDOWS\ODBCINST.INI
2011-01-20 19:34:32 ----RD---- C:\Program Files
2011-01-20 19:34:32 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-01-20 19:34:32 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-01-20 19:34:32 ----D---- C:\Program Files\Common Files
2011-01-20 19:34:29 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-01-20 19:34:29 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-01-20 19:34:29 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-01-20 19:34:27 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-01-20 19:34:27 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-01-20 19:34:27 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-01-20 19:34:27 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-01-20 19:34:26 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-01-20 19:34:24 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-01-20 19:34:24 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-01-20 19:34:24 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-01-20 19:34:24 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-01-20 19:34:23 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-01-20 19:34:23 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-01-20 19:34:23 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-01-20 19:34:22 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-01-20 19:34:22 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-01-20 19:34:21 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-01-20 19:34:21 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-01-20 19:34:21 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-01-20 19:34:17 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-01-20 19:34:16 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-01-20 19:34:16 ----A---- C:\WINDOWS\system32\irclass.dll
2011-01-20 19:34:16 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2011-01-20 19:34:16 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-01-20 19:34:16 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-01-20 19:34:15 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-01-20 19:34:13 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-01-20 19:34:13 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-01-20 19:34:13 ----A---- C:\WINDOWS\notepad.exe
2011-01-20 19:34:12 ----A---- C:\WINDOWS\system32\storprop.dll
2011-01-20 19:34:12 ----A---- C:\WINDOWS\system32\batt.dll
2011-01-20 19:34:09 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-01-20 19:34:07 ----RA---- C:\WINDOWS\SET7.tmp
2011-01-20 19:34:04 ----RA---- C:\WINDOWS\SET3.tmp
2011-01-20 19:34:01 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-20 19:34:01 ----D---- C:\WINDOWS\system32\CatRoot
2011-01-20 19:33:56 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-01-20 19:33:39 ----A---- C:\WINDOWS\setuplog.txt
2011-01-20 19:33:36 ----D---- C:\Documents and Settings
2011-01-20 19:32:44 ----RASH---- C:\boot.ini
2011-01-20 19:26:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-20 19:26:30 ----RSD---- C:\WINDOWS\Fonts
2011-01-20 19:26:30 ----RD---- C:\WINDOWS\Web
2011-01-20 19:26:30 ----HD---- C:\WINDOWS\inf
2011-01-20 19:26:30 ----D---- C:\WINDOWS\WinSxS
2011-01-20 19:26:30 ----D---- C:\WINDOWS\twain_32
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Temp
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\wins
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\wbem
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\usmt
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\spool
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\ShellExt
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\Setup
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\ras
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\oobe
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\npp
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\mui
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\inetsrv
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\IME
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\icsxml
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\ias
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\export
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\drivers\etc
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\drivers\disdn
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\drivers
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\dhcp
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\config
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\3com_dmi
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\3076
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\2052
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1054
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1042
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1041
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1037
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1033
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1031
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1029
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1028
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32\1025
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system32
2011-01-20 19:26:30 ----D---- C:\WINDOWS\system
2011-01-20 19:26:30 ----D---- C:\WINDOWS\security
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Resources
2011-01-20 19:26:30 ----D---- C:\WINDOWS\repair
2011-01-20 19:26:30 ----D---- C:\WINDOWS\mui
2011-01-20 19:26:30 ----D---- C:\WINDOWS\msapps
2011-01-20 19:26:30 ----D---- C:\WINDOWS\msagent
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Media
2011-01-20 19:26:30 ----D---- C:\WINDOWS\java
2011-01-20 19:26:30 ----D---- C:\WINDOWS\ime
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Help
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Driver Cache
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Debug
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Cursors
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Connection Wizard
2011-01-20 19:26:30 ----D---- C:\WINDOWS\Config
2011-01-20 19:26:30 ----D---- C:\WINDOWS\AppPatch
2011-01-20 19:26:30 ----D---- C:\WINDOWS\addins
2011-01-20 19:26:30 ----D---- C:\WINDOWS
2011-01-20 18:46:19 ----SHD---- C:\WINDOWS\Installer
2011-01-20 18:46:17 ----D---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Identities
2011-01-20 18:46:14 ----HD---- C:\Program Files\Uninstall Information
2011-01-20 18:46:12 ----SD---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\Microsoft
2011-01-20 18:46:12 ----ASH---- C:\Documents and Settings\Ing. Pavel Stoklasa\Data aplikací\desktop.ini
2011-01-20 18:45:04 ----SHD---- C:\System Volume Information
2011-01-20 18:45:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-01-20 18:42:38 ----D---- C:\WINDOWS\system32\xircom
2011-01-20 18:42:38 ----D---- C:\Program Files\xerox
2011-01-20 18:42:38 ----D---- C:\Program Files\microsoft frontpage
2011-01-20 18:42:36 ----RASH---- C:\MSDOS.SYS
2011-01-20 18:42:36 ----RASH---- C:\IO.SYS
2011-01-20 18:42:36 ----A---- C:\WINDOWS\control.ini
2011-01-20 18:42:36 ----A---- C:\CONFIG.SYS
2011-01-20 18:42:36 ----A---- C:\AUTOEXEC.BAT
2011-01-20 18:42:32 ----A---- C:\WINDOWS\OEWABLog.txt
2011-01-20 18:42:31 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-01-20 18:42:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-01-20 18:42:01 ----RD---- C:\WINDOWS\Offline Web Pages
2011-01-20 18:42:01 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-01-20 18:41:57 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-01-20 18:41:38 ----D---- C:\WINDOWS\system32\DirectX
2011-01-20 18:41:02 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-01-20 18:41:02 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-01-20 18:41:02 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-01-20 18:41:02 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-01-20 18:41:01 ----A---- C:\WINDOWS\system32\atrace.dll
