VIRY.CZ

Zdravím,

nainstaloval jsem si Win XP a při instalací KIS2011 mi instalátor zahlásil, že je můj NTB nakažen a dál nebude pokračovat. Nabídl mi ke stažení AVPTool od Kaspersky, ale ten také nic nenašel. Tedy zde je RSIT log, vůbec netuším, co se kde podělalo. Díky


=================================================================

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2011-07-28 22:05:29
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 103 GB (90%) free of 114 GB
Total RAM: 503 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:05:44, on 28.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
E:\infection\RSIT.exe
C:\Program Files\trend micro\Administrator.exe
C:\WINDOWS\SoftwareDistribution\Download\b0919378a74536ee41941d293c0f76e0\update\update.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Služba Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7375 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25 340384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]
"SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-01-18 1028096]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2008-08-20 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2008-08-20 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2008-08-20 137752]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-10-19 177456]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2011-06-15 307200]
"TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2011-02-01 5546376]
"Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2011-02-01 390720]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-10-25 932288]
""= []
"Adobe Acrobat Speed Launcher"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2010-10-25 36760]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2010-10-25 821144]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16 497648]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2008-02-15 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"E:\pc\Kaspersky Internet Seciruty 2011\setup.exe"="E:\pc\Kaspersky Internet Seciruty 2011\setup.exe:*:Enabled:Kaspersky Internet Security 2011 Setup"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9adc9f3a-b954-11e0-9192-0018de71d3cc}]
shell\AutoRun\command - E:\setup.exe


======List of files/folders created in the last 1 months======

2011-07-28 22:05:31 ----D---- C:\Program Files\trend micro
2011-07-28 22:05:29 ----D---- C:\rsit
2011-07-28 21:54:53 ----D---- C:\WINDOWS\system32\PreInstall
2011-07-28 21:54:51 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2011-07-28 21:54:51 ----HD---- C:\WINDOWS\$hf_mig$
2011-07-28 21:48:42 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2011-07-28 21:48:39 ----D---- C:\WINDOWS\LastGood
2011-07-28 21:37:46 ----D---- C:\Program Files\Common Files\Diskeeper Corporation
2011-07-28 21:37:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Diskeeper Corporation
2011-07-28 21:37:44 ----D---- C:\Program Files\Windows Home Server
2011-07-28 21:37:44 ----D---- C:\Program Files\Diskeeper Corporation
2011-07-28 21:28:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2011-07-28 21:16:59 ----D---- C:\Program Files\Common Files\Adobe AIR
2011-07-28 21:13:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2011-07-28 21:12:33 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
2011-07-28 21:10:05 ----D---- C:\Program Files\Common Files\Adobe
2011-07-28 21:10:05 ----D---- C:\Program Files\Adobe
2011-07-28 21:10:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-07-28 21:04:12 ----A---- C:\WINDOWS\system32\h323log.txt
2011-07-28 21:02:16 ----A---- C:\WINDOWS\system32\usbui.dll
2011-07-28 21:01:06 ----A---- C:\WINDOWS\imsins.BAK
2011-07-28 21:01:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-28 21:01:01 ----D---- C:\Program Files\Common Files\ODBC
2011-07-28 21:01:01 ----A---- C:\WINDOWS\ODBCINST.INI
2011-07-28 21:00:58 ----D---- C:\Program Files\Common Files\SpeechEngines
2011-07-28 21:00:57 ----RD---- C:\Program Files
2011-07-28 21:00:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-07-28 21:00:57 ----D---- C:\Program Files\Common Files
2011-07-28 21:00:55 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2011-07-28 21:00:55 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2011-07-28 21:00:54 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2011-07-28 21:00:53 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2011-07-28 21:00:53 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdur.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdru.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2011-07-28 21:00:52 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2011-07-28 21:00:50 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2011-07-28 21:00:48 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2011-07-28 21:00:48 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2011-07-28 21:00:48 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2011-07-28 21:00:48 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2011-07-28 21:00:48 ----RA---- C:\WINDOWS\system32\kbdest.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdsl.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdro.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdpl.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdhu.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\kbdcr.dll
