NOD - TrojanDownloader.Small

[xxmejla]

Nod 32 mi vyskakuje jako šílený a hlásí virus :Win32/TrojanDownloader.Small.OUC unknown infection type (Patched)
prosím o radu- zde log.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-17 00:42:17
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 41 GB (80%) free of 51 GB
Total RAM: 511 MB (58% free)


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-02 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2009-06-01 962808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2006-06-23 778240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2004-02-12 49152]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2010-01-02 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2004-11-02 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-04-04 16120832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-17 00:42:17 ----D---- C:\rsit
2010-01-16 23:47:27 ----D---- C:\Program Files\Microsoft Office
2010-01-16 23:30:49 ----D---- C:\WINDOWS\pss
2010-01-16 22:40:12 ----D---- C:\Program Files\CCleaner
2010-01-14 00:27:56 ----D---- C:\WINDOWS\Minidump
2010-01-09 12:46:35 ----D---- C:\Program Files\ICQ6Toolbar
2010-01-09 12:46:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-01-09 12:44:40 ----D---- C:\Program Files\ICQ6.5
2010-01-09 12:40:58 ----D---- C:\Program Files\ICQToolbar
2010-01-09 12:34:42 ----D---- C:\Program Files\ICQ6
2010-01-09 12:34:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2010-01-02 14:19:08 ----D---- C:\Program Files\Free WMA to MP3 Converter
2010-01-02 13:42:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\XnView
2010-01-02 13:42:11 ----D---- C:\Program Files\XnView
2010-01-02 12:32:11 ----D---- C:\WINDOWS\Sun
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\java.exe
2010-01-02 12:29:41 ----D---- C:\Program Files\Java
2010-01-02 10:13:16 ----D---- C:\Program Files\Hewlett-Packard
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4r.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4a.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2010-01-02 10:10:35 ----RSD---- C:\WINDOWS\assembly
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-02 10:02:12 ----D---- C:\Program Files\HP
2010-01-01 21:07:55 ----A---- C:\WINDOWS\IsUn0405.exe
2009-12-29 17:56:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2009-12-29 17:56:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-29 17:56:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-29 17:04:06 ----D---- C:\Program Files\Unlocker
2009-12-29 09:39:22 ----SHD---- C:\RECYCLER
2009-12-29 09:23:31 ----D---- C:\WINDOWS\temp
2009-12-29 08:31:48 ----D---- C:\WINDOWS\ERDNT
2009-12-28 22:52:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-12-28 22:52:17 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-28 22:52:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-12-28 19:50:30 ----HD---- C:\WINDOWS\PIF
2009-12-28 18:53:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-28 13:20:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2009-12-28 13:20:25 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-12-28 13:18:54 ----D---- C:\Program Files\Common Files\ArcSoft
2009-12-28 13:18:53 ----A---- C:\WINDOWS\system32\unicows.dll
2009-12-28 13:18:48 ----A---- C:\WINDOWS\PCDLIB32.DLL
2009-12-28 13:17:31 ----D---- C:\WINDOWS\PixArt
2009-12-28 13:17:31 ----D---- C:\Program Files\PC Camer@
2009-12-28 13:17:31 ----D---- C:\Program Files\Common Files\PCCamera
2009-12-28 13:17:13 ----D---- C:\WINDOWS\Downloaded Installations
2009-12-27 21:30:23 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
2009-12-27 21:28:38 ----D---- C:\Program Files\ArcSoft
2009-12-27 15:24:37 ----D---- C:\Program Files\Common Files\HP
2009-12-27 15:23:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2009-12-27 15:21:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-12-27 15:20:12 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-27 15:20:11 ----D---- C:\WINDOWS\system32\URTTemp
2009-12-27 14:43:14 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\px.dll
2009-12-27 14:42:24 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2009-12-27 13:34:55 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-12-27 13:33:56 ----D---- C:\Program Files\Microsoft Works
2009-12-27 13:33:49 ----D---- C:\Program Files\MSBuild
2009-12-27 13:33:31 ----D---- C:\Program Files\Microsoft Visual Studio
2009-12-27 13:33:30 ----D---- C:\Program Files\Common Files\DESIGNER
2009-12-27 13:30:26 ----D---- C:\WINDOWS\SHELLNEW
2009-12-27 13:29:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-12-27 13:29:16 ----RHD---- C:\MSOCache
2009-12-27 12:56:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2009-12-27 12:55:18 ----A---- C:\WINDOWS\WebIE.dll
2009-12-27 12:54:59 ----A---- C:\WINDOWS\WTRDCTM.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32P.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32.EXE
2009-12-27 12:53:40 ----D---- C:\TRANSLAT
2009-12-27 12:49:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
2009-12-27 12:48:37 ----D---- C:\Program Files\OpenOffice.org 2.1
2009-12-27 12:44:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Vso
2009-12-27 12:44:47 ----A---- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\Pncrt.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv43260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv33260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv23260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\cook3260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\gdiplus.dll
2009-12-27 12:44:37 ----D---- C:\Program Files\VSO
2009-12-27 12:30:49 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2009-12-27 12:29:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2009-12-27 12:27:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Common Files\Skype
2009-12-27 12:26:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-27 12:24:12 ----D---- C:\Program Files\WinRAR
2009-12-27 12:19:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-12-27 12:14:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
2009-12-27 12:10:17 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-27 12:08:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sun
2009-12-27 12:07:47 ----D---- C:\Program Files\DVD Shrink
2009-12-27 12:07:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2009-12-27 12:05:15 ----A---- C:\WINDOWS\iun6002.exe
2009-12-27 12:05:11 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-27 11:49:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
2009-12-27 11:47:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2009-12-27 11:46:25 ----D---- C:\Program Files\CyberLink
2009-12-27 00:29:15 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-12-26 22:22:26 ----A---- C:\WINDOWS\system32\fdco1.dll
2009-12-26 22:22:22 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-12-26 22:22:18 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-12-26 20:06:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2009-12-26 19:52:29 ----D---- C:\WINDOWS\nview
2009-12-26 19:52:28 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-26 19:51:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-12-26 19:51:35 ----D---- C:\NVIDIA
2009-12-26 19:33:10 ----D---- C:\Program Files\NVIDIA Corporation
2009-12-26 19:33:07 ----D---- C:\Config.Msi
2009-12-26 15:30:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2009-12-26 15:07:04 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
2009-12-26 15:06:23 ----D---- C:\Program Files\Common Files\Adobe
2009-12-26 15:06:22 ----D---- C:\Program Files\Adobe
2009-12-26 15:05:36 ----D---- C:\WINDOWS\Cache
2009-12-26 14:30:08 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-26 13:41:09 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ahead
2009-12-26 13:40:08 ----D---- C:\Program Files\Nero
2009-12-26 13:40:08 ----D---- C:\Program Files\Common Files\Ahead
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-26 13:05:51 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-26 13:00:48 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2009-12-26 13:00:47 ----A---- C:\WINDOWS\system32\idecoi.dll
2009-12-26 13:00:42 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-26 12:59:53 ----SHD---- C:\WINDOWS\Installer
2009-12-26 12:59:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-26 12:59:52 ----D---- C:\Program Files\Common Files\ODBC
2009-12-26 12:59:52 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-26 12:59:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-26 12:59:48 ----RD---- C:\Program Files
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-26 12:59:26 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-26 12:59:26 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-26 12:59:25 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-12-26 12:59:24 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-26 12:59:17 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-26 12:57:19 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-26 12:56:58 ----SHD---- C:\System Volume Information
2009-12-26 12:56:58 ----D---- C:\Documents and Settings
2009-12-26 12:56:17 ----RASH---- C:\boot.ini
2009-12-26 12:54:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2009-12-26 12:54:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
2009-12-26 12:50:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-26 12:50:54 ----RSD---- C:\WINDOWS\Fonts
2009-12-26 12:50:54 ----RD---- C:\WINDOWS\Web
2009-12-26 12:50:54 ----HD---- C:\WINDOWS\inf
2009-12-26 12:50:54 ----D---- C:\WINDOWS\WinSxS