2011-01-20 18:40:58 ----A---- C:\WINDOWS\system32\desktop.ini
2011-01-20 18:40:58 ----A---- C:\WINDOWS\desktop.ini
2011-01-20 18:40:49 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-01-20 18:40:49 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-01-20 18:40:49 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-01-20 18:40:47 ----A---- C:\WINDOWS\system32\acctres.dll
2011-01-20 18:40:46 ----D---- C:\Program Files\Common Files\Services
2011-01-20 18:40:45 ----A---- C:\WINDOWS\system32\inetres.dll
2011-01-20 18:40:41 ----SD---- C:\WINDOWS\Tasks
2011-01-20 18:40:40 ----A---- C:\WINDOWS\system32\isign32.dll
2011-01-20 18:40:40 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-01-20 18:40:40 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-01-20 18:40:40 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-01-20 18:40:40 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-01-20 18:40:37 ----D---- C:\Program Files\Common Files\MSSoap
2011-01-20 18:40:30 ----D---- C:\WINDOWS\system32\Macromed
2011-01-20 18:40:30 ----D---- C:\WINDOWS\srchasst
2011-01-20 18:40:28 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-01-20 18:40:27 ----D---- C:\Program Files\Movie Maker
2011-01-20 18:40:22 ----D---- C:\WINDOWS\system32\Restore
2011-01-20 18:40:22 ----D---- C:\WINDOWS\PCHealth
2011-01-20 18:40:22 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-01-20 18:40:22 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-01-20 18:40:21 ----A---- C:\WINDOWS\system32\srclient.dll
2011-01-20 18:40:21 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-01-20 18:40:21 ----A---- C:\WINDOWS\system32\ils.dll
2011-01-20 18:40:21 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2011-01-20 18:40:20 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-01-20 18:40:20 ----A---- C:\WINDOWS\system32\msconf.dll
2011-01-20 18:40:17 ----D---- C:\Program Files\NetMeeting
2011-01-20 18:40:17 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-01-20 18:40:17 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-01-20 18:40:16 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-01-20 18:40:15 ----D---- C:\Program Files\Outlook Express
2011-01-20 18:40:15 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-01-20 18:40:15 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-01-20 18:40:15 ----A---- C:\WINDOWS\system32\mstask.dll
2011-01-20 18:40:10 ----D---- C:\Program Files\Internet Explorer
2011-01-20 18:40:10 ----D---- C:\Program Files\Common Files\System
2011-01-20 18:40:07 ----D---- C:\Program Files\ComPlus Applications
2011-01-20 18:40:06 ----D---- C:\WINDOWS\Registration
2011-01-20 18:40:06 ----A---- C:\WINDOWS\vbaddin.ini
2011-01-20 18:40:06 ----A---- C:\WINDOWS\vb.ini
2011-01-20 18:39:51 ----HD---- C:\Program Files\WindowsUpdate
2011-01-20 18:39:51 ----D---- C:\Program Files\Windows Media Player
2011-01-20 18:39:51 ----D---- C:\Program Files\Online Services
2011-01-20 18:39:49 ----D---- C:\Program Files\Messenger
2011-01-20 18:39:43 ----D---- C:\Program Files\MSN Gaming Zone
2011-01-20 18:39:43 ----A---- C:\WINDOWS\system32\write.exe
2011-01-20 18:39:32 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-01-20 18:39:31 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-01-20 18:39:31 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-01-20 18:39:31 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-01-20 18:39:31 ----A---- C:\WINDOWS\system32\hticons.dll
2011-01-20 18:39:30 ----A---- C:\WINDOWS\system32\avwav.dll
2011-01-20 18:39:30 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-01-20 18:39:30 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-01-20 18:39:29 ----A---- C:\WINDOWS\system32\winchat.exe
2011-01-20 18:39:19 ----A---- C:\WINDOWS\system32\charmap.exe
2011-01-20 18:39:19 ----A---- C:\WINDOWS\system32\getuname.dll
2011-01-20 18:39:19 ----A---- C:\WINDOWS\system32\calc.exe
2011-01-20 18:39:18 ----A---- C:\WINDOWS\system32\winmine.exe
2011-01-20 18:39:18 ----A---- C:\WINDOWS\system32\sol.exe
2011-01-20 18:39:18 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\tskill.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\reset.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\freecell.exe
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2011-01-20 18:39:17 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\tscon.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\shadow.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\regini.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-01-20 18:39:16 ----A---- C:\WINDOWS\system32\msg.exe
2011-01-20 18:39:15 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-01-20 18:39:15 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-01-20 18:39:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-01-20 18:39:15 ----A---- C:\WINDOWS\system32\logoff.exe
2011-01-20 18:39:15 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-01-20 18:39:14 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-01-20 18:39:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-01-20 18:39:14 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-01-20 18:39:14 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-01-20 18:39:13 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\stclient.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\colbact.dll
2011-01-20 18:39:12 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-01-20 18:39:11 ----A---- C:\WINDOWS\system32\comuid.dll
2011-01-20 18:39:11 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-01-20 18:39:11 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-01-20 18:39:11 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-01-20 18:39:10 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-01-20 18:39:03 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-01-20 18:39:02 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-01-20 18:39:02 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-01-20 18:39:02 ----A---- C:\WINDOWS\system32\cmprops.dll
2011-01-20 18:38:56 ----D---- C:\Program Files\MSN
2011-01-20 18:38:55 ----D---- C:\Program Files\Windows NT
2011-01-20 18:38:55 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-01-20 18:38:55 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-01-20 18:38:55 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-01-20 18:38:54 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-01-20 18:38:54 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-01-20 18:38:54 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-01-20 18:38:54 ----A---- C:\WINDOWS\system32\spider.exe
2011-01-20 18:38:54 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-01-20 18:38:53 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-01-20 18:38:52 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-01-20 18:38:51 ----D---- C:\WINDOWS\system32\MsDtc
2011-01-20 18:38:51 ----D---- C:\WINDOWS\system32\Com
2011-01-20 18:38:51 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-01-20 18:38:51 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-01-20 18:38:50 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-01-20 18:38:50 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-01-20 18:38:46 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-01-20 18:38:42 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
2011-01-20 18:38:42 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2011-01-07 19:56:54 ----A---- C:\WINDOWS\system32\nvwddi.dll
2011-01-07 19:56:50 ----A---- C:\WINDOWS\system32\easyUpdatusAPIU.dll
2011-01-07 19:56:48 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2011-01-07 19:56:48 ----A---- C:\WINDOWS\system32\nvmctray.dll
2011-01-07 19:56:48 ----A---- C:\WINDOWS\system32\nvmccs.dll
2011-01-07 19:56:48 ----A---- C:\WINDOWS\system32\nvcpl.dll
2011-01-07 19:56:48 ----A---- C:\WINDOWS\system32\nvcolor.exe