2011-07-28 21:00:45 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2011-07-28 21:00:44 ----A---- C:\WINDOWS\system32\kbdycl.dll
2011-07-28 21:00:44 ----A---- C:\WINDOWS\system32\irclass.dll
2011-07-28 21:00:43 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-07-28 21:00:43 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2011-07-28 21:00:43 ----A---- C:\WINDOWS\system32\dgsetup.dll
2011-07-28 21:00:43 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2011-07-28 21:00:43 ----A---- C:\WINDOWS\system32\batt.dll
2011-07-28 21:00:41 ----A---- C:\WINDOWS\TASKMAN.EXE
2011-07-28 21:00:40 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2011-07-28 21:00:40 ----A---- C:\WINDOWS\system32\storprop.dll
2011-07-28 21:00:40 ----A---- C:\WINDOWS\notepad.exe
2011-07-28 21:00:32 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-07-28 21:00:30 ----RA---- C:\WINDOWS\SET7.tmp
2011-07-28 21:00:28 ----RA---- C:\WINDOWS\SET3.tmp
2011-07-28 21:00:23 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-28 21:00:23 ----D---- C:\WINDOWS\system32\CatRoot
2011-07-28 21:00:17 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-07-28 21:00:04 ----A---- C:\WINDOWS\setuplog.txt
2011-07-28 21:00:00 ----D---- C:\Documents and Settings
2011-07-28 20:59:27 ----RASH---- C:\boot.ini
2011-07-28 20:57:07 ----D---- C:\Program Files\Acronis
2011-07-28 20:56:51 ----D---- C:\Program Files\Common Files\Acronis
2011-07-28 20:55:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-07-28 20:55:05 ----RSD---- C:\WINDOWS\Fonts
2011-07-28 20:55:05 ----RD---- C:\WINDOWS\Web
2011-07-28 20:55:05 ----HD---- C:\WINDOWS\inf
2011-07-28 20:55:05 ----D---- C:\WINDOWS\WinSxS
2011-07-28 20:55:05 ----D---- C:\WINDOWS\twain_32
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Temp
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\wins
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\wbem
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\usmt
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\spool
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\ShellExt
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\Setup
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\ras
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\oobe
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\npp
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\mui
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\inetsrv
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\IME
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\icsxml
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\ias
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\export
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\drivers
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\dhcp
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\config
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\3com_dmi
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\3076
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\2052
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1054
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1042
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1041
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1037
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1033
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1031
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1029
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1028
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32\1025
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system32
2011-07-28 20:55:05 ----D---- C:\WINDOWS\system
2011-07-28 20:55:05 ----D---- C:\WINDOWS\security
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Resources
2011-07-28 20:55:05 ----D---- C:\WINDOWS\repair
2011-07-28 20:55:05 ----D---- C:\WINDOWS\mui
2011-07-28 20:55:05 ----D---- C:\WINDOWS\msapps
2011-07-28 20:55:05 ----D---- C:\WINDOWS\msagent
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Media
2011-07-28 20:55:05 ----D---- C:\WINDOWS\java
2011-07-28 20:55:05 ----D---- C:\WINDOWS\ime
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Help