2009-12-26 12:50:54 ----D---- C:\WINDOWS\twain_32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wins
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wbem
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\usmt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\spool
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\Setup
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ras
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\oobe
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\npp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\IME
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\icsxml
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ias
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\export
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\drivers
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\dhcp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3076
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\2052
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1054
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1042
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1041
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1037
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1033
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1031
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1029
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1028
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1025
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system
2009-12-26 12:50:54 ----D---- C:\WINDOWS\security
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Resources
2009-12-26 12:50:54 ----D---- C:\WINDOWS\repair
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Provisioning
2009-12-26 12:50:54 ----D---- C:\WINDOWS\pchealth
2009-12-26 12:50:54 ----D---- C:\WINDOWS\PeerNet
2009-12-26 12:50:54 ----D---- C:\WINDOWS\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msapps
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msagent
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Media
2009-12-26 12:50:54 ----D---- C:\WINDOWS\java
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ime
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Help
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ehome
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Driver Cache
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Debug
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Cursors
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Connection Wizard
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\AppPatch
2009-12-26 12:50:54 ----D---- C:\WINDOWS\addins
2009-12-26 12:50:54 ----D---- C:\WINDOWS
2009-12-26 12:50:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2009-12-26 12:49:56 ----D---- C:\Program Files\Mozilla Firefox
2009-12-26 12:36:08 ----D---- C:\Program Files\Kerio
2009-12-26 12:33:52 ----A---- C:\WINDOWS\system32\nms32.dll
2009-12-26 12:33:52 ----A---- C:\WINDOWS\system32\imon.dll
2009-12-26 12:33:26 ----D---- C:\Program Files\ESET
2009-12-26 12:32:54 ----D---- C:\totalcmd
2009-12-26 12:32:54 ----A---- C:\WINDOWS\wincmd.ini
2009-12-26 12:28:56 ----D---- C:\WINDOWS\system32\Lang
2009-12-26 12:27:28 ----R---- C:\WINDOWS\system32\ChCfg.exe
2009-12-26 12:27:05 ----D---- C:\WINDOWS\system32\RTCOM
2009-12-26 12:27:03 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-26 12:26:36 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-26 12:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\RtlUpd.exe
2009-12-26 12:26:29 ----RA---- C:\WINDOWS\RTLCPL.EXE
2009-12-26 12:26:25 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2009-12-26 12:26:24 ----RA---- C:\WINDOWS\MicCal.exe
2009-12-26 12:26:23 ----RA---- C:\WINDOWS\ALCMTR.EXE
2009-12-26 12:26:22 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2009-12-26 12:26:22 ----D---- C:\Program Files\Realtek
2009-12-26 12:26:21 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-26 12:25:56 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l2052.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1046.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1042.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1041.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1040.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1036.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1034.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1031.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1028.dll
2009-12-26 12:24:29 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-12-26 12:24:03 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-26 12:23:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-26 12:16:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Identities
2009-12-26 12:16:20 ----HD---- C:\Program Files\Uninstall Information
2009-12-26 12:16:04 ----ASH---- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
2009-12-26 12:16:03 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2009-12-26 12:15:55 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-26 12:15:54 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-26 12:15:54 ----D---- C:\WINDOWS\Prefetch
2009-12-26 12:15:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-26 12:12:00 ----D---- C:\WINDOWS\system32\xircom
2009-12-26 12:12:00 ----D---- C:\Program Files\xerox
2009-12-26 12:12:00 ----D---- C:\Program Files\microsoft frontpage
2009-12-26 12:11:40 ----A---- C:\WINDOWS\control.ini
2009-12-26 12:11:40 ----A---- C:\AUTOEXEC.BAT
2009-12-26 12:11:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-26 12:10:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-26 12:10:38 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-26 12:10:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-26 12:10:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-26 12:10:28 ----HD---- C:\Program Files\WindowsUpdate
2009-12-26 12:10:26 ----D---- C:\Program Files\Online Services
2009-12-26 12:10:03 ----D---- C:\WINDOWS\system32\DirectX
2009-12-26 12:09:29 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-26 12:09:26 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-26 12:09:26 ----A---- C:\WINDOWS\desktop.ini
2009-12-26 12:09:18 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-26 12:09:17 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-26 12:09:16 ----D---- C:\Program Files\Common Files\Services
2009-12-26 12:09:12 ----SD---- C:\WINDOWS\Tasks
2009-12-26 12:09:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-26 12:09:11 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-26 12:09:06 ----D---- C:\WINDOWS\system32\Macromed
2009-12-26 12:09:06 ----D---- C:\WINDOWS\srchasst
2009-12-26 12:09:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-26 12:09:00 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-26 12:08:59 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-26 12:08:54 ----D---- C:\Program Files\Movie Maker
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-26 12:08:43 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-12-26 12:08:43 ----D---- C:\WINDOWS\system32\Restore
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-26 12:08:38 ----D---- C:\Program Files\NetMeeting
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-26 12:08:37 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-26 12:08:36 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-26 12:08:34 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-12-26 12:08:34 ----D---- C:\Program Files\Outlook Express
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-26 12:08:24 ----D---- C:\Program Files\Common Files\System
2009-12-26 12:08:23 ----D---- C:\Program Files\Internet Explorer
2009-12-26 12:07:57 ----D---- C:\Program Files\ComPlus Applications
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vb.ini
2009-12-26 12:07:52 ----D---- C:\WINDOWS\Registration
2009-12-26 12:07:47 ----D---- C:\Program Files\Windows Media Player
2009-12-26 12:07:42 ----D---- C:\Program Files\Messenger
2009-12-26 12:07:37 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-26 12:07:37 ----A---- C:\WINDOWS\system32\write.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-26 12:07:18 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-26 12:07:08 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-26 12:06:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-26 12:06:51 ----D---- C:\Program Files\Windows NT
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-26 12:06:48 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-26 12:06:47 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-26 12:06:44 ----D---- C:\WINDOWS\system32\Com
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-26 12:06:33 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-01-16 23:48:11 ----A---- C:\WINDOWS\win.ini
2010-01-16 22:36:01 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-06-21 270336]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-05-30 53248]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-06 4258816]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 PAC207;SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-27 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2009-06-01 222968]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-02 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2009-12-26 1630208]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-12-26 331776]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]