======List of files/folders modified in the last 1 months======

2011-01-20 21:16:56 ----A---- C:\WINDOWS\win.ini
2011-01-20 21:14:40 ----RASH---- C:\NTDETECT.COM
2011-01-20 19:34:31 ----A---- C:\WINDOWS\system.ini
2011-01-20 18:42:25 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2011-01-08 04:27:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 JRAID;JRAID; C:\WINDOWS\system32\DRIVERS\jraid.sys [2008-11-04 83296]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl3e75e24a;MpKsl3e75e24a; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{72D7A555-3F02-480E-9239-A4133156B2F7}\MpKsl3e75e24a.sys []
R2 aksfridge;aksfridge; \??\C:\WINDOWS\system32\drivers\aksfridge.sys []
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-12-30 6290024]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [2010-09-23 298784]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 hasplms;HASP License Manager; C:\WINDOWS\system32\hasplms.exe [2009-04-21 2869760]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2011-01-21 82584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer
A TDSS killer něco opravil? Poprosím o log z něj
- C:\TDSSKiller.2.4.15.0_31.01.2011_20.49.08_log.txt
(vidím že jste ho spouštěl dvakrát, prosila bych o ten první log, abych viděla, zda něco opravoval)

Můžu vědět, jak jste přišel na to, že je právě v MBR?

[Stoon]

Poslu radeji oba logy, ktere mam na disku ulozene:

prvni (ale prekvapive mnohem kratsi):
2011/01/31 20:49:08.0986 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/31 20:49:08.0986 ================================================================================
2011/01/31 20:49:08.0986 SystemInfo:
2011/01/31 20:49:08.0986
2011/01/31 20:49:08.0986 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/31 20:49:08.0986 Product type: Workstation
2011/01/31 20:49:08.0986 ComputerName: PAVEL-BLACK
2011/01/31 20:49:08.0986 UserName: Ing. Pavel Stoklasa
2011/01/31 20:49:08.0986 Windows directory: C:\WINDOWS
2011/01/31 20:49:08.0986 System windows directory: C:\WINDOWS
2011/01/31 20:49:08.0986 Processor architecture: Intel x86
2011/01/31 20:49:08.0986 Number of processors: 2
2011/01/31 20:49:08.0986 Page size: 0x1000
2011/01/31 20:49:08.0986 Boot type: Normal boot
2011/01/31 20:49:08.0986 ================================================================================
2011/01/31 20:49:09.0423 Initialize success
2011/01/31 20:49:11.0142 Deinitialize success

