prosim o kontrolu
Logfile of random's system information tool 1.09 (written by random/random)
Run by vs at 2013-09-30 09:21:34
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 35 GB (64%) free of 54 GB
Total RAM: 2047 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:22:01, on 30.9.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
C:\Program Files\VIA\RAID\raid_tool.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Samsung\Kies\Kies.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE
C:\Documents and Settings\vs\Plocha\RSIT.exe
C:\Program Files\trend micro\vs.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379803005
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16805
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com/?utm_source=b&utm_m ... 1379803005
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com/?utm_source=b&utm_m ... 1379803005
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qvo6.com/web/?utm_source= ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search.qvo6.com/web/?utm_source= ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"
O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PHL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VIARaidUtl] C:\Program Files\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\WINDOWS\inf\ntvdm.vbe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\vs\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\vs\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Handy Updater] "C:\Program Files\HandyUpdater\HandyUpdater.exe"
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe
--
End of file - 8679 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AmiUpdXp.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\SLOW-PCfighter.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.8.800.168 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default\extensions\
zigboom@ymail.com
{ea614400-e918-4741-9a97-7a972ff7c30b}
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"PivotSoftware"=C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [2009-03-03 694824]
"DT PHL"=C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe [2009-10-08 86016]
"Driver Genius"= []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"VIARaidUtl"=C:\Program Files\VIA\RAID\raid_tool.exe [2010-03-05 2375392]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2013-02-28 5529328]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-06-20 995176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NtVdmSrv"=C:\WINDOWS\inf\ntvdm.vbe [2013-06-20 1219]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2013-09-04 311152]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\vs\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\vs\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]
"Handy Updater"=C:\Program Files\HandyUpdater\HandyUpdater.exe []
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2013-09-04 1564528]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup []
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2013-09-04 844656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-27 159744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"F:\Program Files\Codemasters\GRID\GRID.exe"="F:\Program Files\Codemasters\GRID\GRID.exe:*:Enabled:GRID"
"C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe"="C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe:*:Enabled:DPService"
"C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe"="C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe:*:Enabled:WsysSvc"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"vidc.XVID"=xvidvfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======List of files/folders created in the last 1 month======
2013-09-30 09:21:35 ----D---- C:\Program Files\trend micro
2013-09-30 09:21:34 ----D---- C:\rsit
2013-09-29 20:55:59 ----A---- C:\WINDOWS\system32\RtNicProp32.dll
2013-09-29 20:55:59 ----A---- C:\WINDOWS\system32\drivers\Rtnicxp.sys
2013-09-29 20:55:38 ----D---- C:\Program Files\Realtek AC97
2013-09-26 18:48:21 ----D---- C:\Program Files\PSPad editor
2013-09-26 18:28:48 ----D---- C:\Program Files\Avidemux 2.5
2013-09-26 18:03:30 ----D---- C:\Documents and Settings\vs\Data aplikací\PSpad
2013-09-26 17:47:17 ----D---- C:\Documents and Settings\vs\Data aplikací\avidemux
2013-09-26 16:40:00 ----D---- C:\Program Files\FreeTime
2013-09-25 20:50:43 ----D---- C:\Program Files\Gabest
2013-09-25 20:37:35 ----D---- C:\Program Files\AoA Audio Extractor
2013-09-25 20:21:08 ----D---- C:\Documents and Settings\vs\Data aplikací\Media Player Classic
2013-09-25 20:15:38 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2013-09-25 19:31:41 ----D---- C:\Documents and Settings\vs\Data aplikací\dvdcss
2013-09-25 16:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-09-25 16:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2013-09-25 16:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2013-09-24 18:34:51 ----D---- C:\Documents and Settings\vs\Data aplikací\Samsung
2013-09-24 18:29:58 ----A---- C:\WINDOWS\system32\drivers\ssudmdm.sys
2013-09-24 18:29:57 ----A---- C:\WINDOWS\system32\drivers\ssudbus.sys
2013-09-24 18:29:09 ----D---- C:\Program Files\MyFree Codec
2013-09-24 18:26:04 ----A---- C:\WINDOWS\system32\Redemption.dll
2013-09-24 18:25:47 ----A---- C:\WINDOWS\system32\drivers\dgderdrv.sys
2013-09-24 18:25:47 ----A---- C:\WINDOWS\system32\dgderapi.dll
2013-09-24 18:23:31 ----D---- C:\Program Files\Samsung
2013-09-24 18:23:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Samsung
2013-09-24 18:23:13 ----D---- C:\WINDOWS\system32\LogFiles
2013-09-24 18:23:08 ----N---- C:\WINDOWS\system32\spmsg.dll
2013-09-24 18:23:03 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2013-09-24 18:22:21 ----D---- C:\WINDOWS\system32\drivers\umdf
2013-09-24 18:22:05 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2013-09-24 18:15:56 ----A---- C:\WINDOWS\system32\ptpusd.dll
2013-09-24 18:15:56 ----A---- C:\WINDOWS\system32\ptpusb.dll
2013-09-24 18:15:55 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2013-09-24 18:15:41 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys
2013-09-24 15:43:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\vsosdk
2013-09-24 14:40:42 ----A---- C:\Documents and Settings\vs\Data aplikací\pcouffin.sys
2013-09-24 14:40:42 ----A---- C:\Documents and Settings\vs\Data aplikací\inst.exe
2013-09-24 14:40:41 ----D---- C:\Documents and Settings\vs\Data aplikací\Vso
2013-09-24 14:40:33 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2013-09-24 14:40:17 ----D---- C:\Program Files\VSO
2013-09-24 14:40:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\VSO
2013-09-23 19:23:04 ----D---- C:\WINDOWS\865537E164904193A4B6669C62711852.TMP
2013-09-23 19:22:58 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-09-22 00:37:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\eSafe
2013-09-22 00:36:47 ----D---- C:\User Data
2013-09-22 00:34:45 ----D---- C:\Documents and Settings\vs\Data aplikací\SwvUpdater
2013-09-21 23:43:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Codemasters
2013-09-21 23:40:44 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
2013-09-21 23:37:58 ----RA---- C:\WINDOWS\system32\tmp346.tmp
2013-09-21 23:37:58 ----RA---- C:\WINDOWS\system32\tmp345.tmp
2013-09-21 23:37:58 ----D---- C:\Program Files\OpenAL
2013-09-21 23:37:58 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2013-09-21 23:37:58 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2013-09-21 23:37:56 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-09-21 23:37:55 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-09-21 23:37:55 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-09-21 23:37:54 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-09-21 23:37:54 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-09-21 23:37:53 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2013-09-21 23:37:53 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-09-21 23:37:51 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2013-09-21 23:37:51 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2013-09-21 23:37:51 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2013-09-21 23:37:50 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2013-09-21 23:37:48 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2013-09-21 23:37:48 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2013-09-21 23:37:48 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2013-09-21 23:37:47 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2013-09-21 23:37:47 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2013-09-21 23:37:45 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2013-09-21 23:37:45 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2013-09-21 23:37:44 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2013-09-21 23:37:44 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2013-09-21 23:37:43 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2013-09-21 23:37:41 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2013-09-21 23:37:41 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2013-09-21 23:37:36 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2013-09-21 23:37:35 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2013-09-21 23:37:34 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2013-09-21 23:37:34 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2013-09-21 23:37:33 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2013-09-21 23:37:33 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2013-09-21 23:37:32 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2013-09-21 23:37:31 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2013-09-21 23:37:31 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2013-09-21 23:16:40 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2013-09-21 23:16:26 ----D---- C:\Documents and Settings\vs\Data aplikací\DAEMON Tools Lite