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Driver Cache
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Debug
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Cursors
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Connection Wizard
2011-07-28 20:55:05 ----D---- C:\WINDOWS\Config
2011-07-28 20:55:05 ----D---- C:\WINDOWS\AppPatch
2011-07-28 20:55:05 ----D---- C:\WINDOWS\addins
2011-07-28 20:55:05 ----D---- C:\WINDOWS
2011-07-28 20:50:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Acronis
2011-07-28 20:50:46 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Acronis
2011-07-28 20:48:25 ----A---- C:\WINDOWS\system32\mdimon.dll
2011-07-28 20:47:48 ----D---- C:\Program Files\Microsoft Works
2011-07-28 20:47:30 ----D---- C:\Program Files\Microsoft Visual Studio
2011-07-28 20:47:30 ----D---- C:\Program Files\Common Files\DESIGNER
2011-07-28 20:47:07 ----D---- C:\Program Files\Microsoft.NET
2011-07-28 20:45:03 ----D---- C:\WINDOWS\SHELLNEW
2011-07-28 20:44:38 ----D---- C:\Program Files\Microsoft Office
2011-07-28 20:44:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-07-28 20:44:17 ----RHD---- C:\MSOCache
2011-07-28 20:42:39 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Zoner
2011-07-28 20:42:17 ----D---- C:\Program Files\Zoner
2011-07-28 20:41:37 ----D---- C:\Program Files\PowerISO
2011-07-28 20:40:15 ----D---- C:\Program Files\WinRAR
2011-07-28 20:39:52 ----D---- C:\totalcmd
2011-07-28 20:39:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\GHISLER
2011-07-28 20:39:22 ----D---- C:\Program Files\ImgBurn
2011-07-28 20:38:55 ----D---- C:\Program Files\Notepad++
2011-07-28 20:38:55 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Notepad++
2011-07-28 20:35:29 ----D---- C:\Program Files\MSBuild
2011-07-28 20:32:10 ----D---- C:\WINDOWS\system32\XPSViewer
2011-07-28 20:32:08 ----D---- C:\WINDOWS\system32\en-us
2011-07-28 20:31:31 ----D---- C:\Program Files\Reference Assemblies
2011-07-28 20:31:05 ----N---- C:\WINDOWS\system32\spmsg2.dll
2011-07-28 20:28:10 ----RSD---- C:\WINDOWS\assembly
2011-07-28 20:27:42 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-28 20:26:55 ----N---- C:\WINDOWS\system32\spmsg.dll
2011-07-28 20:26:49 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2011-07-28 20:26:35 ----D---- C:\Program Files\Windows Media Connect 2
2011-07-28 20:26:24 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2011-07-28 20:25:47 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2011-07-28 20:25:27 ----D---- C:\WINDOWS\system32\LogFiles
2011-07-28 20:25:18 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2011-07-28 20:24:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2011-07-28 20:24:18 ----D---- C:\WINDOWS\WBEM
2011-07-28 20:23:12 ----HDC---- C:\WINDOWS\ie8
2011-07-28 20:22:01 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2011-07-28 20:21:32 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2011-07-28 20:21:31 ----A---- C:\WINDOWS\system32\BttnCmns_64.dll
2011-07-28 20:21:31 ----A---- C:\WINDOWS\system32\BttnCmns.dll
2011-07-28 20:21:31 ----A---- C:\WINDOWS\system32\BttnCmn.dll
2011-07-28 20:21:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2011-07-28 20:20:33 ----D---- C:\WINDOWS\pss
2011-07-28 20:20:14 ----A---- C:\WINDOWS\system32\igfxres.dll
2011-07-28 20:17:17 ----D---- C:\WINDOWS\system32\Lang
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igxpun.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igxprd32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igxpgd32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igxpdx32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igxpdv32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\iglicd32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igldev32.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxtray.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxress.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxpph.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxpers.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxext.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxexps.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxdo.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxdev.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxCoIn_v4926.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\hkcmd.exe
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\hccutils.dll
2011-07-28 20:17:17 ----A---- C:\WINDOWS\system32\difxapi.dll
2011-07-28 20:17:08 ----D---- C:\Intel
2011-07-28 20:15:43 ----D---- C:\Program Files\DIFX
2011-07-28 20:15:34 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2011-07-28 20:15:34 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2011-07-28 20:15:33 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-07-28 20:15:04 ----D---- C:\Program Files\Hewlett-Packard