druhy (a mnohem obsahlejsi):
2011/01/31 20:49:22.0330 TDSS rootkit removing tool 2.4.15.0 Jan 22 2011 19:37:53
2011/01/31 20:49:22.0330 ================================================================================
2011/01/31 20:49:22.0330 SystemInfo:
2011/01/31 20:49:22.0330
2011/01/31 20:49:22.0330 OS Version: 5.1.2600 ServicePack: 3.0
2011/01/31 20:49:22.0330 Product type: Workstation
2011/01/31 20:49:22.0330 ComputerName: PAVEL-BLACK
2011/01/31 20:49:22.0330 UserName: Ing. Pavel Stoklasa
2011/01/31 20:49:22.0330 Windows directory: C:\WINDOWS
2011/01/31 20:49:22.0330 System windows directory: C:\WINDOWS
2011/01/31 20:49:22.0330 Processor architecture: Intel x86
2011/01/31 20:49:22.0330 Number of processors: 2
2011/01/31 20:49:22.0330 Page size: 0x1000
2011/01/31 20:49:22.0330 Boot type: Normal boot
2011/01/31 20:49:22.0330 ================================================================================
2011/01/31 20:49:22.0736 Initialize success
2011/01/31 20:49:27.0798 ================================================================================
2011/01/31 20:49:27.0798 Scan started
2011/01/31 20:49:27.0798 Mode: Manual;
2011/01/31 20:49:27.0798 ================================================================================
2011/01/31 20:49:28.0252 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/31 20:49:28.0298 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/01/31 20:49:28.0361 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/31 20:49:28.0408 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/31 20:49:28.0548 aksfridge (730e9d3bb324fb1899005aea63c6782d) C:\WINDOWS\system32\drivers\aksfridge.sys
2011/01/31 20:49:28.0908 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/01/31 20:49:29.0095 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/31 20:49:29.0142 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/31 20:49:29.0205 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/31 20:49:29.0252 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/31 20:49:29.0298 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/31 20:49:29.0345 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/31 20:49:29.0377 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/31 20:49:29.0423 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/31 20:49:29.0455 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/31 20:49:29.0627 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/31 20:49:29.0689 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/31 20:49:29.0736 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/31 20:49:29.0767 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/31 20:49:29.0814 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/31 20:49:29.0861 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/31 20:49:29.0908 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
2011/01/31 20:49:30.0017 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/31 20:49:30.0048 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/31 20:49:30.0080 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/31 20:49:30.0095 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/31 20:49:30.0142 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/31 20:49:30.0158 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/31 20:49:30.0173 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/31 20:49:30.0205 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/31 20:49:30.0252 hardlock (a9d587e31dbee3e9bd97fefece0ba874) C:\WINDOWS\system32\drivers\hardlock.sys
2011/01/31 20:49:30.0611 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/31 20:49:30.0642 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/31 20:49:30.0705 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/31 20:49:30.0798 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/31 20:49:30.0814 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/31 20:49:31.0033 IntcAzAudAddService (ed90e04f7a1e385e2ea956cad83f8070) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/01/31 20:49:31.0236 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/31 20:49:31.0267 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/31 20:49:31.0314 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/31 20:49:31.0361 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/31 20:49:31.0392 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/31 20:49:31.0423 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/31 20:49:31.0470 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/31 20:49:31.0517 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/31 20:49:31.0564 JRAID (a324485106f133e751f4b7f47c4be3ea) C:\WINDOWS\system32\DRIVERS\jraid.sys
2011/01/31 20:49:31.0611 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/31 20:49:31.0642 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/31 20:49:31.0689 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/31 20:49:31.0736 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/31 20:49:31.0830 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/31 20:49:31.0877 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/31 20:49:31.0939 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/01/31 20:49:32.0033 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/31 20:49:32.0048 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/31 20:49:32.0080 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/01/31 20:49:32.0158 MpKsl330a0caa (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{93B11745-5931-471A-9FD5-96D5DEFAB641}\MpKsl330a0caa.sys
2011/01/31 20:49:32.0252 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/31 20:49:32.0314 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/31 20:49:32.0361 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/31 20:49:32.0408 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/31 20:49:32.0439 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/31 20:49:32.0470 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/31 20:49:32.0517 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/31 20:49:32.0548 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/31 20:49:32.0580 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/31 20:49:32.0611 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/31 20:49:32.0642 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/31 20:49:32.0658 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/31 20:49:32.0673 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/31 20:49:32.0705 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/31 20:49:32.0752 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/31 20:49:32.0798 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/31 20:49:32.0845 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/31 20:49:32.0908 NTSIM (aa56a73370f0a29bcb8aff177b6c68f8) C:\WINDOWS\System32\ntsim.sys
2011/01/31 20:49:32.0970 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/31 20:49:33.0236 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/01/31 20:49:33.0502 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/31 20:49:33.0517 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/31 20:49:33.0564 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/31 20:49:33.0580 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/31 20:49:33.0627 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/31 20:49:33.0673 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/31 20:49:33.0736 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/31 20:49:33.0783 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/31 20:49:34.0017 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/31 20:49:34.0048 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/31 20:49:34.0080 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/31 20:49:34.0127 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/31 20:49:34.0408 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/31 20:49:34.0439 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/31 20:49:34.0470 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/31 20:49:34.0502 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/31 20:49:34.0548 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/31 20:49:34.0564 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/31 20:49:34.0595 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/31 20:49:34.0627 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/31 20:49:34.0736 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/31 20:49:34.0783 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/31 20:49:34.0798 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/31 20:49:34.0861 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/31 20:49:34.0986 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/31 20:49:35.0048 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/31 20:49:35.0095 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/31 20:49:35.0127 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/31 20:49:35.0173 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/31 20:49:35.0252 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/31 20:49:35.0298 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/31 20:49:35.0330 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/31 20:49:35.0361 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/31 20:49:35.0377 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/31 20:49:35.0455 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/31 20:49:35.0533 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/31 20:49:35.0580 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/31 20:49:35.0611 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/31 20:49:35.0642 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/31 20:49:35.0689 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/31 20:49:35.0720 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/31 20:49:35.0767 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/31 20:49:35.0798 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/31 20:49:35.0861 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/31 20:49:35.0908 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/31 20:49:36.0017 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/31 20:49:36.0127 yukonwxp (96f714b7431c297373038f5df8b53685) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/01/31 20:49:36.0252 ================================================================================