2013-09-21 23:16:19 ----D---- C:\Program Files\DAEMON Tools Lite
2013-09-21 23:15:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2013-09-21 15:03:36 ----A---- C:\WINDOWS\UC.PIF
2013-09-21 15:03:36 ----A---- C:\WINDOWS\RAR.PIF
2013-09-21 15:03:36 ----A---- C:\WINDOWS\PKZIP.PIF
2013-09-21 15:03:36 ----A---- C:\WINDOWS\PKUNZIP.PIF
2013-09-21 15:03:36 ----A---- C:\WINDOWS\LHA.PIF
2013-09-21 15:03:36 ----A---- C:\WINDOWS\ARJ.PIF
2013-09-21 15:03:35 ----D---- C:\totalcmd
2013-09-21 15:03:35 ----D---- C:\Documents and Settings\vs\Data aplikací\GHISLER
2013-09-21 15:02:23 ----D---- C:\Program Files\Total Commander 8.01 Final + Key
2013-09-21 14:32:09 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2013-09-21 14:32:08 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2013-09-21 14:32:07 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2013-09-21 14:31:55 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2013-09-21 14:31:55 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2013-09-21 14:31:55 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2013-09-21 14:31:53 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2013-09-21 14:31:53 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2013-09-21 14:31:52 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2013-09-21 14:31:52 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2013-09-21 14:31:51 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2013-09-18 16:57:58 ----D---- C:\Program Files\Mozilla Firefox
2013-09-16 15:45:43 ----D---- C:\Program Files\Defraggler
2013-09-12 18:23:28 ----D---- C:\WINDOWS\system32\sda
2013-09-12 18:23:16 ----A---- C:\WINDOWS\system32\drivers\RtsUStor.sys
2013-09-12 18:23:15 ----D---- C:\Program Files\Realtek
2013-09-12 18:23:15 ----A---- C:\WINDOWS\system32\RtsUStoricon.dll
2013-09-11 16:09:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$
2013-09-11 16:08:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-09-11 16:08:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-09-11 16:04:34 ----D---- C:\WINDOWS\system32\MRT
2013-09-10 15:16:00 ----A---- C:\WINDOWS\NeroDigital.ini
2013-09-09 19:57:37 ----D---- C:\Documents and Settings\vs\Data aplikací\vlc
2013-09-09 19:54:41 ----D---- C:\Program Files\VideoLAN
2013-09-09 18:05:23 ----D---- C:\WINDOWS\SxsCaPendDel
2013-09-08 15:12:00 ----D---- C:\Program Files\Microsoft Silverlight
2013-09-08 12:00:02 ----D---- C:\Program Files\Nero
2013-09-08 11:46:01 ----D---- C:\Program Files\PowerQuest
2013-09-08 11:12:53 ----D---- C:\WINDOWS\system32\appmgmt
2013-09-08 11:12:45 ----D---- C:\Documents and Settings\vs\Data aplikací\Ahead
2013-09-08 11:06:34 ----D---- C:\Documents and Settings\vs\Data aplikací\Fighters
2013-09-08 11:06:27 ----D---- C:\Program Files\Seznam.cz
2013-09-08 11:05:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Fighters
2013-09-08 11:05:18 ----D---- C:\Documents and Settings\vs\Data aplikací\Seznam.cz
2013-09-08 10:36:55 ----D---- C:\Program Files\Common Files\Ahead
2013-09-08 10:35:55 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2013-09-08 10:35:53 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2013-09-08 10:29:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2013-09-06 09:43:02 ----D---- C:\Program Files\Common Files\Adobe
2013-09-06 09:43:02 ----D---- C:\Program Files\Adobe
2013-09-06 09:38:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-09-03 23:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2013-09-02 23:55:16 ----D---- C:\WINDOWS\system32\XPSViewer
2013-09-02 23:55:02 ----D---- C:\Program Files\MSBuild
2013-09-02 23:54:57 ----D---- C:\WINDOWS\system32\en-US
2013-09-02 23:54:41 ----D---- C:\Program Files\Reference Assemblies
2013-09-02 23:53:48 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-09-02 23:53:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-09-02 23:53:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-09-02 22:30:05 ----A---- C:\WINDOWS\system32\muweb.dll
2013-09-02 22:30:05 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-09-01 18:47:24 ----D---- C:\Documents and Settings\vs\Data aplikací\Skype
2013-09-01 18:47:15 ----D---- C:\Program Files\Common Files\Skype
2013-09-01 18:47:11 ----RD---- C:\Program Files\Skype
2013-09-01 18:47:01 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-09-01 18:43:23 ----D---- C:\Program Files\TeamViewer
2013-09-01 18:17:52 ----D---- C:\Documents and Settings\vs\Data aplikací\SUPERAntiSpyware.com
2013-09-01 18:17:42 ----D---- C:\Program Files\SUPERAntiSpyware
2013-09-01 18:17:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2013-09-01 17:55:53 ----D---- C:\Program Files\CCleaner
2013-09-01 15:47:53 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-09-01 15:45:54 ----D---- C:\Program Files\Microsoft Security Client
2013-09-01 15:45:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-09-01 15:18:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-09-01 15:18:39 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-09-01 15:18:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$
2013-09-01 15:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-09-01 15:18:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2013-09-01 15:18:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2013-09-01 15:17:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$
2013-09-01 15:17:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2013-09-01 15:17:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2013-09-01 15:17:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2850851$
2013-09-01 15:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2013-09-01 15:17:15 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2013-09-01 15:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2013-09-01 15:16:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2013-09-01 15:16:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2013-09-01 15:16:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-09-01 15:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2013-09-01 15:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-09-01 15:15:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2013-09-01 15:15:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2013-09-01 15:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2802968$
2013-09-01 15:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-09-01 15:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2013-09-01 15:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-09-01 15:15:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2013-09-01 15:15:00 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2013-09-01 15:14:56 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-09-01 15:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-09-01 15:14:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2013-09-01 15:14:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2780091$
2013-09-01 15:14:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-09-01 15:14:25 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-09-01 15:14:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2013-09-01 15:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2013-09-01 15:13:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2013-09-01 15:13:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2013-09-01 15:13:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-09-01 15:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2013-09-01 15:13:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-09-01 15:13:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-09-01 15:13:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-09-01 15:12:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-09-01 15:12:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-09-01 15:12:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-09-01 15:12:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2820917$
2013-09-01 15:12:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$
2013-09-01 15:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2013-09-01 15:11:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2013-09-01 15:11:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$
2013-09-01 15:11:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-09-01 15:11:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$
2013-09-01 15:11:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2013-09-01 15:11:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2013-09-01 15:10:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-09-01 15:10:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2013-09-01 15:09:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2849470$
2013-09-01 15:09:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$
2013-09-01 14:51:53 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-09-01 14:50:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2013-09-01 14:50:01 ----D---- C:\WINDOWS\ie8updates
2013-09-01 14:49:45 ----D---- C:\WINDOWS\WBEM
2013-09-01 14:48:45 ----HDC---- C:\WINDOWS\ie8
2013-09-01 14:46:57 ----A---- C:\WINDOWS\system32\MRT.exe
2013-09-01 14:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-09-01 14:45:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2013-09-01 14:45:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$
2013-09-01 14:45:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2013-09-01 14:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-09-01 14:45:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2013-09-01 14:44:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2013-09-01 14:44:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2013-09-01 14:44:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-09-01 14:44:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2013-09-01 14:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-09-01 14:44:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2013-09-01 14:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2013-09-01 14:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$