-----------------EOF-----------------

[Unlimited_Killer]

No, zkusíme CF.

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.

[xxmejla]

No, zkusíme CF.

~~~

Vložte sem log z ComboFix.

Stáhněte a uložte na Plochu ComboFix, poté ho spusťte s administrátorským oprávněním.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'. Budete také dotázán na instalaci konzole pro zotavení, klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat. Váš PC bude pravděpodobně restartován, tak se toho neděste. Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu na Vás vypadne log, který vkopírujete sem.

Děkuji... Vkládám log z CF

ComboFix 10-01-16.03 - Administrator 17.01.2010 10:27:01.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.166 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
FW: Kerio Personal Firewall *disabled* {A990EAA7-8941-4621-BC27-4F16261D3180}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ICQ6.5\ICQLRun.exe

Nakažená kopie c:\windows\system32\drivers\ntfs.sys byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\ntfs.sys

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-17 do 2010-01-17 )))))))))))))))))))))))))))))))
.

2010-01-17 09:20 . 2010-01-17 09:21 -------- d-----w- C:\32788R22FWJFW
2010-01-16 23:42 . 2010-01-16 23:42 -------- d-----w- C:\rsit
2010-01-16 21:40 . 2010-01-16 21:40 -------- d-----w- c:\program files\CCleaner
2010-01-16 12:05 . 2010-01-16 13:20 304160 ----a-w- C:\StiImg.dat
2010-01-09 11:46 . 2010-01-09 11:46 -------- d-----w- c:\program files\ICQ6Toolbar
2010-01-09 11:44 . 2010-01-17 09:38 -------- d-----w- c:\program files\ICQ6.5
2010-01-09 11:40 . 2010-01-09 11:41 -------- d-----w- c:\program files\ICQToolbar
2010-01-09 11:34 . 2010-01-09 11:45 -------- d-----w- c:\program files\ICQ6
2010-01-02 13:19 . 2010-01-02 13:19 -------- d-----w- c:\program files\Free WMA to MP3 Converter
2010-01-02 12:42 . 2010-01-02 12:42 -------- d-----w- c:\program files\XnView
2010-01-02 11:32 . 2010-01-02 11:32 -------- d-----w- c:\documents and settings\Administrator\kbpki
2010-01-02 11:32 . 2010-01-02 11:32 -------- d-----w- c:\windows\Sun
2010-01-02 11:29 . 2010-01-02 11:29 -------- d-----w- c:\program files\Java
2010-01-02 09:13 . 2010-01-02 09:13 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-02 09:13 . 2004-05-11 09:53 82432 ----a-r- c:\windows\system32\MSXML4r.dll
2010-01-02 09:13 . 2004-05-11 09:53 626960 ----a-r- c:\windows\system32\hpvaut32.dll
2010-01-02 09:13 . 2004-05-11 09:53 487424 ----a-r- c:\windows\system32\hpvcp70.dll
2010-01-02 09:13 . 2004-05-11 09:53 44544 ----a-r- c:\windows\system32\MSXML4a.dll
2010-01-02 09:13 . 2004-05-11 09:53 344064 ----a-r- c:\windows\system32\hpvcr70.dll
2010-01-02 09:13 . 2004-05-11 09:53 1230336 ----a-r- c:\windows\system32\MSXML4.dll
2010-01-02 09:08 . 2004-06-21 13:02 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2010-01-02 09:07 . 2004-06-21 13:02 51088 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2010-01-02 09:06 . 2004-06-21 13:02 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2010-01-02 09:06 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-02 09:06 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-02 09:05 . 2004-06-21 13:02 90112 ----a-r- c:\windows\system32\hpovst08.dll
2010-01-02 09:05 . 2004-06-21 13:02 581632 ----a-r- c:\windows\system32\hpotscl.dll
2010-01-02 09:05 . 2004-06-21 13:02 278528 ----a-r- c:\windows\system32\hpgwiamd.dll
2010-01-02 09:05 . 2004-06-21 13:02 270336 ----a-r- c:\windows\system32\HPZc3212.dll
2010-01-02 09:05 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-01-02 09:05 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-02 09:04 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-01-02 09:04 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-02 09:04 . 2004-03-18 15:56 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2010-01-02 09:04 . 2004-03-18 15:55 65536 ----a-w- c:\windows\system32\HPZipm12.exe
2010-01-02 09:04 . 2004-03-18 15:53 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2010-01-02 09:04 . 2004-03-18 15:39 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2010-01-02 09:04 . 2004-03-18 15:39 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2010-01-02 09:04 . 2004-03-18 15:38 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2010-01-02 09:04 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-01-02 09:02 . 2010-01-02 09:17 -------- d-----w- c:\program files\HP
2010-01-01 20:07 . 2001-11-12 09:07 327168 ----a-w- c:\windows\IsUn0405.exe
2009-12-29 16:56 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-29 16:56 . 2009-12-29 17:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-29 16:56 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-29 16:04 . 2010-01-16 21:30 -------- d-----w- c:\program files\Unlocker
2009-12-28 21:52 . 2010-01-02 11:57 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-28 18:50 . 2009-12-28 18:50 -------- d--h--w- c:\windows\PIF
2009-12-28 17:53 . 2009-12-29 02:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-28 12:20 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2009-12-28 12:20 . 2004-08-17 14:49 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-28 12:20 . 2004-08-17 14:49 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-12-28 12:18 . 2009-12-28 12:18 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-12-28 12:18 . 2005-02-23 13:58 11776 ----a-w- c:\windows\system32\drivers\afc.sys
2009-12-28 12:18 . 2004-12-07 09:11 258352 ----a-w- c:\windows\system32\unicows.dll
2009-12-28 12:18 . 1995-08-01 03:44 212480 ----a-w- c:\windows\PCDLIB32.DLL
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\windows\PixArt
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\program files\PC Camer@
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\program files\Common Files\PCCamera
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\windows\Downloaded Installations
2009-12-28 12:12 . 2009-12-28 12:12 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-27 20:28 . 2009-12-27 20:28 -------- d-----w- c:\program files\ArcSoft
2009-12-27 14:24 . 2009-12-27 14:24 -------- d-----w- c:\program files\Common Files\HP
2009-12-27 14:21 . 2009-12-27 14:21 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-27 14:20 . 2010-01-02 09:11 -------- d-----w- c:\windows\system32\URTTemp
2009-12-27 14:11 . 2010-01-02 09:23 104257 ----a-w- c:\windows\hpoins04.dat
2009-12-27 14:11 . 2004-06-21 13:02 17176 ------w- c:\windows\hpomdl04.dat
2009-12-27 12:34 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-27 12:34 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-27 12:33 . 2009-12-27 12:33 -------- d-----w- c:\program files\Microsoft Works
2009-12-27 12:33 . 2009-12-27 12:33 -------- d-----w- c:\program files\MSBuild
2009-12-27 12:30 . 2010-01-16 22:48 -------- d-----w- c:\windows\SHELLNEW
2009-12-27 12:29 . 2009-12-27 12:29 -------- d-----r- C:\MSOCache
2009-12-27 11:55 . 2009-12-27 11:55 491520 ----a-w- c:\windows\WebIE.dll