2011/01/31 20:49:36.0252 Scan finished
2011/01/31 20:49:36.0252 ================================================================================
2011/01/31 20:50:27.0017 ================================================================================
2011/01/31 20:50:27.0017 Scan started
2011/01/31 20:50:27.0017 Mode: Manual;
2011/01/31 20:50:27.0017 ================================================================================
2011/01/31 20:50:27.0330 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/01/31 20:50:27.0377 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/01/31 20:50:27.0439 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/01/31 20:50:27.0502 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2011/01/31 20:50:27.0673 aksfridge (730e9d3bb324fb1899005aea63c6782d) C:\WINDOWS\system32\drivers\aksfridge.sys
2011/01/31 20:50:27.0783 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
2011/01/31 20:50:27.0939 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/01/31 20:50:28.0002 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/01/31 20:50:28.0033 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/01/31 20:50:28.0080 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/01/31 20:50:28.0127 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/01/31 20:50:28.0173 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/01/31 20:50:28.0205 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/01/31 20:50:28.0252 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/01/31 20:50:28.0267 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/01/31 20:50:28.0439 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/01/31 20:50:28.0502 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2011/01/31 20:50:28.0548 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2011/01/31 20:50:28.0611 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/01/31 20:50:28.0673 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/01/31 20:50:28.0752 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/01/31 20:50:28.0814 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys
2011/01/31 20:50:28.0877 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/01/31 20:50:28.0923 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/01/31 20:50:28.0955 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2011/01/31 20:50:28.0970 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/01/31 20:50:29.0017 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/01/31 20:50:29.0033 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/01/31 20:50:29.0048 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/01/31 20:50:29.0064 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/01/31 20:50:29.0127 hardlock (a9d587e31dbee3e9bd97fefece0ba874) C:\WINDOWS\system32\drivers\hardlock.sys
2011/01/31 20:50:29.0173 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/01/31 20:50:29.0205 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/01/31 20:50:29.0267 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/01/31 20:50:29.0361 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/01/31 20:50:29.0392 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/01/31 20:50:29.0595 IntcAzAudAddService (ed90e04f7a1e385e2ea956cad83f8070) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/01/31 20:50:29.0705 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/01/31 20:50:29.0752 ip6fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/01/31 20:50:29.0798 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/01/31 20:50:29.0845 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/01/31 20:50:29.0877 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/01/31 20:50:29.0908 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/01/31 20:50:29.0939 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/01/31 20:50:30.0017 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/01/31 20:50:30.0033 JRAID (a324485106f133e751f4b7f47c4be3ea) C:\WINDOWS\system32\DRIVERS\jraid.sys
2011/01/31 20:50:30.0080 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/01/31 20:50:30.0111 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/01/31 20:50:30.0158 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/01/31 20:50:30.0205 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/01/31 20:50:30.0298 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/01/31 20:50:30.0345 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2011/01/31 20:50:30.0423 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
2011/01/31 20:50:30.0455 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/01/31 20:50:30.0470 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/01/31 20:50:30.0502 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/01/31 20:50:30.0564 MpKsl330a0caa (5f53edfead46fa7adb78eee9ecce8fdf) C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{93B11745-5931-471A-9FD5-96D5DEFAB641}\MpKsl330a0caa.sys
2011/01/31 20:50:30.0642 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/01/31 20:50:30.0673 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/01/31 20:50:30.0705 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/01/31 20:50:30.0752 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/01/31 20:50:30.0783 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/01/31 20:50:30.0814 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/01/31 20:50:30.0861 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/01/31 20:50:30.0877 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/01/31 20:50:30.0923 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/01/31 20:50:30.0955 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/01/31 20:50:30.0986 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/01/31 20:50:31.0002 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/01/31 20:50:31.0048 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/01/31 20:50:31.0064 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/01/31 20:50:31.0095 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/01/31 20:50:31.0127 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/01/31 20:50:31.0158 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/01/31 20:50:31.0205 NTSIM (aa56a73370f0a29bcb8aff177b6c68f8) C:\WINDOWS\System32\ntsim.sys
2011/01/31 20:50:31.0236 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/01/31 20:50:31.0486 nv (18c9b152da7bea76b2f9e4b6412e0aaf) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/01/31 20:50:31.0611 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/01/31 20:50:31.0627 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/01/31 20:50:31.0673 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/01/31 20:50:31.0705 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/01/31 20:50:31.0736 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/01/31 20:50:31.0783 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/01/31 20:50:31.0830 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/01/31 20:50:31.0861 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/01/31 20:50:32.0017 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/01/31 20:50:32.0033 Processor (7eb15dce4ec3a0220bd796a15c18186e) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/01/31 20:50:32.0048 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/01/31 20:50:32.0064 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/01/31 20:50:32.0220 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/01/31 20:50:32.0283 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/01/31 20:50:32.0298 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/01/31 20:50:32.0314 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/01/31 20:50:32.0361 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/01/31 20:50:32.0392 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/01/31 20:50:32.0423 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/01/31 20:50:32.0455 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/01/31 20:50:32.0517 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/01/31 20:50:32.0564 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/01/31 20:50:32.0595 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/01/31 20:50:32.0673 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/01/31 20:50:32.0783 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/01/31 20:50:32.0845 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/01/31 20:50:32.0892 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/01/31 20:50:32.0955 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/01/31 20:50:32.0986 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/01/31 20:50:33.0173 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/01/31 20:50:33.0236 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/01/31 20:50:33.0283 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/01/31 20:50:33.0314 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/01/31 20:50:33.0345 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/01/31 20:50:33.0439 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/01/31 20:50:33.0517 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/01/31 20:50:33.0564 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/01/31 20:50:33.0595 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/01/31 20:50:33.0611 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/01/31 20:50:33.0658 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/01/31 20:50:33.0705 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/01/31 20:50:33.0752 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/01/31 20:50:33.0767 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/01/31 20:50:33.0845 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/01/31 20:50:33.0892 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/01/31 20:50:33.0986 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/01/31 20:50:34.0127 yukonwxp (96f714b7431c297373038f5df8b53685) C:\WINDOWS\system32\DRIVERS\yk51x86.sys
2011/01/31 20:50:34.0252 ================================================================================
2011/01/31 20:50:34.0252 Scan finished
2011/01/31 20:50:34.0252 ================================================================================
2011/01/31 20:50:38.0002 Deinitialize success