2013-09-01 14:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-09-01 14:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-09-01 14:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-09-01 14:43:59 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-09-01 14:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-09-01 14:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-09-01 14:43:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2013-09-01 14:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$
2013-09-01 14:43:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$
2013-09-01 14:43:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2013-09-01 14:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-09-01 14:43:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2807986$
2013-09-01 14:43:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2013-09-01 14:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-09-01 14:43:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-09-01 14:43:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2013-09-01 14:42:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-09-01 14:42:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2013-09-01 14:42:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2820197$
2013-09-01 14:42:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-09-01 14:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2803821-v2_WM9$
2013-09-01 14:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2013-09-01 14:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2013-09-01 14:41:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-09-01 14:41:43 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-09-01 14:41:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$
2013-09-01 14:41:26 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-09-01 14:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-09-01 14:41:03 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2013-09-01 14:40:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$
2013-09-01 14:40:41 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2013-09-01 14:40:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-09-01 14:40:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2013-09-01 14:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$
2013-09-01 14:37:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2813345$
2013-09-01 14:34:54 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-09-01 14:31:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2013-09-01 14:26:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$
2013-09-01 14:22:47 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2013-09-01 14:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2013-09-01 14:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2013-09-01 14:17:52 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-09-01 14:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2013-09-01 14:12:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2013-09-01 14:09:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2013-09-01 14:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2013-09-01 14:04:29 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-09-01 14:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-09-01 13:58:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2013-08-31 19:55:18 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-08-31 19:48:42 ----N---- C:\WINDOWS\system32\iacenc.dll
2013-08-31 19:41:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-08-31 19:33:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2013-08-31 18:43:22 ----D---- C:\WINDOWS\system32\PreInstall
2013-08-31 18:43:20 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2013-08-31 18:43:20 ----HD---- C:\WINDOWS\$hf_mig$
2013-08-31 17:53:03 ----D---- C:\Documents and Settings\vs\Data aplikací\Macromedia
2013-08-31 17:53:03 ----D---- C:\Documents and Settings\vs\Data aplikací\Adobe
2013-08-31 17:51:48 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-08-31 17:42:26 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2013-08-31 16:03:52 ----A---- C:\WINDOWS\system32\Remover.ini
2013-08-31 16:03:52 ----A---- C:\WINDOWS\system32\Remove.exe
2013-08-31 16:03:47 ----D---- C:\WINDOWS\PixArt
2013-08-31 16:03:47 ----D---- C:\Program Files\Common Files\iLook 300
2013-08-31 15:57:15 ----D---- C:\WINDOWS\Prefetch
2013-08-31 15:45:19 ----N---- C:\WINDOWS\system32\msxml6r.dll
2013-08-31 15:45:19 ----N---- C:\WINDOWS\system32\msxml6.dll
2013-08-31 15:45:09 ----N---- C:\WINDOWS\system32\smtpapi.dll
2013-08-31 15:45:09 ----N---- C:\WINDOWS\system32\rwnh.dll
2013-08-31 15:45:09 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2013-08-31 15:45:09 ----N---- C:\WINDOWS\system32\comsdupd.exe
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\credssp.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\azroles.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2013-08-31 15:45:07 ----N---- C:\WINDOWS\system32\aaclient.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eapsvc.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eapqec.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eappprxy.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eapphost.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eappcfg.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\eapolqec.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3ui.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3svc.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3msm.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dot3api.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dimsroam.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2013-08-31 15:45:06 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2013-08-31 15:45:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\napstat.exe
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\napmontr.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\napipsec.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\mssha.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\mmcperf.exe
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\mmcex.dll
2013-08-31 15:45:04 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\s3gnb.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\qutil.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\qcliprov.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\qagentrt.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\qagent.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\onex.dll
2013-08-31 15:45:03 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\slserv.exe
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\slrundll.exe
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\slgen.dll
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\slextspk.dll
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\slcoinst.dll
2013-08-31 15:45:02 ----N---- C:\WINDOWS\system32\setupn.exe
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\wmphoto.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\wlanapi.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\tzchange.exe
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\tspkg.dll
2013-08-31 15:45:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2013-08-31 15:45:00 ----A---- C:\WINDOWS\system32\xmllite.dll
2013-08-31 15:44:59 ----N---- C:\WINDOWS\slrundll.exe
2013-08-31 15:44:59 ----D---- C:\WINDOWS\system32\cs-cz
2013-08-31 15:44:59 ----D---- C:\WINDOWS\system32\cs
2013-08-31 15:44:59 ----D---- C:\WINDOWS\system32\bits
2013-08-31 15:44:59 ----D---- C:\WINDOWS\l2schemas
2013-08-31 15:43:08 ----D---- C:\WINDOWS\ServicePackFiles
2013-08-31 15:41:27 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2013-08-31 15:41:27 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2013-08-31 15:41:27 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2013-08-31 15:41:27 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2013-08-31 15:41:27 ----D---- C:\WINDOWS\network diagnostic
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\bthport.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2013-08-31 15:41:26 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\hdaudbus.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2013-08-31 15:41:25 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2013-08-31 15:41:24 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2013-08-31 15:41:23 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2013-08-31 15:40:14 ----A---- C:\WINDOWS\002732_.tmp
2013-08-31 15:38:18 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-08-31 15:24:47 ----D---- C:\Program Files\Zoner
2013-08-31 15:15:40 ----D---- C:\Documents and Settings\vs\Data aplikací\Zoner
2013-08-31 15:05:13 ----A---- C:\WINDOWS\ODBC.INI
2013-08-31 15:05:09 ----A---- C:\WINDOWS\system32\mdimon.dll
2013-08-31 15:04:01 ----D---- C:\Program Files\Common Files\DESIGNER
2013-08-31 15:03:39 ----D---- C:\WINDOWS\SHELLNEW
2013-08-31 15:03:35 ----D---- C:\Program Files\Microsoft.NET
2013-08-31 15:03:35 ----D---- C:\Program Files\Microsoft Office
2013-08-31 15:00:45 ----RHD---- C:\MSOCache
2013-08-31 12:44:05 ----D---- C:\Documents and Settings\All Users\Data aplikací\LogiShrd
2013-08-31 12:41:12 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2013-08-31 12:40:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2013-08-31 12:39:05 ----A---- C:\WINDOWS\system32\h323log.txt
2013-08-31 12:37:25 ----A---- C:\WINDOWS\system32\drivers\audstub.sys
2013-08-31 12:36:54 ----A---- C:\WINDOWS\system32\drivers\redbook.sys
2013-08-31 12:36:31 ----A---- C:\WINDOWS\system32\drivers\gameenum.sys
2013-08-31 12:36:12 ----A---- C:\WINDOWS\system32\drivers\RTL8139.sys
2013-08-31 12:36:03 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys
2013-08-31 12:35:59 ----A---- C:\WINDOWS\system32\usbui.dll