2009-12-27 11:54 . 2009-12-27 11:54 516096 ----a-w- c:\windows\UN32.EXE
2009-12-27 11:53 . 2010-01-16 21:23 -------- d-----w- C:\TRANSLAT
2009-12-27 11:48 . 2009-12-27 11:48 -------- d-----w- c:\program files\OpenOffice.org 2.1
2009-12-27 11:44 . 2009-12-27 11:44 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-27 11:44 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-12-27 11:44 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-12-27 11:44 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-12-27 11:44 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-12-27 11:44 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-12-27 11:44 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\gdiplus.dll
2009-12-27 11:44 . 2009-12-27 11:44 -------- d-----w- c:\program files\VSO
2009-12-27 11:27 . 2009-12-27 11:27 -------- d-----w- c:\program files\Skype
2009-12-27 11:27 . 2009-12-27 11:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-27 11:10 . 2010-01-02 11:29 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-27 11:07 . 2009-12-27 11:08 -------- d-----w- c:\program files\DVD Shrink
2009-12-27 11:05 . 2009-12-27 11:04 737280 ----a-w- c:\windows\iun6002.exe
2009-12-27 11:05 . 2009-12-28 18:22 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-27 10:46 . 2009-12-27 10:46 -------- d-----w- c:\program files\CyberLink
2009-12-27 10:41 . 2004-05-02 08:47 23040 ----a-r- c:\windows\system32\drivers\GVCplDrv.sys
2009-12-26 22:44 . 2001-08-18 05:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-12-26 22:44 . 2001-08-18 05:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-12-26 22:44 . 2001-08-18 05:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-12-26 22:44 . 2001-08-18 05:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-12-26 22:44 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-12-26 22:44 . 2001-08-17 21:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-12-26 21:22 . 2006-03-22 06:22 208384 ----a-w- c:\windows\system32\fdco1.dll
2009-12-26 21:22 . 2006-03-22 06:24 52736 ----a-r- c:\windows\system32\drivers\NVENETFD.sys
2009-12-26 21:22 . 2006-03-23 18:51 208896 ----a-w- c:\windows\system32\nvunrm.exe
2009-12-26 21:22 . 2006-03-22 06:23 109568 ----a-r- c:\windows\system32\drivers\nvtcp.sys
2009-12-26 21:22 . 2006-03-22 06:23 261120 ----a-r- c:\windows\system32\drivers\nvsnpu.sys
2009-12-26 21:22 . 2006-03-22 06:21 10240 ----a-r- c:\windows\system32\bdco1.dll
2009-12-26 21:22 . 2006-03-14 13:45 35840 ----a-r- c:\windows\system32\nvconrm.dll
2009-12-26 21:22 . 2006-03-22 06:24 18944 ----a-r- c:\windows\system32\drivers\nvnetbus.sys
2009-12-26 21:22 . 2006-03-22 06:23 1068800 ----a-r- c:\windows\system32\drivers\nvnrm.sys
2009-12-26 21:22 . 2006-03-23 12:51 208896 ----a-r- c:\windows\system32\nvusmb.exe
2009-12-26 18:52 . 2009-12-26 18:52 -------- d-----w- c:\windows\nview
2009-12-26 18:52 . 2007-12-05 00:41 356352 ----a-w- c:\windows\system32\nvudisp.exe
2009-12-26 18:51 . 2010-01-15 20:31 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-12-26 18:51 . 2009-12-26 18:51 -------- d-----w- C:\NVIDIA
2009-12-26 18:33 . 2009-12-26 18:33 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-26 14:06 . 2009-12-26 14:06 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-26 14:05 . 2009-12-26 14:05 -------- d-----w- c:\windows\Cache
2009-12-26 13:38 . 2009-12-26 23:43 8 ----a-w- c:\windows\system32\nvModes.dat
2009-12-26 12:40 . 2009-12-26 12:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-26 12:40 . 2009-12-26 12:40 -------- d-----w- c:\program files\Nero

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 20:21 . 2009-12-26 11:33 -------- d-----w- c:\program files\ESET
2010-01-09 11:41 . 2009-12-26 11:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-03 21:38 . 2001-10-25 12:00 92384 ----a-w- c:\windows\system32\perfc005.dat
2010-01-03 21:38 . 2001-10-25 12:00 556998 ----a-w- c:\windows\system32\perfh005.dat
2009-12-27 10:44 . 2009-12-26 11:24 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-26 18:16 . 2009-12-26 18:16 167 ----a-w- c:\windows\system32\drivers\fwdrv.err
2009-12-26 11:50 . 2009-12-26 11:50 0 ----a-w- c:\windows\nsreg.dat
2009-12-26 11:36 . 2009-12-26 11:36 -------- d-----w- c:\program files\Kerio
2009-12-26 11:33 . 2009-12-26 11:33 298576 ----a-w- c:\windows\system32\drivers\amon.sys
2009-12-26 11:33 . 2009-12-26 11:33 180224 ----a-w- c:\windows\system32\imon.dll
2009-12-26 11:33 . 2009-12-26 11:33 114688 ----a-w- c:\windows\system32\nms32.dll
2009-12-26 11:26 . 2009-12-26 11:26 -------- d-----w- c:\program files\Realtek
2009-12-26 11:21 . 2009-12-26 11:10 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 11:21 . 2009-12-26 11:10 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 11:20 . 2009-12-26 11:11 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-26 11:12 . 2009-12-26 11:12 -------- d-----w- c:\program files\microsoft frontpage
2009-12-26 11:08 . 2009-12-26 11:08 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-06-23 778240]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-01-02 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-03 13:56 352256 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2007-12-05 00:41 1626112 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2004-11-02 19:24 32768 ----a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-04-04 09:44 16120832 ----a-r- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [21.6.2005 10:51 270336]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [30.5.2005 9:32 53248]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4.12.2008 13:50 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4.12.2008 13:50 55024]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [9.1.2010 12:46 222968]
R3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4.12.2008 13:50 7408]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: imon.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\mio91j3v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-GrooveMonitor - c:\program files\Microsoft Office\Office12\GrooveMonitor.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 10:42
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(780)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'lsass.exe'(836)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Kerio\Personal Firewall 4\kpf4ss.exe
c:\program files\Eset\nod32krn.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\PAStiSvc.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
.
**************************************************************************
.
Celkový čas: 2010-01-17 10:48:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-17 09:48

Před spuštěním: Volných bajtů: 42 793 775 104
Po spuštění: Volných bajtů: 42 788 765 696

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 476EACC742AC6B77AD7FBA053C518406

[xxmejla]

[Unlimited_Killer]

Já se omlouvám, víte, jsem jen člověk a taky musím odházet sníh, najíst se atp.