2011-07-28 20:14:26 ----A---- C:\WINDOWS\system32\SynTPCo4.dll
2011-07-28 20:14:26 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2011-07-28 20:14:26 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2011-07-28 20:14:26 ----A---- C:\WINDOWS\system32\SynCOM.dll
2011-07-28 20:14:25 ----D---- C:\Program Files\Synaptics
2011-07-28 20:13:47 ----N---- C:\WINDOWS\HPModemVersion.dll
2011-07-28 20:13:38 ----D---- C:\WINDOWS\Options
2011-07-28 20:13:31 ----D---- C:\SWSetup
2011-07-28 20:13:31 ----A---- C:\WINDOWS\agrsmdel.exe
2011-07-28 20:13:03 ----D---- C:\Program Files\Broadcom
2011-07-28 20:11:03 ----D---- C:\Program Files\WIDCOMM
2011-07-28 20:09:57 ----A---- C:\WINDOWS\system32\ksuser.dll
2011-07-28 20:09:52 ----N---- C:\WINDOWS\system32\wdmioctl.dll
2011-07-28 20:09:52 ----N---- C:\WINDOWS\system32\SMMedia.dll
2011-07-28 20:09:52 ----N---- C:\WINDOWS\system32\DSndUp.exe
2011-07-28 20:09:52 ----N---- C:\WINDOWS\system32\CleanUp.exe
2011-07-28 20:09:52 ----D---- C:\Program Files\Analog Devices
2011-07-28 20:09:51 ----HD---- C:\Program Files\InstallShield Installation Information
2011-07-28 20:09:40 ----D---- C:\Program Files\Common Files\InstallShield
2011-07-28 20:07:23 ----D---- C:\WINDOWS\Prefetch
2011-07-28 19:59:27 ----N---- C:\WINDOWS\system32\msxml6r.dll
2011-07-28 19:59:27 ----N---- C:\WINDOWS\system32\msxml6.dll
2011-07-28 19:59:16 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-07-28 19:59:16 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-07-28 19:59:13 ----N---- C:\WINDOWS\system32\azroles.dll
2011-07-28 19:59:13 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\credssp.dll
2011-07-28 19:59:12 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-07-28 19:59:11 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-07-28 19:59:10 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-07-28 19:59:10 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-07-28 19:59:10 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\mssha.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-07-28 19:59:09 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-07-28 19:59:08 ----N---- C:\WINDOWS\system32\napstat.exe
2011-07-28 19:59:08 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-07-28 19:59:08 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\setupn.exe
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\qutil.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\qagent.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2011-07-28 19:59:07 ----N---- C:\WINDOWS\system32\onex.dll
2011-07-28 19:59:05 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-07-28 19:59:05 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-07-28 19:59:05 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-07-28 19:59:05 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-07-28 19:59:05 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-07-28 19:59:04 ----N---- C:\WINDOWS\system32\wmphoto.dll
2011-07-28 19:59:04 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-07-28 19:59:04 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2011-07-28 19:59:04 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2011-07-28 19:59:03 ----A---- C:\WINDOWS\system32\xmllite.dll
2011-07-28 19:59:02 ----D---- C:\WINDOWS\system32\cs-cz
2011-07-28 19:59:01 ----D---- C:\WINDOWS\system32\cs
2011-07-28 19:59:01 ----D---- C:\WINDOWS\system32\bits
2011-07-28 19:59:01 ----D---- C:\WINDOWS\l2schemas
2011-07-28 19:54:16 ----D---- C:\WINDOWS\network diagnostic
2011-07-28 19:52:50 ----A---- C:\WINDOWS\005142_.tmp
2011-07-28 19:43:33 ----D---- C:\WINDOWS\SoftwareDistribution
2011-07-28 19:43:26 ----SD---- C:\WINDOWS\system32\Microsoft
2011-07-28 19:37:58 ----N---- C:\WINDOWS\system32\spiisupd.exe
2011-07-28 19:37:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-07-28 19:37:58 ----N---- C:\WINDOWS\system32\asr_pfu.exe
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\btpanui.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\bthserv.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\bthci.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\blastcln.exe
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\auditusr.exe
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-07-28 19:37:50 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\httpapi.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\fwcfg.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\fsquirt.exe
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\fltmc.exe