2013-08-31 12:35:55 ----A---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2013-08-31 12:35:51 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2013-08-31 12:35:51 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2013-08-31 12:35:51 ----A---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2013-08-31 12:35:51 ----A---- C:\WINDOWS\system32\drivers\HSFCXTS2.sys
2013-08-31 12:35:51 ----A---- C:\WINDOWS\system32\drivers\HSFBS2S2.sys
2013-08-31 12:35:50 ----A---- C:\WINDOWS\system32\drivers\HSFDPSP2.sys
2013-08-31 12:34:56 ----A---- C:\WINDOWS\imsins.BAK
2013-08-31 12:34:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-08-31 12:34:52 ----SHD---- C:\WINDOWS\Installer
2013-08-31 12:34:52 ----D---- C:\Program Files\Common Files\ODBC
2013-08-31 12:34:52 ----A---- C:\WINDOWS\ODBCINST.INI
2013-08-31 12:34:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2013-08-31 12:34:48 ----RD---- C:\Program Files
2013-08-31 12:34:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-08-31 12:34:48 ----D---- C:\Program Files\Common Files
2013-08-31 12:34:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2013-08-31 12:34:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2013-08-31 12:34:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdur.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdru.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2013-08-31 12:34:44 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2013-08-31 12:34:42 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2013-08-31 12:34:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2013-08-31 12:34:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2013-08-31 12:34:41 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2013-08-31 12:34:41 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2013-08-31 12:34:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2013-08-31 12:34:38 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2013-08-31 12:34:38 ----A---- C:\WINDOWS\system32\kbdsl.dll
2013-08-31 12:34:38 ----A---- C:\WINDOWS\system32\kbdro.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdycl.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdpl.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdhu.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\kbdcr.dll
2013-08-31 12:34:37 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2013-08-31 12:34:36 ----A---- C:\WINDOWS\system32\spxcoins.dll
2013-08-31 12:34:36 ----A---- C:\WINDOWS\system32\irclass.dll
2013-08-31 12:34:36 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2013-08-31 12:34:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2013-08-31 12:34:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2013-08-31 12:34:35 ----A---- C:\WINDOWS\system32\drivers\LGVirHid.sys
2013-08-31 12:34:34 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2013-08-31 12:34:34 ----A---- C:\WINDOWS\TASKMAN.EXE
2013-08-31 12:34:34 ----A---- C:\WINDOWS\system32\drivers\irenum.sys
2013-08-31 12:34:34 ----A---- C:\WINDOWS\system32\batt.dll
2013-08-31 12:34:33 ----A---- C:\WINDOWS\notepad.exe
2013-08-31 12:34:32 ----A---- C:\WINDOWS\system32\storprop.dll
2013-08-31 12:34:31 ----A---- C:\WINDOWS\system32\drivers\LGBusEnum.sys
2013-08-31 12:34:24 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2013-08-31 12:34:21 ----A---- C:\WINDOWS\system32\drivers\LGSUsbFilt.sys
2013-08-31 12:34:20 ----RA---- C:\WINDOWS\SET8.tmp
2013-08-31 12:34:18 ----RA---- C:\WINDOWS\SET4.tmp
2013-08-31 12:34:17 ----RA---- C:\WINDOWS\SET3.tmp
2013-08-31 12:34:12 ----D---- C:\WINDOWS\system32\CatRoot2
2013-08-31 12:34:12 ----D---- C:\WINDOWS\system32\CatRoot
2013-08-31 12:34:10 ----A---- C:\WINDOWS\system32\LkmdfCoInst.dll
2013-08-31 12:34:10 ----A---- C:\WINDOWS\system32\drivers\LGSHidFilt.Sys
2013-08-31 12:34:06 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-08-31 12:33:49 ----D---- C:\Program Files\Logitech Gaming Software
2013-08-31 12:33:47 ----A---- C:\WINDOWS\setuplog.txt
2013-08-31 12:33:43 ----SHD---- C:\System Volume Information
2013-08-31 12:33:43 ----D---- C:\Documents and Settings
2013-08-31 12:33:42 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2013-08-31 12:32:45 ----SH---- C:\boot.ini
2013-08-31 12:30:28 ----D---- C:\Documents and Settings\vs\Data aplikací\Leadertech
2013-08-31 12:30:00 ----A---- C:\WINDOWS\system32\drivers\LNonPnP.sys
2013-08-31 12:29:56 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2013-08-31 12:29:53 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2013-08-31 12:29:52 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2013-08-31 12:28:40 ----D---- C:\Documents and Settings\vs\Data aplikací\Logitech
2013-08-31 12:28:40 ----D---- C:\Documents and Settings\vs\Data aplikací\Logishrd
2013-08-31 12:28:08 ----A---- C:\WINDOWS\system32\DIFxAPI.dll
2013-08-31 12:27:34 ----A---- C:\WINDOWS\system32\ChCfg.exe
2013-08-31 12:27:12 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-08-31 12:27:12 ----RSD---- C:\WINDOWS\Fonts
2013-08-31 12:27:12 ----RD---- C:\WINDOWS\Web
2013-08-31 12:27:12 ----HD---- C:\WINDOWS\inf
2013-08-31 12:27:12 ----D---- C:\WINDOWS\WinSxS
2013-08-31 12:27:12 ----D---- C:\WINDOWS\twain_32
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Temp
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\wins
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\wbem
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\usmt
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\spool
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\ShellExt
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\Setup
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\ras
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\oobe
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\npp
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\mui
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\inetsrv
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\IME
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\icsxml
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\ias
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\export
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\drivers\etc
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\drivers\disdn
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\drivers
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\dhcp
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\config
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\3com_dmi
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\3076
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\2052
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1054
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1042
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1041
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1037
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1033
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1031
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1029
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1028
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32\1025
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system32
2013-08-31 12:27:12 ----D---- C:\WINDOWS\system
2013-08-31 12:27:12 ----D---- C:\WINDOWS\security
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Resources
2013-08-31 12:27:12 ----D---- C:\WINDOWS\repair
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Provisioning
2013-08-31 12:27:12 ----D---- C:\WINDOWS\pchealth
2013-08-31 12:27:12 ----D---- C:\WINDOWS\PeerNet
2013-08-31 12:27:12 ----D---- C:\WINDOWS\mui
2013-08-31 12:27:12 ----D---- C:\WINDOWS\msapps
2013-08-31 12:27:12 ----D---- C:\WINDOWS\msagent
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Media
2013-08-31 12:27:12 ----D---- C:\WINDOWS\java
2013-08-31 12:27:12 ----D---- C:\WINDOWS\ime
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Help
2013-08-31 12:27:12 ----D---- C:\WINDOWS\ehome
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Driver Cache
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Debug
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Cursors
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Connection Wizard
2013-08-31 12:27:12 ----D---- C:\WINDOWS\Config
2013-08-31 12:27:12 ----D---- C:\WINDOWS\AppPatch
2013-08-31 12:27:12 ----D---- C:\WINDOWS\addins
2013-08-31 12:27:12 ----D---- C:\WINDOWS
2013-08-31 12:27:12 ----ASH---- C:\pagefile.sys
2013-08-31 12:22:43 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2013-08-31 12:22:16 ----D---- C:\Program Files\ATI
2013-08-31 12:21:15 ----D---- C:\ATI
2013-08-31 12:20:53 ----DC---- C:\WINDOWS\system32\DRVSTORE
2013-08-31 12:20:53 ----A---- C:\WINDOWS\system32\drivers\AmdK8.sys
2013-08-31 12:20:51 ----D---- C:\Program Files\AMD
2013-08-31 12:20:35 ----D---- C:\Documents and Settings\vs\Data aplikací\InstallShield
2013-08-31 12:18:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\DriverGenius
2013-08-31 12:17:12 ----D---- C:\Program Files\Driver-Soft
2013-08-31 12:15:18 ----D---- C:\Documents and Settings\vs\Data aplikací\WinRAR
2013-08-31 12:14:27 ----D---- C:\Program Files\WinRAR
2013-08-31 12:12:21 ----D---- C:\Documents and Settings\vs\Data aplikací\Mozilla
2013-08-31 12:11:41 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-08-31 12:11:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Mozilla
2013-08-31 11:30:40 ----SHD---- C:\RECYCLER
2013-08-31 11:26:22 ----D---- C:\Documents and Settings\vs\Data aplikací\DisplayTune
2013-08-31 11:23:11 ----D---- C:\Program Files\Portrait Displays
2013-08-31 11:23:11 ----A---- C:\WINDOWS\system32\wpfb_ati2dvag.dll
2013-08-31 11:23:11 ----A---- C:\WINDOWS\system32\WPFB.DLL
2013-08-31 11:23:11 ----A---- C:\WINDOWS\system32\Machnm32.sys
2013-08-31 11:23:11 ----A---- C:\WINDOWS\system32\drivers\pivotmou.sys
2013-08-31 11:23:11 ----A---- C:\WINDOWS\system32\drivers\pivot.sys
2013-08-31 11:22:53 ----A---- C:\WINDOWS\system32\drivers\PdiPorts.sys