Jinak ze se nachazi v MBR jsem poznal podle toho, ze kdyz jsem pripojil disk k jinemu pocitaci a spustil scan (NOD32), hned v uvodu napsal, ze v MBR sektoru druheho fyzickeho disku byl nalezen trojský kun Win32/Olmarik.ajl (nevim, jestli si celou hlasku pamatuju presne tak, jak byla zobrazena ).

[motji]

Pamatujete dobře
Jdeme na to kouknout, pak pro jistotu zkontrolujeme i ten pc, kde jste disk zapojil.



Zazálohujte si důležitá data, pro jistotu

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[Stoon]

log z combofixu:

ComboFix 11-01-31.02 - Ing. Pavel Stoklasa 01.02.2011 22:58:34.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.609 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ing. Pavel Stoklasa\Plocha\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.

((((((((((((((((((((((((( Soubory vytvořené od 2011-01-01 do 2011-02-01 )))))))))))))))))))))))))))))))
.

2011-02-01 16:31 . 2011-02-01 16:32 -------- d-----w- C:\rsit
2011-01-30 11:34 . 2011-01-30 11:34 -------- d-----w- C:\MSI2fecd.tmp
2011-01-25 05:40 . 2011-01-25 05:41 -------- d-----w- C:\1
2011-01-21 00:32 . 2011-02-01 16:31 -------- d-----w- C:\registry
2011-01-20 23:48 . 2011-01-20 23:49 -------- d-----w- C:\totalcmd
2011-01-20 23:03 . 2011-01-20 23:03 -------- d-----w- C:\NVIDIA
2011-01-20 22:47 . 2011-01-20 22:47 -------- d-----w- C:\RaidTool
2011-01-20 22:44 . 2011-01-20 22:44 -------- d-----w- C:\Intel

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2004-08-17 22:49 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27 . 2004-08-04 05:29 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-11-09 14:52 . 2003-04-16 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2003-04-16 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-10-11 15:12 1244040 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-10-11 1244040]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-10-11 1244040]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Ing. Pavel Stoklasa\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2011-01-20 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-12-30 19972712]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1966080]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2010-12-03 15:47 141368 ----a-w- c:\program files\Software602\Print2PDF\Print2PDF.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\system32\\hasplms.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13364:UDP"= 13364:UDP:Print Server Utility
"13621:UDP"= 13621:UDP:MFP Bot Utility
"13107:UDP"= 13107:UDP:Print Server Utility
"69:UDP"= 69:UDP:Print Server Utility

R1 MpKslfa8c363e;MpKslfa8c363e;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{72D7A555-3F02-480E-9239-A4133156B2F7}\MpKslfa8c363e.sys [1.2.2011 22:01 28752]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4.5.2010 12:07 503080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.1.2011 23:07 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [20.1.2011 23:42 23456]
.
Obsah adresáře 'Naplánované úlohy'

2011-02-01 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]