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\fltlib.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\extmgr.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\encdec.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\encapi.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\dxdiagn.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\dsprpres.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\d3d9.dll
2011-07-28 19:37:49 ----N---- C:\WINDOWS\system32\cmsetacl.dll
2011-07-28 19:37:49 ----A---- C:\WINDOWS\system32\hccoin.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdno1.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdmlt48.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdmlt47.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdmaori.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdinmal.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdinben.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdinbe1.dll
2011-07-28 19:37:48 ----N---- C:\WINDOWS\system32\kbdfi1.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\mssap.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\mspmsnsv.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\msftedit.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\msdadiag.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\MP4SDMOD.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\MP43DMOD.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\kbdukx.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\kbdsmsno.dll
2011-07-28 19:37:47 ----N---- C:\WINDOWS\system32\kbdsmsfi.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\slgen.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\sdhcinst.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\sbeio.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\sbe.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\powercfg.exe
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\pnrpnsp.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\p2psvc.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\p2pnetsh.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\p2pgraph.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\p2pgasvc.dll
2011-07-28 19:37:46 ----N---- C:\WINDOWS\system32\p2p.dll
2011-07-28 19:37:46 ----A---- C:\WINDOWS\system32\xpob2res.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\xpsp1res.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\wmidx.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\wmerror.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\winshfhc.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\winbrand.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\w3ssl.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\twext.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\strmfilt.dll
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\smbinst.exe
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\slserv.exe
2011-07-28 19:37:45 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-07-28 19:37:45 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2011-07-28 19:37:45 ----A---- C:\WINDOWS\system32\winhttp.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\WMSPDMOE.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\WMSPDMOD.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\wmsdmoe2.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\wmpdxm.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\wmpasf.dll
2011-07-28 19:37:44 ----N---- C:\WINDOWS\system32\wmp.dll
2011-07-28 19:37:43 ----N---- C:\WINDOWS\system32\wuaueng1.dll
2011-07-28 19:37:43 ----N---- C:\WINDOWS\system32\wuauclt1.exe
2011-07-28 19:37:43 ----N---- C:\WINDOWS\system32\wshbth.dll
2011-07-28 19:37:43 ----N---- C:\WINDOWS\system32\wmvdmoe2.dll
2011-07-28 19:37:43 ----A---- C:\WINDOWS\system32\wucltui.dll
2011-07-28 19:37:43 ----A---- C:\WINDOWS\system32\wuaucpl.cpl.wusetup.384703.bak
2011-07-28 19:37:43 ----A---- C:\WINDOWS\system32\wuapi.dll
2011-07-28 19:37:43 ----A---- C:\WINDOWS\system32\wscsvc.dll
2011-07-28 19:37:43 ----A---- C:\WINDOWS\system32\wscntfy.exe
2011-07-28 19:37:42 ----N---- C:\WINDOWS\system32\xmlprovi.dll
2011-07-28 19:37:42 ----N---- C:\WINDOWS\system32\xmlprov.dll
2011-07-28 19:37:42 ----N---- C:\WINDOWS\slrundll.exe
2011-07-28 19:37:42 ----A---- C:\WINDOWS\system32\wuweb.dll
2011-07-28 19:37:42 ----A---- C:\WINDOWS\system32\wups.dll
2011-07-28 19:37:40 ----D---- C:\WINDOWS\peernet
2011-07-28 19:37:39 ----D---- C:\WINDOWS\provisioning
2011-07-28 19:35:44 ----D---- C:\WINDOWS\ServicePackFiles
2011-07-28 19:32:52 ----A---- C:\WINDOWS\002236_.tmp
2011-07-28 19:32:40 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2011-07-28 19:30:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-07-28 19:30:48 ----D---- C:\WINDOWS\EHome
2011-07-28 19:29:54 ----D---- C:\WINDOWS\system32\appmgmt
2011-07-28 19:22:27 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-07-28 19:22:26 ----D---- C:\Program Files\Intel