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvcr80.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvcr70.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvcp80.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvcp70.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvcm80.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\msvbvm60.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\mfcm80u.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\mfcm80.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\mfc80u.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\mfc80.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\mfc70.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\ijl15.dll
2013-08-31 11:22:44 ----A---- C:\WINDOWS\atl80.dll
2013-08-31 11:22:41 ----D---- C:\Program Files\Philips Display
2013-08-31 11:22:41 ----D---- C:\Program Files\Common Files\Portrait Displays
2013-08-31 11:08:30 ----D---- C:\Documents and Settings\vs\Data aplikací\ATI
2013-08-31 11:03:57 ----D---- C:\Program Files\Common Files\ATI Technologies
2013-08-31 11:02:02 ----RSD---- C:\WINDOWS\assembly
2013-08-31 11:01:44 ----D---- C:\WINDOWS\Microsoft.NET
2013-08-31 11:01:15 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2013-08-31 11:00:49 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2013-08-31 11:00:27 ----D---- C:\Program Files\ATI Technologies
2013-08-31 10:59:38 ----D---- C:\AMD
2013-08-31 10:55:42 ----RA---- C:\WINDOWS\system32\drivers\viasraid.sys
2013-08-31 10:55:38 ----D---- C:\Program Files\VIA
2013-08-31 10:55:26 ----A---- C:\WINDOWS\system32\drivers\splitter.sys
2013-08-31 10:55:25 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys
2013-08-31 10:55:23 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys
2013-08-31 10:55:18 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys
2013-08-31 10:55:16 ----A---- C:\WINDOWS\system32\drivers\aec.sys
2013-08-31 10:55:15 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys
2013-08-31 10:55:14 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2013-08-31 10:55:13 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys
2013-08-31 10:55:11 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2013-08-31 10:55:10 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys
2013-08-31 10:55:08 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys
2013-08-31 10:55:00 ----A---- C:\WINDOWS\system32\ksuser.dll
2013-08-31 10:55:00 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2013-08-31 10:54:59 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2013-08-31 10:54:57 ----D---- C:\Program Files\Realtek Sound Manager
2013-08-31 10:54:55 ----D---- C:\Program Files\AvRack
2013-08-31 10:54:53 ----A---- C:\WINDOWS\system32\RtlCPAPI.dll
2013-08-31 10:54:53 ----A---- C:\WINDOWS\system32\Audio3D.dll
2013-08-31 10:54:53 ----A---- C:\WINDOWS\system32\a3d.dll
2013-08-31 10:54:52 ----RA---- C:\WINDOWS\system32\drivers\alcxwdm.sys
2013-08-31 10:54:52 ----A---- C:\WINDOWS\system32\drivers\ALCXSENS.SYS
2013-08-31 10:54:52 ----A---- C:\WINDOWS\soundman.exe
2013-08-31 10:54:50 ----A---- C:\WINDOWS\system32\RTLCPL.exe
2013-08-31 10:54:43 ----A---- C:\WINDOWS\alcupd.exe
2013-08-31 10:54:42 ----A---- C:\WINDOWS\Alcrmv.exe
2013-08-31 10:54:35 ----D---- C:\WINDOWS\OPTIONS
2013-08-31 10:54:35 ----A---- C:\WINDOWS\system32\drivers\Rtlnic51.sys
2013-08-31 10:54:33 ----HD---- C:\Program Files\InstallShield Installation Information
2013-08-31 10:54:29 ----D---- C:\Program Files\Gigabyte
2013-08-31 10:54:28 ----D---- C:\Program Files\Common Files\InstallShield
2013-08-31 10:52:54 ----RA---- C:\WINDOWS\system32\drivers\VIAAGP1.SYS
2013-08-31 10:52:47 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-08-31 10:52:44 ----A---- C:\WINDOWS\IsUninst.exe
2013-08-31 10:50:42 ----D---- C:\Documents and Settings\vs\Data aplikací\Identities
2013-08-31 10:50:41 ----HD---- C:\Program Files\Uninstall Information
2013-08-31 10:50:36 ----ASH---- C:\Documents and Settings\vs\Data aplikací\desktop.ini
2013-08-31 10:50:35 ----SD---- C:\Documents and Settings\vs\Data aplikací\Microsoft
2013-08-31 10:50:11 ----A---- C:\WINDOWS\system32\wpa.bak
2013-08-31 10:49:18 ----D---- C:\WINDOWS\SoftwareDistribution
2013-08-31 10:49:07 ----SD---- C:\WINDOWS\system32\Microsoft
2013-08-31 10:49:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-08-31 10:47:49 ----AS---- C:\WINDOWS\bootstat.dat
2013-08-31 10:45:49 ----D---- C:\WINDOWS\system32\xircom
2013-08-31 10:45:49 ----D---- C:\Program Files\xerox
2013-08-31 10:45:49 ----D---- C:\Program Files\microsoft frontpage
2013-08-31 10:45:26 ----RASH---- C:\MSDOS.SYS
2013-08-31 10:45:26 ----RASH---- C:\IO.SYS
2013-08-31 10:45:26 ----A---- C:\WINDOWS\control.ini
2013-08-31 10:45:26 ----A---- C:\CONFIG.SYS
2013-08-31 10:45:26 ----A---- C:\AUTOEXEC.BAT
2013-08-31 10:45:10 ----A---- C:\WINDOWS\OEWABLog.txt
2013-08-31 10:45:06 ----A---- C:\WINDOWS\system32\mapi32.dll
2013-08-31 10:44:02 ----SD---- C:\WINDOWS\Downloaded Program Files
2013-08-31 10:44:02 ----RD---- C:\WINDOWS\Offline Web Pages
2013-08-31 10:43:51 ----HD---- C:\Program Files\WindowsUpdate
2013-08-31 10:43:47 ----D---- C:\Program Files\Online Services
2013-08-31 10:43:33 ----D---- C:\WINDOWS\system32\DirectX
2013-08-31 10:43:16 ----A---- C:\WINDOWS\system32\atrace.dll
2013-08-31 10:43:14 ----A---- C:\WINDOWS\system32\desktop.ini
2013-08-31 10:43:14 ----A---- C:\WINDOWS\desktop.ini
2013-08-31 10:43:08 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2013-08-31 10:43:07 ----D---- C:\Program Files\Common Files\Services
2013-08-31 10:43:07 ----A---- C:\WINDOWS\system32\acctres.dll
2013-08-31 10:43:04 ----SD---- C:\WINDOWS\Tasks
2013-08-31 10:43:04 ----D---- C:\Program Files\Common Files\MSSoap
2013-08-31 10:43:04 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2013-08-31 10:43:01 ----D---- C:\WINDOWS\srchasst
2013-08-31 10:43:00 ----D---- C:\WINDOWS\system32\Macromed
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wups.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuaueng.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuauclt.exe
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\wuapi.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2013-08-31 10:42:57 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2013-08-31 10:42:56 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2013-08-31 10:42:56 ----A---- C:\WINDOWS\system32\qmgr.dll
2013-08-31 10:42:53 ----D---- C:\Program Files\Movie Maker
2013-08-31 10:42:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2013-08-31 10:42:50 ----A---- C:\WINDOWS\system32\safrdm.dll
2013-08-31 10:42:50 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2013-08-31 10:42:50 ----A---- C:\WINDOWS\system32\racpldlg.dll
2013-08-31 10:42:47 ----D---- C:\WINDOWS\system32\Restore
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\srsvc.dll
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\srrstr.dll
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\srclient.dll
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\fltmc.exe
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\fltlib.dll
2013-08-31 10:42:47 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\mnmdd.dll
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\ils.dll
2013-08-31 10:42:46 ----A---- C:\WINDOWS\system32\drivers\sr.sys
2013-08-31 10:42:45 ----A---- C:\WINDOWS\system32\msconf.dll
2013-08-31 10:42:43 ----D---- C:\Program Files\NetMeeting
2013-08-31 10:42:43 ----A---- C:\WINDOWS\system32\msoert2.dll
2013-08-31 10:42:43 ----A---- C:\WINDOWS\system32\msoeacct.dll
2013-08-31 10:42:42 ----A---- C:\WINDOWS\system32\inetres.dll
2013-08-31 10:42:42 ----A---- C:\WINDOWS\system32\inetcomm.dll
2013-08-31 10:42:40 ----D---- C:\Program Files\Outlook Express
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\schedsvc.dll
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\mstinit.exe
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\mstask.dll
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\isign32.dll
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\inetcfg.dll
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\icwphbk.dll
2013-08-31 10:42:40 ----A---- C:\WINDOWS\system32\icwdial.dll
2013-08-31 10:42:35 ----D---- C:\Program Files\Common Files\System
2013-08-31 10:42:32 ----D---- C:\Program Files\Internet Explorer
2013-08-31 10:42:07 ----A---- C:\WINDOWS\system32\emptyregdb.dat
2013-08-31 10:41:56 ----A---- C:\WINDOWS\vbaddin.ini
2013-08-31 10:41:56 ----A---- C:\WINDOWS\vb.ini
2013-08-31 10:41:51 ----D---- C:\WINDOWS\Registration
2013-08-31 10:41:43 ----D---- C:\Program Files\Windows Media Player
2013-08-31 10:41:37 ----D---- C:\Program Files\Messenger
2013-08-31 10:41:34 ----D---- C:\Program Files\MSN Gaming Zone
2013-08-31 10:41:34 ----A---- C:\WINDOWS\system32\write.exe
2013-08-31 10:41:26 ----A---- C:\WINDOWS\system32\sndvol32.exe
2013-08-31 10:41:26 ----A---- C:\WINDOWS\system32\hticons.dll
2013-08-31 10:41:26 ----A---- C:\WINDOWS\system32\avwav.dll
2013-08-31 10:41:26 ----A---- C:\WINDOWS\system32\avtapi.dll
2013-08-31 10:41:26 ----A---- C:\WINDOWS\system32\avmeter.dll
2013-08-31 10:41:25 ----A---- C:\WINDOWS\system32\winchat.exe
2013-08-31 10:41:20 ----A---- C:\WINDOWS\system32\getuname.dll
2013-08-31 10:41:19 ----A---- C:\WINDOWS\system32\winmine.exe
2013-08-31 10:41:19 ----A---- C:\WINDOWS\system32\sol.exe
2013-08-31 10:41:19 ----A---- C:\WINDOWS\system32\charmap.exe
2013-08-31 10:41:19 ----A---- C:\WINDOWS\system32\calc.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\tslabels.ini
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\tskill.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\tscon.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\shadow.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\rwinsta.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\reset.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\regini.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\qwinsta.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\mshearts.exe
2013-08-31 10:41:18 ----A---- C:\WINDOWS\system32\freecell.exe