~~~

Otevřete si Poznámkový blok a zkopírujte do něj

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\ICQ6Toolbar
C:\32788R22FWJFW
c:\program files\ICQToolbar

File::
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

Extra::
FireFox::
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\mio91j3v.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=


Driver::
ICQ Service

uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (!musí být na Ploše!) a pusťte.



ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem dejte log, který na Vás po dočistění vybafne.

~~~

Otestujte na VirusTotal soubory:

Kód: Vybrat vše

C:\StiImg.dat

Jednoduše tam vkopírujete cesty, co jsem napsal do code, když Vám to napíše, že soubor byl testován, dejte otestovat znovu. Poté jsem vložíte linky (odkazy) na jednotlivé testy.

[xxmejla]

to je v pořádku..jen jsem vždy nešťastnej,když něco není O.K. Jdu na to co píšete..
Ještě se chci informovat..jestli to CF kontroluje i jiné disky kromě C:/ mám totiž HD rozdělen na DISK C a DICK D,a na tom D-čku mi nod hlásí taktéž tohoto trojana

[Unlimited_Killer]

Ano.

[xxmejla]

ZDE nový log z CF

ComboFix 10-01-16.03 - Administrator 17.01.2010 13:19:28.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.511.227 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Administrator\Plocha\CFScript.txt
FW: Kerio Personal Firewall *disabled* {A990EAA7-8941-4621-BC27-4F16261D3180}

FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\program files\ICQToolbar
c:\program files\ICQToolbar\about.html
c:\program files\ICQToolbar\basis.xml
c:\program files\ICQToolbar\Dlg_Res.xml
c:\program files\ICQToolbar\download.html
c:\program files\ICQToolbar\Games.xml
c:\program files\ICQToolbar\games_button.xml
c:\program files\ICQToolbar\icons.bmp
c:\program files\ICQToolbar\loading.html
c:\program files\ICQToolbar\logo_small.gif
c:\program files\ICQToolbar\tb_buttons.xml
c:\program files\ICQToolbar\tb_games.xml
c:\program files\ICQToolbar\tb_options.xml
c:\program files\ICQToolbar\toolbaru.crc
c:\program files\ICQToolbar\toolbaru.dll
c:\program files\ICQToolbar\version.txt

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Service_ICQ Service


((((((((((((((((((((((((( Soubory vytvořené od 2009-12-17 do 2010-01-17 )))))))))))))))))))))))))))))))
.

2010-01-16 23:42 . 2010-01-16 23:42 -------- d-----w- C:\rsit
2010-01-16 21:40 . 2010-01-16 21:40 -------- d-----w- c:\program files\CCleaner
2010-01-16 12:05 . 2010-01-16 13:20 304160 ----a-w- C:\StiImg.dat
2010-01-09 11:44 . 2010-01-17 09:38 -------- d-----w- c:\program files\ICQ6.5
2010-01-09 11:34 . 2010-01-09 11:45 -------- d-----w- c:\program files\ICQ6
2010-01-02 13:19 . 2010-01-02 13:19 -------- d-----w- c:\program files\Free WMA to MP3 Converter
2010-01-02 12:42 . 2010-01-02 12:42 -------- d-----w- c:\program files\XnView
2010-01-02 11:32 . 2010-01-02 11:32 -------- d-----w- c:\documents and settings\Administrator\kbpki
2010-01-02 11:32 . 2010-01-02 11:32 -------- d-----w- c:\windows\Sun
2010-01-02 11:29 . 2010-01-02 11:29 -------- d-----w- c:\program files\Java
2010-01-02 09:13 . 2010-01-02 09:13 -------- d-----w- c:\program files\Hewlett-Packard
2010-01-02 09:13 . 2004-05-11 09:53 82432 ----a-r- c:\windows\system32\MSXML4r.dll
2010-01-02 09:13 . 2004-05-11 09:53 626960 ----a-r- c:\windows\system32\hpvaut32.dll
2010-01-02 09:13 . 2004-05-11 09:53 487424 ----a-r- c:\windows\system32\hpvcp70.dll
2010-01-02 09:13 . 2004-05-11 09:53 44544 ----a-r- c:\windows\system32\MSXML4a.dll
2010-01-02 09:13 . 2004-05-11 09:53 344064 ----a-r- c:\windows\system32\hpvcr70.dll
2010-01-02 09:13 . 2004-05-11 09:53 1230336 ----a-r- c:\windows\system32\MSXML4.dll
2010-01-02 09:08 . 2004-06-21 13:02 16496 ----a-r- c:\windows\system32\drivers\HPZipr12.sys
2010-01-02 09:07 . 2004-06-21 13:02 51088 ----a-r- c:\windows\system32\drivers\HPZid412.sys
2010-01-02 09:06 . 2004-06-21 13:02 21744 ----a-r- c:\windows\system32\drivers\HPZius12.sys
2010-01-02 09:06 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-02 09:06 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-02 09:05 . 2004-06-21 13:02 90112 ----a-r- c:\windows\system32\hpovst08.dll
2010-01-02 09:05 . 2004-06-21 13:02 581632 ----a-r- c:\windows\system32\hpotscl.dll
2010-01-02 09:05 . 2004-06-21 13:02 278528 ----a-r- c:\windows\system32\hpgwiamd.dll
2010-01-02 09:05 . 2004-06-21 13:02 270336 ----a-r- c:\windows\system32\HPZc3212.dll
2010-01-02 09:05 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-01-02 09:05 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-02 09:04 . 2004-08-03 22:08 31616 -c--a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-01-02 09:04 . 2004-08-03 22:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-02 09:04 . 2004-03-18 15:56 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2010-01-02 09:04 . 2004-03-18 15:55 65536 ----a-w- c:\windows\system32\HPZipm12.exe
2010-01-02 09:04 . 2004-03-18 15:53 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2010-01-02 09:04 . 2004-03-18 15:39 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2010-01-02 09:04 . 2004-03-18 15:39 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2010-01-02 09:04 . 2004-03-18 15:38 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2010-01-02 09:04 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-01-02 09:02 . 2010-01-02 09:17 -------- d-----w- c:\program files\HP