2011-07-28 19:19:37 ----A---- C:\WINDOWS\system32\PostProc.dll
2011-07-28 19:13:09 ----SHD---- C:\WINDOWS\Installer
2011-07-28 19:13:07 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Identities
2011-07-28 19:13:01 ----HD---- C:\Program Files\Uninstall Information
2011-07-28 19:12:58 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2011-07-28 19:12:58 ----ASH---- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
2011-07-28 19:12:46 ----SHD---- C:\System Volume Information
2011-07-28 19:12:45 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-28 19:09:45 ----D---- C:\WINDOWS\system32\xircom
2011-07-28 19:09:45 ----D---- C:\Program Files\xerox
2011-07-28 19:09:45 ----D---- C:\Program Files\microsoft frontpage
2011-07-28 19:09:28 ----A---- C:\WINDOWS\control.ini
2011-07-28 19:09:28 ----A---- C:\AUTOEXEC.BAT
2011-07-28 19:09:20 ----A---- C:\WINDOWS\OEWABLog.txt
2011-07-28 19:09:17 ----A---- C:\WINDOWS\system32\mapi32.dll
2011-07-28 19:08:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-07-28 19:08:34 ----RD---- C:\WINDOWS\Offline Web Pages
2011-07-28 19:08:34 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-07-28 19:08:29 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-07-28 19:08:12 ----D---- C:\WINDOWS\srchasst
2011-07-28 19:08:02 ----D---- C:\WINDOWS\system32\Macromed
2011-07-28 19:08:02 ----D---- C:\WINDOWS\system32\DirectX
2011-07-28 19:07:47 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2011-07-28 19:07:47 ----A---- C:\WINDOWS\system32\qmgr.dll
2011-07-28 19:07:46 ----D---- C:\Program Files\Movie Maker
2011-07-28 19:07:26 ----A---- C:\WINDOWS\system32\safrslv.dll
2011-07-28 19:07:26 ----A---- C:\WINDOWS\system32\safrdm.dll
2011-07-28 19:07:26 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2011-07-28 19:07:26 ----A---- C:\WINDOWS\system32\racpldlg.dll
2011-07-28 19:07:26 ----A---- C:\WINDOWS\system32\atrace.dll
2011-07-28 19:07:20 ----A---- C:\WINDOWS\system32\desktop.ini
2011-07-28 19:07:20 ----A---- C:\WINDOWS\desktop.ini
2011-07-28 19:07:13 ----D---- C:\WINDOWS\system32\Restore
2011-07-28 19:07:13 ----A---- C:\WINDOWS\system32\srrstr.dll
2011-07-28 19:07:12 ----D---- C:\Program Files\Windows Media Player
2011-07-28 19:07:12 ----A---- C:\WINDOWS\system32\srsvc.dll
2011-07-28 19:07:12 ----A---- C:\WINDOWS\system32\srclient.dll
2011-07-28 19:07:11 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2011-07-28 19:07:11 ----A---- C:\WINDOWS\system32\mnmdd.dll
2011-07-28 19:07:11 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2011-07-28 19:07:11 ----A---- C:\WINDOWS\system32\ils.dll
2011-07-28 19:07:10 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2011-07-28 19:07:10 ----A---- C:\WINDOWS\system32\msconf.dll
2011-07-28 19:07:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2011-07-28 19:07:06 ----D---- C:\WINDOWS\PCHEALTH
2011-07-28 19:07:06 ----D---- C:\Program Files\NetMeeting
2011-07-28 19:07:06 ----A---- C:\WINDOWS\system32\msoert2.dll
2011-07-28 19:07:06 ----A---- C:\WINDOWS\system32\msoeacct.dll
2011-07-28 19:07:06 ----A---- C:\WINDOWS\system32\acctres.dll
2011-07-28 19:07:05 ----D---- C:\Program Files\Common Files\Services
2011-07-28 19:07:04 ----A---- C:\WINDOWS\system32\inetres.dll
2011-07-28 19:07:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2011-07-28 19:06:59 ----D---- C:\Program Files\Outlook Express
2011-07-28 19:06:58 ----SD---- C:\WINDOWS\Tasks
2011-07-28 19:06:58 ----A---- C:\WINDOWS\system32\schedsvc.dll
2011-07-28 19:06:58 ----A---- C:\WINDOWS\system32\mstinit.exe
2011-07-28 19:06:58 ----A---- C:\WINDOWS\system32\mstask.dll
2011-07-28 19:06:58 ----A---- C:\WINDOWS\system32\icwphbk.dll
2011-07-28 19:06:58 ----A---- C:\WINDOWS\system32\icwdial.dll
2011-07-28 19:06:57 ----A---- C:\WINDOWS\system32\isign32.dll
2011-07-28 19:06:57 ----A---- C:\WINDOWS\system32\inetcfg.dll
2011-07-28 19:06:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2011-07-28 19:06:55 ----D---- C:\Program Files\Common Files\MSSoap
2011-07-28 19:06:50 ----D---- C:\Program Files\Common Files\System
2011-07-28 19:06:44 ----D---- C:\Program Files\Internet Explorer
2011-07-28 19:06:15 ----D---- C:\Program Files\ComPlus Applications
2011-07-28 19:06:14 ----A---- C:\WINDOWS\vbaddin.ini
2011-07-28 19:06:14 ----A---- C:\WINDOWS\vb.ini
2011-07-28 19:06:10 ----D---- C:\WINDOWS\Registration
2011-07-28 19:06:03 ----HD---- C:\Program Files\WindowsUpdate
2011-07-28 19:06:03 ----D---- C:\Program Files\Online Services
2011-07-28 19:05:58 ----D---- C:\Program Files\Messenger
2011-07-28 19:05:51 ----D---- C:\Program Files\MSN
2011-07-28 19:05:47 ----D---- C:\Program Files\MSN Gaming Zone
2011-07-28 19:05:47 ----A---- C:\WINDOWS\system32\write.exe
2011-07-28 19:05:36 ----A---- C:\WINDOWS\system32\sndvol32.exe
2011-07-28 19:05:36 ----A---- C:\WINDOWS\system32\accwiz.exe