2011-02-01 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-10-11 15:12]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com
.
.
------- Asociace souborů -------
.
.scr=AutoCADLTScriptFile
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-01 23:03
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2011-02-01 23:04:29
ComboFix-quarantined-files.txt 2011-02-01 22:04

Před spuštěním: Volných bajtů: 36 344 262 656
Po spuštění: Volných bajtů: 37 045 862 400

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 41A53DDF882ED0CD83D3B0F035633568

[motji]

Dejte soubor otestovat na http://www.virustotal.com

c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{72D7A555-3F02-480E-9239-A4133156B2F7}\MpKslfa8c363e.sys


-Na virustotalu dáte procházet, a do spodního okénka nakopírujete přímo cestu k souboru a dáte odeslat
-z prohlížeče zkopírujete adresu ke stránce s výsledky
-pokud se Vás zeptá, dejte soubor otestovat znovu, tak aby to byl soubor z Vašeho počítače


stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu a spusťte
-vytvoří se log s názvem mbr.log, vložte ho zde

[Stoon]

Zdravim,

soubor, ktery jsem mel otestovat jsem uz na disku bohuzel nenasel (nenasel ho ani Windows). Zkratka tam neni...

Prikladam tedy alespon log z MBR:

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST3160815AS rev.3.AAC -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[motji]

Bude to šmejd

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok
-Do něj zkopírujte text z tohoto okénka

Kód: Vybrat vše

Driver::
MpKslfa8c363e

Collect::
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{72D7A555-3F02-480E-9239-A4133156B2F7}\MpKslfa8c363e.sys 

Folder::
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware
c:\program files\Ask.com\

Firefox::
FF - ProfilePath - c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\
FF - Ext: Nero Toolbar: toolbar@ask.com - %profile%\extensions\toolbar@ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a -přesuňte ho nad ikonu Combofixu, kde ho upustíte:




-po aplikaci na Vás vypadne další log,vložte ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci




Znáte tento program?
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware

[Stoon]

Nepamatuju se, ze bych vyslovene nejaky Microsoft Antimalware rucne instaloval. Ale predpokladam, ze by to mohla byt soucast nainstalovaneho Microsoft Security Essentials?

log z ComboFixu:

ComboFix 11-01-31.02 - Ing. Pavel Stoklasa 03.02.2011 14:44:51.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1022.609 [GMT 1:00]
Spuštěný z: c:\documents and settings\Ing. Pavel Stoklasa\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Ing. Pavel Stoklasa\Plocha\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\mpasbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\mpasdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\mpavbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\mpavdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\mpengine.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{35786A38-7FD9-4E11-9A2C-92285B1E5E1A}\MpKslfe5573d7.sys
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavbase.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavdlta.vdm
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{912F14C2-B794-48D2-F652-500B11299410}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\LocalCopy\{AEB21430-E7E6-0D56-1371-21AACA674E8B}-ComboFix.exe
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Quick\{6A40581D-5CAC-4CD3-A0BF-A3DF02984438}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Quick\{BDA1FCE1-344B-48D2-AD87-B90E3F98CBC5}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Quick\{EBC838D3-D3CD-4422-BE98-514EE42720F6}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{64661BB3-BD23-417E-AE53-FF4A917109FE}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{91A620A7-5C8A-4C2D-927C-CBB29FF442A5}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AA5D1B46-5676-4763-8D32-F68985713DD8}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B52D3D48-FB83-47F7-AE92-3E76419FFC40}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D685F01E-685D-46A5-A740-2E782E1B2986}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E65BE737-05B8-46BA-B249-B4A46CFD1965}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F617D261-9644-4397-AFD0-326176D855A8}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Results\System\{61C8A26F-8892-4A6B-8FF6-4BBC920EB534}
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\History\Service\Unknown.Log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpCacheStats.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MPDetection-01212011-010605.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MPLog-01212011-010605.log
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-010605-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-010618-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-094109-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-104735-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-115526-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-130557-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-130816-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-131951-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-150649-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-154443-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01212011-195647-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01222011-094550-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01222011-124804-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01222011-145153-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01222011-212228-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01222011-235501-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01232011-163420-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01232011-174406-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01232011-174600-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01242011-075638-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01242011-080023-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01242011-103925-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01242011-143559-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01242011-154911-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01252011-054352-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01262011-084512-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01272011-004902-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01272011-005141-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01272011-115208-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01302011-231250-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01312011-004409-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-01312011-200121-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02012011-165935-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02012011-171813-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02012011-195457-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02012011-220131-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02012011-225700-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02022011-125858-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02032011-140504-00000003-ffffffff.bin
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Support\MpWppTracing-02032011-144314-00000003-ffffffff.bin
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\datastore\cache.sqlite
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\defaults.js.bak
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome.manifest
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\about.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\about.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\addon.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\constants.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\db.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\events.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\json.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\listeners.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\logger.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\network.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\observer.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\options.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\options.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\preferences.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\toolbar.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\utilities.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\widget-frame.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\content\widgets.js
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\blogs.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\Close.gif
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\gripper.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\chevron.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\images.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\loggedin.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\loginframe.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\maps.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\news.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_login.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_logo.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_photos.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_rom.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_videos.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\nr_whatsnew.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\preferences.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_de.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_es.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_it.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\shopping.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\stocks.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\weather.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\web.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\widget-popup.css
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\WindowTop.gif
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Mon-24-Jan-2011-07-03-36-GMT\ff-config.zip
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-22-Jan-2011-12-13-08-GMT\ff-config.zip
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\install.rdf
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295698388277.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295698392613.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295698706696.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295704339271.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295727769075.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295736934707.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295796913361.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295852615596.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295852619627.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295862003045.html
c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\extensions\toolbar@ask.com\logs\asktb-log-1295863606887.html
c:\program files\Ask.com\
c:\program files\Ask.com\\cobrand.ico
c:\program files\Ask.com\\config.xml
c:\program files\Ask.com\\favicon.ico
c:\program files\Ask.com\\GenericAskToolbar.dll
c:\program files\Ask.com\\mupcfg.xml
c:\program files\Ask.com\\SaUpdate.exe
c:\program files\Ask.com\\UpdateTask.exe
c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware . . . . nemohl být smazán