2010-01-01 20:07 . 2001-11-12 09:07 327168 ----a-w- c:\windows\IsUn0405.exe
2009-12-29 16:56 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-29 16:56 . 2009-12-29 17:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-29 16:56 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-29 16:04 . 2010-01-16 21:30 -------- d-----w- c:\program files\Unlocker
2009-12-28 21:52 . 2010-01-17 11:04 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-12-28 18:50 . 2009-12-28 18:50 -------- d--h--w- c:\windows\PIF
2009-12-28 17:53 . 2009-12-29 02:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-28 12:20 . 2005-01-14 08:32 53248 ----a-w- c:\windows\system32\PAStiSvc.exe
2009-12-28 12:20 . 2004-08-17 14:49 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-28 12:20 . 2004-08-17 14:49 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-12-28 12:18 . 2009-12-28 12:18 -------- d-----w- c:\program files\Common Files\ArcSoft
2009-12-28 12:18 . 2005-02-23 13:58 11776 ----a-w- c:\windows\system32\drivers\afc.sys
2009-12-28 12:18 . 2004-12-07 09:11 258352 ----a-w- c:\windows\system32\unicows.dll
2009-12-28 12:18 . 1995-08-01 03:44 212480 ----a-w- c:\windows\PCDLIB32.DLL
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\windows\PixArt
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\program files\PC Camer@
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\program files\Common Files\PCCamera
2009-12-28 12:17 . 2009-12-28 12:17 -------- d-----w- c:\windows\Downloaded Installations
2009-12-28 12:12 . 2009-12-28 12:12 -------- d-----w- c:\windows\system32\wbem\Repository
2009-12-27 20:28 . 2009-12-27 20:28 -------- d-----w- c:\program files\ArcSoft
2009-12-27 14:24 . 2009-12-27 14:24 -------- d-----w- c:\program files\Common Files\HP
2009-12-27 14:21 . 2009-12-27 14:21 -------- d-----w- c:\program files\Common Files\Hewlett-Packard
2009-12-27 14:20 . 2010-01-02 09:11 -------- d-----w- c:\windows\system32\URTTemp
2009-12-27 14:11 . 2010-01-02 09:23 104257 ----a-w- c:\windows\hpoins04.dat
2009-12-27 14:11 . 2004-06-21 13:02 17176 ------w- c:\windows\hpomdl04.dat
2009-12-27 12:34 . 2006-10-26 18:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-27 12:34 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-27 12:33 . 2009-12-27 12:33 -------- d-----w- c:\program files\Microsoft Works
2009-12-27 12:33 . 2009-12-27 12:33 -------- d-----w- c:\program files\MSBuild
2009-12-27 12:30 . 2010-01-16 22:48 -------- d-----w- c:\windows\SHELLNEW
2009-12-27 12:29 . 2009-12-27 12:29 -------- d-----r- C:\MSOCache
2009-12-27 11:55 . 2009-12-27 11:55 491520 ----a-w- c:\windows\WebIE.dll
2009-12-27 11:54 . 2009-12-27 11:54 516096 ----a-w- c:\windows\UN32.EXE
2009-12-27 11:53 . 2010-01-16 21:23 -------- d-----w- C:\TRANSLAT
2009-12-27 11:48 . 2009-12-27 11:48 -------- d-----w- c:\program files\OpenOffice.org 2.1
2009-12-27 11:44 . 2009-12-27 11:44 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2009-12-27 11:44 . 2007-03-18 19:37 65602 ----a-w- c:\windows\system32\cook3260.dll
2009-12-27 11:44 . 2006-09-29 11:26 176165 ----a-w- c:\windows\system32\drv23260.dll
2009-12-27 11:44 . 2006-09-29 11:25 208935 ----a-w- c:\windows\system32\drv33260.dll
2009-12-27 11:44 . 2006-09-29 11:24 217127 ----a-w- c:\windows\system32\drv43260.dll
2009-12-27 11:44 . 2006-05-11 18:21 626688 ----a-w- c:\windows\system32\vp7vfw.dll
2009-12-27 11:44 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\gdiplus.dll
2009-12-27 11:44 . 2009-12-27 11:44 -------- d-----w- c:\program files\VSO
2009-12-27 11:27 . 2009-12-27 11:27 -------- d-----w- c:\program files\Skype
2009-12-27 11:27 . 2009-12-27 11:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-27 11:10 . 2010-01-02 11:29 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-27 11:07 . 2009-12-27 11:08 -------- d-----w- c:\program files\DVD Shrink
2009-12-27 11:05 . 2009-12-27 11:04 737280 ----a-w- c:\windows\iun6002.exe
2009-12-27 11:05 . 2009-12-28 18:22 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-27 10:46 . 2009-12-27 10:46 -------- d-----w- c:\program files\CyberLink
2009-12-27 10:41 . 2004-05-02 08:47 23040 ----a-r- c:\windows\system32\drivers\GVCplDrv.sys
2009-12-26 22:44 . 2001-08-18 05:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-12-26 22:44 . 2001-08-18 05:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-12-26 22:44 . 2001-08-18 05:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-12-26 22:44 . 2001-08-18 05:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-12-26 22:44 . 2001-08-17 21:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-12-26 22:44 . 2001-08-17 21:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-12-26 22:44 . 2001-08-17 21:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-12-26 21:22 . 2006-03-22 06:22 208384 ----a-w- c:\windows\system32\fdco1.dll
2009-12-26 21:22 . 2006-03-22 06:24 52736 ----a-r- c:\windows\system32\drivers\NVENETFD.sys
2009-12-26 21:22 . 2006-03-23 18:51 208896 ----a-w- c:\windows\system32\nvunrm.exe
2009-12-26 21:22 . 2006-03-22 06:23 109568 ----a-r- c:\windows\system32\drivers\nvtcp.sys
2009-12-26 21:22 . 2006-03-22 06:23 261120 ----a-r- c:\windows\system32\drivers\nvsnpu.sys
2009-12-26 21:22 . 2006-03-22 06:21 10240 ----a-r- c:\windows\system32\bdco1.dll