2013-08-31 10:41:17 ----A---- C:\WINDOWS\system32\qappsrv.exe
2013-08-31 10:41:17 ----A---- C:\WINDOWS\system32\msg.exe
2013-08-31 10:41:17 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2013-08-31 10:41:17 ----A---- C:\WINDOWS\system32\logoff.exe
2013-08-31 10:41:17 ----A---- C:\WINDOWS\system32\cdmodem.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\stclient.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\mtxex.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\mtxdm.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\comsnap.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\comrepl.dll
2013-08-31 10:41:16 ----A---- C:\WINDOWS\system32\comaddin.dll
2013-08-31 10:41:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2013-08-31 10:41:10 ----D---- C:\Program Files\Windows NT
2013-08-31 10:41:10 ----A---- C:\WINDOWS\system32\sndrec32.exe
2013-08-31 10:41:10 ----A---- C:\WINDOWS\system32\mspaint.exe
2013-08-31 10:41:10 ----A---- C:\WINDOWS\system32\mplay32.exe
2013-08-31 10:41:10 ----A---- C:\WINDOWS\system32\hypertrm.dll
2013-08-31 10:41:10 ----A---- C:\WINDOWS\system32\accwiz.exe
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\spider.exe
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys
2013-08-31 10:41:09 ----A---- C:\WINDOWS\system32\clipbrd.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\termsrv.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\sessmgr.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdshost.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdpclip.exe
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\rdchost.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2013-08-31 10:41:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2013-08-31 10:41:07 ----D---- C:\WINDOWS\system32\MsDtc
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\qprocess.exe
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\mtxoci.dll
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\msdtctm.dll
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\icaapi.dll
2013-08-31 10:41:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2013-08-31 10:41:06 ----D---- C:\WINDOWS\system32\Com
2013-08-31 10:41:06 ----A---- C:\WINDOWS\system32\xolehlp.dll
2013-08-31 10:41:06 ----A---- C:\WINDOWS\system32\msdtclog.dll
2013-08-31 10:41:06 ----A---- C:\WINDOWS\system32\msdtc.exe
2013-08-31 10:41:06 ----A---- C:\WINDOWS\system32\colbact.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\comuid.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\comsvcs.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\clbcatex.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\catsrvut.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\catsrvps.dll
2013-08-31 10:41:05 ----A---- C:\WINDOWS\system32\catsrv.dll
2013-08-31 10:41:04 ----A---- C:\WINDOWS\system32\clbcatq.dll
2013-08-31 10:41:00 ----A---- C:\WINDOWS\system32\servdeps.dll
2013-08-31 10:40:59 ----A---- C:\WINDOWS\system32\mmfutil.dll
2013-08-31 10:40:59 ----A---- C:\WINDOWS\system32\licwmi.dll
2013-08-31 10:40:59 ----A---- C:\WINDOWS\system32\cmprops.dll
2013-08-31 10:40:57 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys
2013-08-31 10:40:56 ----A---- C:\WINDOWS\system32\drivers\termdd.sys
======List of files/folders modified in the last 1 month======
2013-09-11 16:07:40 ----A---- C:\WINDOWS\win.ini
2013-08-31 12:34:47 ----A---- C:\WINDOWS\system.ini
2013-08-31 10:44:56 ----ASH---- C:\WINDOWS\fonts\desktop.ini
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
trojan
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: trojan
pokracovani :
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2010-02-22 117248]
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-06-12 75904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-09-21 243128]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Pivot;Pivot; C:\WINDOWS\System32\drivers\pivot.sys [2009-03-03 17465]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-27 4830720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 42480]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [2013-01-17 32496]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2009-11-24 14856]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PdiPorts;Portrait Displays low level device driver; C:\WINDOWS\System32\Drivers\PdiPorts.sys [2009-07-15 17136]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]
S3 PciCon;PciCon; \??\D:\PciCon.sys []
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\C:\WINDOWS\system32\drivers\pivotmou.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 208600]
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-08-13 65280]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-27 602112]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2009-10-08 69632]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-07-15 109168]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2008-09-24 52888]
R2 WsysSvc;Wsys Service; C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe [2013-09-22 825920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-05 593920]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-18 118680]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-14 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\system32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2010-02-22 117248]
R0 viasraid;viasraid; C:\WINDOWS\system32\DRIVERS\viasraid.sys [2003-06-12 75904]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2010-02-11 13976]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2013-09-21 243128]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Pivot;Pivot; C:\WINDOWS\System32\drivers\pivot.sys [2009-03-03 17465]
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-27 4830720]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [2013-01-17 42480]
R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver; C:\WINDOWS\system32\DRIVERS\LGSUsbFilt.Sys [2013-01-17 32496]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\WINDOWS\system32\drivers\LGVirHid.sys [2009-11-24 14856]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 PdiPorts;Portrait Displays low level device driver; C:\WINDOWS\System32\Drivers\PdiPorts.sys [2009-07-15 17136]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys []
S3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2013-06-21 84248]
S3 PciCon;PciCon; \??\D:\PciCon.sys []
S3 pivotmou;Pivot Mouse/Pointers Filter Driver; \??\C:\WINDOWS\system32\drivers\pivotmou.sys []
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2013-07-09 208600]
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\system32\DRIVERS\Rtlnic51.sys [2003-08-13 65280]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2013-06-21 181912]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-27 602112]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2009-10-08 69632]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-06-20 22208]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2009-07-15 109168]
R2 TeamViewer8;TeamViewer 8; C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [2013-08-07 4308320]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2008-09-24 52888]
R2 WsysSvc;Wsys Service; C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe [2013-09-22 825920]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-05 593920]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-07-25 162672]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-18 118680]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
Re: trojan
Zdravim 
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Shortcut Cleaner http://www.bleepingcomputer.com/downloa ... t-cleaner/
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Spustte tradicne dvouklikem
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v miste spusteni jako sc-cleaner.txt, ten sem vlozte
Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: trojan
Shortcut Cleaner 1.2.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 09/30/2013 10:03:27 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Documents and Settings\vs\Nabídka Start\
* Shortcut Cleaned: C:\Documents and Settings\vs\Nabídka Start\Programy\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
* Shortcut Cleaned: C:\Documents and Settings\vs\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\All Users\Nabídka Start\
* Shortcut Cleaned: C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
* Shortcut Cleaned: C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\All Users\Plocha\
Searching C:\Documents and Settings\vs\Plocha
5 bad shortcuts found.
Program finished at: 09/30/2013 10:03:53 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
http://www.bleepingcomputer.com/downloa ... t-cleaner/
Windows Version: Microsoft Windows XP Service Pack 3
Program started at: 09/30/2013 10:03:27 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Documents and Settings\vs\Nabídka Start\
* Shortcut Cleaned: C:\Documents and Settings\vs\Nabídka Start\Programy\Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
* Shortcut Cleaned: C:\Documents and Settings\vs\Nabídka Start\Programy\Příslušenství\Systémové nástroje\Internet Explorer (bez doplňků).lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\All Users\Nabídka Start\
* Shortcut Cleaned: C:\Documents and Settings\All Users\Nabídka Start\Programy\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\
* Shortcut Cleaned: C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk => C:\Program Files\Mozilla Firefox\firefox.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
* Shortcut Cleaned: C:\Documents and Settings\vs\Data aplikací\Microsoft\Internet Explorer\Quick Launch\Spustit prohlížeč Internet Explorer.lnk => C:\Program Files\Internet Explorer\iexplore.exe http://www.qvo6.com/?utm_source=b&utm_m ... 1379954228
Searching C:\Documents and Settings\All Users\Plocha\
Searching C:\Documents and Settings\vs\Plocha
5 bad shortcuts found.