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MPKSLFA8C363E
-------\Legacy_MpKslfe5573d7
-------\Legacy_MpKslfe5573d7
-------\Service_MpKslfe5573d7
-------\Service_MpKslfe5573d7


((((((((((((((((((((((((( Soubory vytvořené od 2011-01-03 do 2011-02-03 )))))))))))))))))))))))))))))))
.

2011-02-01 16:31 . 2011-02-01 16:32 -------- d-----w- C:\rsit
2011-01-30 11:34 . 2011-01-30 11:34 -------- d-----w- C:\MSI2fecd.tmp
2011-01-25 05:40 . 2011-01-25 05:41 -------- d-----w- C:\1
2011-01-21 00:32 . 2011-02-01 16:31 -------- d-----w- C:\registry
2011-01-20 23:48 . 2011-01-20 23:49 -------- d-----w- C:\totalcmd
2011-01-20 23:03 . 2011-01-20 23:03 -------- d-----w- C:\NVIDIA
2011-01-20 22:47 . 2011-01-20 22:47 -------- d-----w- C:\RaidTool
2011-01-20 22:44 . 2011-01-20 22:44 -------- d-----w- C:\Intel

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-01-08 03:27 . 2004-08-17 22:49 6397824 ----a-w- c:\windows\system32\nv4_disp.dll
2011-01-08 03:27 . 2004-08-04 05:29 9888672 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-11-09 14:52 . 2003-04-16 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2003-04-16 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Ing. Pavel Stoklasa\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2011-01-20 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-12-30 19972712]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-11-19 1966080]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2010-12-03 15:47 141368 ----a-w- c:\program files\Software602\Print2PDF\Print2PDF.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\WINDOWS\\system32\\hasplms.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"13364:UDP"= 13364:UDP:Print Server Utility
"13621:UDP"= 13621:UDP:MFP Bot Utility
"13107:UDP"= 13107:UDP:Print Server Utility
"69:UDP"= 69:UDP:Print Server Utility

R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [14.4.2010 11:28 73728]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4.5.2010 12:07 503080]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [20.1.2011 23:07 1691480]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [20.1.2011 23:42 23456]
.
Obsah adresáře 'Naplánované úlohy'

2011-02-03 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Ing. Pavel Stoklasa\Data aplikací\Mozilla\Firefox\Profiles\09vbxzau.default\
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-02-03 14:51
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2496)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\hasplms.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-02-03 14:54:29 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-02-03 13:54
ComboFix2.txt 2011-02-01 22:04

Před spuštěním: Volných bajtů: 37 266 997 248
Po spuštění: Volných bajtů: 37 115 891 712

- - End Of File - - C47C376E8BD96E8C6B9F799BCDAFCB83

[motji]

Nejspíš ano, ale snažila jsem se Vám ho smazat, mě se to prostě nelíbí , má to i zvláštní umístění, všechno.

Prosím složku C-qoobox-qarantine dejte do raru a pošlete mi ji na www.leteckaposta.cz. Link mi vložte zde.

Ten MSE Vám monetálně funguje?

[Stoon]

Ja zas nemuzu rict, ze bych zrovna na MSE byl nejak citove vazany (zkusil jsem ho nainstalovat poprve), takze se klidne necham premluvit k instalaci jineho bezplatneho antiviru . Kazdopadne podle vseho by mi mel ted normalne fungovat (aktualizace probihaji a program hlasi zelenou).

odkaz na pozadovany adresar:

http://leteckaposta.cz/103664884

[motji]

S počítačem to teď vypadá jak?
Já si něco ohledně toho programu microsoft antimalware zjsitím a dám Vám vědět

[Stoon]

Pocitac bezi, normalne bootuje, nezaznamenavam zadne vykyvy v rychlosti, antivir nehlasi zadny problem. Vse se zda byt v poradku.

[motji]

Takže ten soubor a služba, co jsme Vám smazala, patří skutečně k MSE.Omlouvám se, že jsem Vám ji smazala. To umístěn i název byli dost zlváštní.
Prosím MSE přeinstalujte

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.


***********


Stáhněte T-Cleaner
http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir



***********


Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy ok zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.


***********



Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech



***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?