2009-12-26 21:22 . 2006-03-14 13:45 35840 ----a-r- c:\windows\system32\nvconrm.dll
2009-12-26 21:22 . 2006-03-22 06:24 18944 ----a-r- c:\windows\system32\drivers\nvnetbus.sys
2009-12-26 21:22 . 2006-03-22 06:23 1068800 ----a-r- c:\windows\system32\drivers\nvnrm.sys
2009-12-26 21:22 . 2006-03-23 12:51 208896 ----a-r- c:\windows\system32\nvusmb.exe
2009-12-26 18:52 . 2009-12-26 18:52 -------- d-----w- c:\windows\nview
2009-12-26 18:52 . 2007-12-05 00:41 356352 ----a-w- c:\windows\system32\nvudisp.exe
2009-12-26 18:51 . 2010-01-15 20:31 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-12-26 18:51 . 2009-12-26 18:51 -------- d-----w- C:\NVIDIA
2009-12-26 18:33 . 2009-12-26 18:33 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-26 14:06 . 2009-12-26 14:06 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-26 14:05 . 2009-12-26 14:05 -------- d-----w- c:\windows\Cache
2009-12-26 13:38 . 2009-12-26 23:43 8 ----a-w- c:\windows\system32\nvModes.dat
2009-12-26 12:40 . 2009-12-26 12:40 -------- d-----w- c:\program files\Common Files\Ahead
2009-12-26 12:40 . 2009-12-26 12:40 -------- d-----w- c:\program files\Nero
2009-12-26 12:02 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-12-26 12:01 . 2004-08-17 15:43 58240 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-12-26 12:01 . 2004-08-17 15:49 153088 ----a-w- c:\windows\system32\irftp.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-15 20:21 . 2009-12-26 11:33 -------- d-----w- c:\program files\ESET
2010-01-09 11:41 . 2009-12-26 11:26 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-03 21:38 . 2001-10-25 12:00 92384 ----a-w- c:\windows\system32\perfc005.dat
2010-01-03 21:38 . 2001-10-25 12:00 556998 ----a-w- c:\windows\system32\perfh005.dat
2009-12-27 10:44 . 2009-12-26 11:24 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-26 18:16 . 2009-12-26 18:16 167 ----a-w- c:\windows\system32\drivers\fwdrv.err
2009-12-26 11:50 . 2009-12-26 11:50 0 ----a-w- c:\windows\nsreg.dat
2009-12-26 11:36 . 2009-12-26 11:36 -------- d-----w- c:\program files\Kerio
2009-12-26 11:33 . 2009-12-26 11:33 298576 ----a-w- c:\windows\system32\drivers\amon.sys
2009-12-26 11:33 . 2009-12-26 11:33 180224 ----a-w- c:\windows\system32\imon.dll
2009-12-26 11:33 . 2009-12-26 11:33 114688 ----a-w- c:\windows\system32\nms32.dll
2009-12-26 11:26 . 2009-12-26 11:26 -------- d-----w- c:\program files\Realtek
2009-12-26 11:21 . 2009-12-26 11:10 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-26 11:21 . 2009-12-26 11:10 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-26 11:20 . 2009-12-26 11:11 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-26 11:12 . 2009-12-26 11:12 -------- d-----w- c:\program files\microsoft frontpage
2009-12-26 11:08 . 2009-12-26 11:08 21812 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((( SnapShot@2010-01-17_09.42.49 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-17 12:33 . 2010-01-17 12:33 16384 c:\windows\temp\Perflib_Perfdata_748.dat
+ 2010-01-17 12:33 . 2010-01-17 12:33 16384 c:\windows\temp\Perflib_Perfdata_198.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2006-06-23 778240]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Rychl‚ spuçtŘnˇ aplikace HP Image Zone.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-5-28 53248]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-03 13:56 352256 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2007-12-05 00:41 1626112 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-04-04 09:44 16120832 ----a-r- c:\windows\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Kerio\\Personal Firewall 4\\kpf4gui.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 fwdrv;Firewall Driver;c:\windows\system32\drivers\fwdrv.sys [21.6.2005 10:51 270336]
R1 khips;Kerio HIPS Driver;c:\windows\system32\drivers\khips.sys [30.5.2005 9:32 53248]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4.12.2008 13:50 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4.12.2008 13:50 55024]
R3 PAC207;SoC PC-Camer@;c:\windows\system32\drivers\PFC027.sys [24.2.2005 12:29 162176]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4.12.2008 13:50 7408]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: imon.dll
Trusted Zone: mojebanka.cz\*
Trusted Zone: mojebanka.cz\*
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\mio91j3v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-17 13:34
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(772)
c:\program files\SUPERAntiSpyware\SASWINLO.dll

- - - - - - - > 'lsass.exe'(828)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Kerio\Personal Firewall 4\kpf4ss.exe
c:\program files\Eset\nod32krn.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\nvsvc32.exe
c:\windows\System32\PAStiSvc.exe
c:\program files\Kerio\Personal Firewall 4\kpf4gui.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\HP\Digital Imaging\bin\hpqgalry.exe
.
**************************************************************************
.
Celkový čas: 2010-01-17 13:40:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-01-17 12:39
ComboFix2.txt 2010-01-17 11:58
ComboFix3.txt 2010-01-17 09:48

Před spuštěním: Volných bajtů: 42 738 716 672
Po spuštění: Volných bajtů: 42 632 769 536

- - End Of File - - 45087AA8A32403921C85276E34AAC2BC

[xxmejla]

Já se omlouvám, víte, jsem jen člověk a taky musím odházet sníh, najíst se atp.