Program finished at: 09/30/2013 10:03:53 AM
Execution time: 0 hours(s), 0 minute(s), and 26 seconds(s)
Re: trojan
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Microsoft Windows XP x86
Ran by vs on po 30.09.2013 at 10:06:19,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] wsyssvc
Successfully deleted: [Service] wsyssvc
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speed analysis 2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{858C5CCC-2276-4A89-9264-53D600D83FBE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
~~~ Files
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\fighters"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\file scout"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\performersoft"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\swvupdater"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\zulagames"
Successfully deleted: [Folder] "C:\Program Files\driver-soft"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\zula games"
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\user.js
Successfully deleted: [Folder] C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\extensions\zulagames@zulagames.com
Successfully deleted the following from C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\prefs.js
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.search.selectedEngine", "qvo6");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.09.2013 at 10:18:50,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Microsoft Windows XP x86
Ran by vs on po 30.09.2013 at 10:06:19,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully stopped: [Service] wsyssvc
Successfully deleted: [Service] wsyssvc
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\addonsframework.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\buttonsite.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthost.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{886634B3-7045-443A-A52B-E83AD1A90391}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D2C54F93-A898-437F-AE89-7BDD918954A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F816170D-C994-4B74-B9A4-234C3838C9EB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{045F91B3-695F-423A-98C7-8DE3C47AA020}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1348BD1B-C32A-41A7-9BD4-5377AA1AB925}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{395AFE6E-8308-48DB-89BE-ED5F4AA3D3EC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43B390F0-6BA2-45CA-ABF2-5DB0CEE9B49D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{94CADA2E-1D3F-419F-8A3D-06C58EDF53C8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E52EB8B-8DD9-4605-AD36-D352BCD482F2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A1440EC3-F0FA-407A-B811-DE6668C06D29}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{B9A84AD0-5777-46FD-8B8F-1EBD06750FBC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C1995F88-1C7F-40D7-B0FA-6F107F6308B8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\esafeseccontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\qvo6software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\updater.amiupd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\speed analysis 2
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\wsyscontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{858C5CCC-2276-4A89-9264-53D600D83FBE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{18DBB6CE-3148-4FEC-B481-103CB3290427}
~~~ Files
Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\fighters"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\file scout"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\performersoft"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\swvupdater"
Successfully deleted: [Folder] "C:\Documents and Settings\vs\Data aplikacˇ\zulagames"
Successfully deleted: [Folder] "C:\Program Files\driver-soft"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"
Successfully deleted: [Folder] "C:\Program Files\zula games"
~~~ FireFox
Successfully deleted: [File] C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\user.js
Successfully deleted: [Folder] C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\extensions\zulagames@zulagames.com
Successfully deleted the following from C:\Documents and Settings\vs\Data aplikacˇ\mozilla\firefox\profiles\2vfp2tjv.default\prefs.js
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.search.selectedEngine", "qvo6");
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 30.09.2013 at 10:18:50,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: trojan
# AdwCleaner v3.005 - Report created 30/09/2013 at 10:20:01
# Updated 22/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : vs - LOVEHATE-97F10F
# Running from : C:\Documents and Settings\vs\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
Folder Deleted : C:\Program Files\Speed Analysis 2
Folder Deleted : C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\DProtect
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\eIntaller
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\OCS
Folder Deleted : C:\Documents and Settings\vs\Data aplikací\SpeedAnalysis2
Folder Deleted : C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default\Extensions\speedanalysis02@SpeedAnalysis.com
File Deleted : C:\Documents and Settings\vs\Data aplikací\speedanalysis.ico
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Handy Updater]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Speed Analysis 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [4239 octets] - [30/09/2013 10:19:32]
AdwCleaner[S0].txt - [3531 octets] - [30/09/2013 10:20:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3591 octets] ##########
# Updated 22/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : vs - LOVEHATE-97F10F
# Running from : C:\Documents and Settings\vs\Plocha\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\eSafe
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\IBUpdaterService
Folder Deleted : C:\Program Files\Speed Analysis 2
Folder Deleted : C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\DProtect
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\eIntaller
Folder Deleted : C:\DOCUME~1\vs\LOCALS~1\Temp\OCS
Folder Deleted : C:\Documents and Settings\vs\Data aplikací\SpeedAnalysis2
Folder Deleted : C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default\Extensions\speedanalysis02@SpeedAnalysis.com
File Deleted : C:\Documents and Settings\vs\Data aplikací\speedanalysis.ico
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Handy Updater]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DBB6CE-3148-4FEC-B481-103CB3290427}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKCU\Software\Speed Analysis 2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WSysControl
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
-\\ Mozilla Firefox v24.0 (cs)
[ File : C:\Documents and Settings\vs\Data aplikací\Mozilla\Firefox\Profiles\2vfp2tjv.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [4239 octets] - [30/09/2013 10:19:32]
AdwCleaner[S0].txt - [3531 octets] - [30/09/2013 10:20:01]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3591 octets] ##########
Re: trojan
Poprosim o spusteni a test teto aplikace (FRSTLauncher)
Postup získání logu z FRST za využití FRSTLauncheru
Zjistíme verzi operačního systému
Stažení Farbar Recovery Scan Tool
Stažení FRSTLauncheru
Po spuštění FRSTLauncheru dojde ke kontrole verze FRST a jeho umístění na Ploše
Postup získání logu z FRST za využití FRSTLauncheru
Zjistíme verzi operačního systému
- Potřebujeme zjistit, jestli máme nainstalován 32-bitový nebo 64-bitový operační systém.
- Podívám se, jestli máme složku Program Files (x86), standardně je umístěna C:\Program Files (x86). Pokud je tato složka vytvořená, máme 64-bitový operační systém.
- Případně můžete využít tuto malou utilitku VerzeOS.
- A nebo se podívat přímo na stránky Microsoftu
Stažení Farbar Recovery Scan Tool
- Odkaz ke stažení: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/
- Na stránce vybereme dle verze svého systému verzi FRST (32bit nebo 64bit), tu si stáhneme.
- FRST.exe či FRST64.exe uložíme na Plochu.
Stažení FRSTLauncheru
- Odkaz ke stažení: http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe
- FRSTLauncher opět uložíme na Plochu
- Pokud dostáváme od antiviru hlášení, že se jedná o neznámou\škodlivou aplikaci, tak hlášku ignorujeme. Případně na chvíli deaktivujeme rezidentní štít antiviru. Jedná se o falešný poplach a detekci.
Po spuštění FRSTLauncheru dojde ke kontrole verze FRST a jeho umístění na Ploše
- Po spuštění FRST odsouhlasíme licenční podmínky kliknutím na [Ano].
- Dooznačíme položku Addition.txt - viz obrázek.
- Klikneme na tlačítko [Scan], čímž spustíme skenování.
- Počkáme na dokončení skenování FRST a vytvoření doplňkových informací naší nástavbou.
- Otevře se nám textový soubor FRST.txt, což je požadovaný log a jehož obsah vložíme do svého tématu na fóru.
- Po uzavření logu se FRSTLauncher ukončí a na Ploše nám zbyde utilita FRST a dva logy - FRST.txt a Addition.txt - nic z toho zatím nemažeme!
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: trojan
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start HKLM\...\Run: [PivotSoftware] - C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] () HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG) HKLM\...\Run: [NtVdmSrv] - C:\WINDOWS\inf\ntvdm.vbe [1219 2013-06-20] () HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.) HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] () HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-11-16] (Nero AG) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd) HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung) HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung) MountPoints2: {46adecdc-22a4-11e3-9470-000fea86a206} - H:\autorun.exe HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-11-16] (Nero AG) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss&mntrId=E4A4000FEA86A206&affID=119943&tsp=5021 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM - DefaultScope value is missing. FF NewTab: hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId=E4A4000FEA86A206&affID=119943&tsp=5021 FF Homepage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=E4A4000FEA86A206&affID=119943&tsp=5021 Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: C:\WINDOWS\Tasks\SLOW-PCfighter.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE 2013-09-30 10:42 - 2013-09-30 10:42 - 00112107 _____ (forum.viry.cz) C:\Documents and Settings\vs\Plocha\VerzeOS.exe 2013-09-30 09:59 - 2013-09-30 09:59 - 00406144 _____ (Bleeping Computer, LLC) C:\Documents and Settings\vs\Plocha\sc-cleaner.exe C:\Program Files\Fighters C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe C:\Documents and Settings\vs\Local Settings\Temp\AskPIP_FF_.exe C:\Documents and Settings\vs\Local Settings\Temp\AutoRun.exe C:\Documents and Settings\vs\Local Settings\Temp\AutoRunGUI.dll C:\Documents and Settings\vs\Local Settings\Temp\bitool.dll C:\Documents and Settings\vs\Local Settings\Temp\drm_dialogs.dll C:\Documents and Settings\vs\Local Settings\Temp\drm_dyndata_7370007.dll C:\Documents and Settings\vs\Local Settings\Temp\EAInstall.dll C:\Documents and Settings\vs\Local Settings\Temp\eauninstall.exe C:\Documents and Settings\vs\Local Settings\Temp\EReg2HWDetect.dll C:\Documents and Settings\vs\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe C:\Documents and Settings\vs\Local Settings\Temp\Need for Speed Carbon_uninst.exe C:\Documents and Settings\vs\Local Settings\Temp\Quarantine.exe C:\Documents and Settings\vs\Local Settings\Temp\SHSetup.exe C:\Documents and Settings\vs\Local Settings\Temp\WdfCoInstaller01009.dll C:\Documents and Settings\vs\Local Settings\Temp\Xvid-1.3.2-20110601.exe C:\WINDOWS\inf\ntvdm.vbe REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe" /f REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" /f Hosts: CMD: shutdown /r /f /t 2 End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: trojan
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 27-09-2013 01
Ran by vs at 2013-09-30 11:13:15 Run:1
Running from C:\Documents and Settings\vs\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [PivotSoftware] - C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NtVdmSrv] - C:\WINDOWS\inf\ntvdm.vbe [1219 2013-06-20] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-11-16] (Nero AG)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
MountPoints2: {46adecdc-22a4-11e3-9470-000fea86a206} - H:\autorun.exe
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-11-16] (Nero AG)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss& ... 3&tsp=5021
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
FF NewTab: hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId= ... 3&tsp=5021
FF Homepage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId= ... 3&tsp=5021
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\SLOW-PCfighter.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
2013-09-30 10:42 - 2013-09-30 10:42 - 00112107 _____ (forum.viry.cz) C:\Documents and Settings\vs\Plocha\VerzeOS.exe
2013-09-30 09:59 - 2013-09-30 09:59 - 00406144 _____ (Bleeping Computer, LLC) C:\Documents and Settings\vs\Plocha\sc-cleaner.exe
C:\Program Files\Fighters
C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe
C:\Documents and Settings\vs\Local Settings\Temp\AskPIP_FF_.exe
C:\Documents and Settings\vs\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\vs\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\vs\Local Settings\Temp\bitool.dll
C:\Documents and Settings\vs\Local Settings\Temp\drm_dialogs.dll
C:\Documents and Settings\vs\Local Settings\Temp\drm_dyndata_7370007.dll
C:\Documents and Settings\vs\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\vs\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\vs\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\vs\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Documents and Settings\vs\Local Settings\Temp\Need for Speed Carbon_uninst.exe
C:\Documents and Settings\vs\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\vs\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\vs\Local Settings\Temp\WdfCoInstaller01009.dll
C:\Documents and Settings\vs\Local Settings\Temp\Xvid-1.3.2-20110601.exe
C:\WINDOWS\inf\ntvdm.vbe
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PivotSoftware => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46adecdc-22a4-11e3-9470-000fea86a206} => Key deleted successfully.