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\sndrec32.exe
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\mplay32.exe
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\hypertrm.dll
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\hticons.dll
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\avwav.dll
2011-07-28 19:05:35 ----A---- C:\WINDOWS\system32\avmeter.dll
2011-07-28 19:05:34 ----D---- C:\Program Files\Windows NT
2011-07-28 19:05:34 ----A---- C:\WINDOWS\system32\winchat.exe
2011-07-28 19:05:34 ----A---- C:\WINDOWS\system32\avtapi.dll
2011-07-28 19:05:32 ----A---- C:\WINDOWS\system32\mspaint.exe
2011-07-28 19:05:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2011-07-28 19:05:26 ----A---- C:\WINDOWS\system32\charmap.exe
2011-07-28 19:05:26 ----A---- C:\WINDOWS\system32\getuname.dll
2011-07-28 19:05:25 ----A---- C:\WINDOWS\system32\winmine.exe
2011-07-28 19:05:25 ----A---- C:\WINDOWS\system32\spider.exe
2011-07-28 19:05:25 ----A---- C:\WINDOWS\system32\sol.exe
2011-07-28 19:05:25 ----A---- C:\WINDOWS\system32\calc.exe
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\wuauserv.dll
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\wuaueng.dll.wusetup.385140.bak
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\wuaueng.dll
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\wuauclt.exe.wusetup.384562.bak
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\wuauclt.exe
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\mshearts.exe
2011-07-28 19:05:24 ----A---- C:\WINDOWS\system32\freecell.exe
2011-07-28 19:05:23 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2011-07-28 19:05:23 ----A---- C:\WINDOWS\system32\mstscax.dll
2011-07-28 19:05:23 ----A---- C:\WINDOWS\system32\mstsc.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\tslabels.ini
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\tskill.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\sessmgr.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\reset.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\remotepg.dll
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\rdshost.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2011-07-28 19:05:22 ----A---- C:\WINDOWS\system32\rdchost.dll
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\tscon.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\termsrv.dll
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\shadow.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\rwinsta.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\regini.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\rdpclip.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\qwinsta.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\qprocess.exe
2011-07-28 19:05:21 ----A---- C:\WINDOWS\system32\qappsrv.exe
2011-07-28 19:05:20 ----D---- C:\WINDOWS\system32\MsDtc
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\mtxoci.dll
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\msg.exe
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\logoff.exe
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\icaapi.dll
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2011-07-28 19:05:20 ----A---- C:\WINDOWS\system32\cdmodem.dll
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\xolehlp.dll
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\msdtctm.dll
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\msdtclog.dll
2011-07-28 19:05:19 ----A---- C:\WINDOWS\system32\msdtc.exe
2011-07-28 19:05:17 ----D---- C:\WINDOWS\system32\Com
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\mtxex.dll
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\mtxdm.dll
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\comrepl.dll
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\comaddin.dll
2011-07-28 19:05:17 ----A---- C:\WINDOWS\system32\colbact.dll
2011-07-28 19:05:16 ----A---- C:\WINDOWS\system32\stclient.dll
2011-07-28 19:05:16 ----A---- C:\WINDOWS\system32\clbcatex.dll
2011-07-28 19:05:16 ----A---- C:\WINDOWS\system32\catsrvut.dll
2011-07-28 19:05:16 ----A---- C:\WINDOWS\system32\catsrvps.dll
2011-07-28 19:05:16 ----A---- C:\WINDOWS\system32\catsrv.dll
2011-07-28 19:05:15 ----A---- C:\WINDOWS\system32\comuid.dll
2011-07-28 19:05:15 ----A---- C:\WINDOWS\system32\comsvcs.dll
2011-07-28 19:05:15 ----A---- C:\WINDOWS\system32\comsnap.dll
2011-07-28 19:05:15 ----A---- C:\WINDOWS\system32\clbcatq.dll
2011-07-28 19:05:03 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2011-07-28 19:05:03 ----A---- C:\WINDOWS\system32\servdeps.dll
2011-07-28 19:05:02 ----A---- C:\WINDOWS\system32\mmfutil.dll
2011-07-28 19:05:02 ----A---- C:\WINDOWS\system32\licwmi.dll
2011-07-28 19:05:02 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2011-07-28 20:45:16 ----A---- C:\WINDOWS\win.ini