HKCR\CLSID\{46adecdc-22a4-11e3-9470-000fea86a206} => Key not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Firefox newtab deleted successfully.
Firefox homepage deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => Moved successfully.
C:\WINDOWS\Tasks\SLOW-PCfighter.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":8CE646EE" ADS removed successfully.
C:\Documents and Settings\vs\Plocha\VerzeOS.exe => Moved successfully.
C:\Documents and Settings\vs\Plocha\sc-cleaner.exe => Moved successfully.
"C:\Program Files\Fighters" => File/Directory not found.
"C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect" => File/Directory not found.
"C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" => File/Directory not found.
C:\Documents and Settings\vs\Local Settings\Temp\AskPIP_FF_.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\AutoRun.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\AutoRunGUI.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\bitool.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\drm_dialogs.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\drm_dyndata_7370007.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\EAInstall.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\eauninstall.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\EReg2HWDetect.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Need for Speed Carbon_uninst.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\SHSetup.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\WdfCoInstaller01009.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Xvid-1.3.2-20110601.exe => Moved successfully.
C:\WINDOWS\inf\ntvdm.vbe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe" /f =========
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" /f =========
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Ran by vs at 2013-09-30 11:13:15 Run:1
Running from C:\Documents and Settings\vs\Plocha
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [PivotSoftware] - C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [seznam-listicka-distribuce] - C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [NtVdmSrv] - C:\WINDOWS\inf\ntvdm.vbe [1219 2013-06-20] ()
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-09-04] (Samsung Electronics Co., Ltd.)
HKCU\...\Run: [cz.seznam.software.autoupdate] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKCU\...\Run: [cz.seznam.software.szndesktop] - C:\Documents and Settings\vs\Data aplikací\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKCU\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [139264 2006-11-16] (Nero AG)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\Run: [KiesPreload] - C:\Program Files\Samsung\Kies\Kies.exe [1564528 2013-09-04] (Samsung)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKCU\...\Run: [] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-09-04] (Samsung)
MountPoints2: {46adecdc-22a4-11e3-9470-000fea86a206} - H:\autorun.exe
HKU\Default User\...\RunOnce: [NeroHomeFirstStart] - C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [ 2006-11-16] (Nero AG)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchgol.com/?babsrc=HP_ss& ... 3&tsp=5021
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
FF NewTab: hxxp://www.searchgol.com/?babsrc=NT_ss&mntrId= ... 3&tsp=5021
FF Homepage: hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId= ... 3&tsp=5021
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\SLOW-PCfighter.job => C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe
AlternateDataStreams: C:\Documents and Settings\All Users\Data aplikací\TEMP:8CE646EE
2013-09-30 10:42 - 2013-09-30 10:42 - 00112107 _____ (forum.viry.cz) C:\Documents and Settings\vs\Plocha\VerzeOS.exe
2013-09-30 09:59 - 2013-09-30 09:59 - 00406144 _____ (Bleeping Computer, LLC) C:\Documents and Settings\vs\Plocha\sc-cleaner.exe
C:\Program Files\Fighters
C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect
C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe
C:\Documents and Settings\vs\Local Settings\Temp\AskPIP_FF_.exe
C:\Documents and Settings\vs\Local Settings\Temp\AutoRun.exe
C:\Documents and Settings\vs\Local Settings\Temp\AutoRunGUI.dll
C:\Documents and Settings\vs\Local Settings\Temp\bitool.dll
C:\Documents and Settings\vs\Local Settings\Temp\drm_dialogs.dll
C:\Documents and Settings\vs\Local Settings\Temp\drm_dyndata_7370007.dll
C:\Documents and Settings\vs\Local Settings\Temp\EAInstall.dll
C:\Documents and Settings\vs\Local Settings\Temp\eauninstall.exe
C:\Documents and Settings\vs\Local Settings\Temp\EReg2HWDetect.dll
C:\Documents and Settings\vs\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Documents and Settings\vs\Local Settings\Temp\Need for Speed Carbon_uninst.exe
C:\Documents and Settings\vs\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\vs\Local Settings\Temp\SHSetup.exe
C:\Documents and Settings\vs\Local Settings\Temp\WdfCoInstaller01009.dll
C:\Documents and Settings\vs\Local Settings\Temp\Xvid-1.3.2-20110601.exe
C:\WINDOWS\inf\ntvdm.vbe
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe" /f
REG: reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" /f
Hosts:
CMD: shutdown /r /f /t 2
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\PivotSoftware => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NeroFilterCheck => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NtVdmSrv => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesPreload => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\KiesAirMessage => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{46adecdc-22a4-11e3-9470-000fea86a206} => Key deleted successfully.
HKCR\CLSID\{46adecdc-22a4-11e3-9470-000fea86a206} => Key not found.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\RunOnce\\NeroHomeFirstStart => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
Firefox newtab deleted successfully.
Firefox homepage deleted successfully.
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job => Moved successfully.
C:\WINDOWS\Tasks\SLOW-PCfighter.job => Moved successfully.
C:\Documents and Settings\All Users\Data aplikací\TEMP => ":8CE646EE" ADS removed successfully.
C:\Documents and Settings\vs\Plocha\VerzeOS.exe => Moved successfully.
C:\Documents and Settings\vs\Plocha\sc-cleaner.exe => Moved successfully.
"C:\Program Files\Fighters" => File/Directory not found.
"C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect" => File/Directory not found.
"C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" => File/Directory not found.
C:\Documents and Settings\vs\Local Settings\Temp\AskPIP_FF_.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\AutoRun.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\AutoRunGUI.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\bitool.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\drm_dialogs.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\drm_dyndata_7370007.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\EAInstall.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\eauninstall.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\EReg2HWDetect.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\listicka-partner-13415-1.1.2-offline.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Need for Speed Carbon_uninst.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Quarantine.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\SHSetup.exe => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\WdfCoInstaller01009.dll => Moved successfully.
C:\Documents and Settings\vs\Local Settings\Temp\Xvid-1.3.2-20110601.exe => Moved successfully.
C:\WINDOWS\inf\ntvdm.vbe => Moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\vs\Local Settings\Data aplikací\DProtect\DProtectSvc.exe" /f =========
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
========= End of Reg: =========
========= reg delete "HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list" /v "C:\Documents and Settings\All Users\Data aplikací\eSafe\eGdpSvc.exe" /f =========
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
========= shutdown /r /f /t 2 =========
========= End of CMD: =========
==== End of Fixlog ====
Re: trojan
Jak se chova PC 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: trojan
Vubec? Predpokladam ze zvukove zarizeni a hlasitost jsou v poradku...Zkuste pripadne preinstlovat ovladac ke zvukove karte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: trojan
kdyz ovladac nainstaluju je to ok, ale po restartu nebo novem zapnuti pc zvuk zase nejde, musim pokazde nainstalovat ovladac
Re: trojan
Zkusime to procistit 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
Jinak v tomto moc netusim kde by mohl byt problem 
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Jinak v tomto moc netusim kde by mohl byt problem "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?