2011-07-28 20:20:42 ----A---- C:\WINDOWS\system.ini
2011-07-28 19:33:41 ----RASH---- C:\NTDETECT.COM

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2011-06-15 60156]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\System32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-10-01 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]
R3 afcdp;afcdp; C:\WINDOWS\system32\DRIVERS\afcdp.sys [2011-07-28 167968]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-08-28 1160320]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 DKRtWrt;DKRtWrt; C:\WINDOWS\system32\DRIVERS\DKRtWrt.sys [2010-09-22 44368]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2008-02-15 5854752]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-10-31 2236544]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2008-01-18 220640]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2011-02-01 804528]
R2 afcdpsrv;Služba Acronis Nonstop Backup; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-28 3246040]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-02-15 258103]
R2 Diskeeper;Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe [2010-12-20 1734480]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2007-11-29 144688]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

-----------------EOF-----------------

Také zdravím!
Stáhněte a spusťte MBR: http://www2.gmer.net/mbr/mbr.exe . Utilita vytvoří krátký log, který sem zkopírujte.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Hitachi_HTS541612J9SA00 rev.SBDOC70P -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

Toto je OK. Ještě poprosím o log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

ComboFix 11-07-28.06 - Administrator 28.07.2011 23:17:55.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.503.115 [GMT 2:00]
Spuštěný z: c:\documents and settings\Administrator\Dokumenty\Stažené soubory\ComboFix.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-28 do 2011-07-28 )))))))))))))))))))))))))))))))
.
.
2011-07-28 20:05 . 2011-07-28 20:05 -------- d-----w- C:\rsit
2011-07-28 19:00 . 2011-07-28 20:29 -------- d-----r- C:\Program Files
2011-07-28 19:00 . 2011-07-28 17:12 -------- d-----w- C:\Documents and Settings
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-08 07:29 . 2011-07-28 20:30 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-20 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-20 137752]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-02-01 5546376]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-01 390720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-10-25 932288]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2010-10-25 36760]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2010-10-25 821144]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-09-16 497648]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Administrator\Nabˇdka Start\Programy\Po spuçtŘnˇ\
_uninst_81574220.lnk - c:\documents and settings\Administrator\Local Settings\temp\_uninst_81574220.bat [N/A]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 06:52 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
R0 81574220;81574220;c:\windows\system32\drivers\81574220.sys [28.7.2011 22:33 133208]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\drivers\tdrpm273.sys [28.7.2011 21:02 752128]
R2 afcdpsrv;Služba Acronis Nonstop Backup;c:\program files\Common Files\Acronis\CDP\afcdpsrv.exe [28.7.2011 21:02 3246040]
R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [28.7.2011 21:03 167968]
R3 DKRtWrt;DKRtWrt;c:\windows\system32\drivers\DKRtWrt.sys [28.7.2011 21:37 44368]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
.
.
------- Doplňkový sken -------
.
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 77.87.239.33 77.87.232.1 8.8.8.8
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\odf2sidw.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-28 23:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1708537768-602609370-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9b,ba,01,44,ab,e6,fc,43,8e,f2,aa,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9b,ba,01,44,ab,e6,fc,43,8e,f2,aa,\
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1180)
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2011-07-28 23:24:22
ComboFix-quarantined-files.txt 2011-07-28 21:24
.
Před spuštěním: Volných bajtů: 110 018 019 328
Po spuštění: Volných bajtů: 110 245 384 192
.
- - End Of File - - 742E11164E23BD1C16BBB7EA0BB38512

Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\documents and settings\Administrator\Local Settings\temp\_uninst_81574220.bat
c:\windows\system32\drivers\81574220.sys

Driver::
81574220

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.