~~~

Otevřete si Poznámkový blok a zkopírujte do něj

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\ICQ6Toolbar
C:\32788R22FWJFW
c:\program files\ICQToolbar

File::
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{BFC32E1D-EE75-4A48-BC60-104E11EE2431}"=-
"{855F3B16-6D32-4fe6-8A56-BBB695989046}"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"SunJavaUpdateSched"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

Extra::
FireFox::
FF - ProfilePath - c:\documents and settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\mio91j3v.default\
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... id=afex&q=


Driver::
ICQ Service

uložte to na Plochu jako CFScript.txt Pak jej myší přetáhněte nad ComboFix (!musí být na Ploše!) a pusťte.



ComboFix vykoná příkazy ze skriptu, PC může být opět restartován.
Po skončení mi sem dejte log, který na Vás po dočistění vybafne.

~~~

Otestujte na VirusTotal soubory:

Kód: Vybrat vše

C:\StiImg.dat

Jednoduše tam vkopírujete cesty, co jsem napsal do code, když Vám to napíše, že soubor byl testován, dejte otestovat znovu. Poté jsem vložíte linky (odkazy) na jednotlivé testy.

MUSÍM SE PŘIZNAT ŽE TOMU MOC NEROZUMÍM..CO SE PO MĚ ŽÁDÁ??
Otestujte na VirusTotal soubory:
Kód:
C:\StiImg.dat

Jednoduše tam vkopírujete cesty, co jsem napsal do code, když Vám to napíše, že soubor byl testován, dejte otestovat znovu. Poté jsem vložíte linky (odkazy) na jednotlivé testy.

[Unlimited_Killer]

Teď ten VirusTotal a nový RSIT log.

[xxmejla]

Teď ten VirusTotal a nový RSIT log.

TO JE PRÁVĚ TO ČEMU NEROZUMÍM,CO MÁM UDĚLAT??

[Unlimited_Killer]

Otevřete tu stránku (www.virustotal.com)

klikněte na Procházet
a do název souboru napiště:

Kód: Vybrat vše

C:\StiImg.dat

dejte otevřít.

Soubor se otestuje - až dokončí testování, vkopírujte mi sem odkaz z adresního řádku prohlížeče.

[xxmejla]

jestli jsem pochopil dobře..pak je tady ten odkaz:
http://www.virustotal.com/cs/analisis/5 ... 1263733398

[xxmejla]

Tady nový log z RSIT...mám obavu že opravdu nenačítá ten disk D:/ protože clkově má můj HD 120GB

Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-17 14:24:04
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 41 GB (80%) free of 51 GB
Total RAM: 511 MB (39% free)


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2006-06-23 778240]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"HP Component Manager"=C:\Program Files\HP\hpcoretech\hpcmpmgr.exe [2004-05-12 241664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-04-04 16120832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Rychlé spuštění aplikace HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL []
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-17 13:40:11 ----A---- C:\ComboFix.txt
2010-01-17 13:31:49 ----D---- C:\WINDOWS\temp
2010-01-17 10:24:19 ----A---- C:\Boot.bak
2010-01-17 10:24:14 ----RASHD---- C:\cmdcons
2010-01-17 10:22:37 ----A---- C:\WINDOWS\zip.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\SWSC.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\SWREG.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\sed.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\PEV.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\NIRCMD.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\MBR.exe
2010-01-17 10:22:37 ----A---- C:\WINDOWS\grep.exe
2010-01-17 10:20:58 ----D---- C:\Qoobox
2010-01-17 00:42:17 ----D---- C:\rsit
2010-01-16 23:47:27 ----D---- C:\Program Files\Microsoft Office
2010-01-16 23:30:49 ----D---- C:\WINDOWS\pss
2010-01-16 22:40:12 ----D---- C:\Program Files\CCleaner
2010-01-14 00:27:56 ----D---- C:\WINDOWS\Minidump
2010-01-09 12:46:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-01-09 12:44:40 ----D---- C:\Program Files\ICQ6.5
2010-01-09 12:34:42 ----D---- C:\Program Files\ICQ6
2010-01-09 12:34:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2010-01-02 14:19:08 ----D---- C:\Program Files\Free WMA to MP3 Converter
2010-01-02 13:42:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\XnView
2010-01-02 13:42:11 ----D---- C:\Program Files\XnView
2010-01-02 12:32:11 ----D---- C:\WINDOWS\Sun
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\java.exe
2010-01-02 12:29:41 ----D---- C:\Program Files\Java
2010-01-02 10:13:16 ----D---- C:\Program Files\Hewlett-Packard
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4r.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4a.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2010-01-02 10:10:35 ----RSD---- C:\WINDOWS\assembly
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-02 10:02:12 ----D---- C:\Program Files\HP
2010-01-01 21:07:55 ----A---- C:\WINDOWS\IsUn0405.exe
2009-12-29 17:56:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2009-12-29 17:56:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-29 17:56:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-29 17:04:06 ----D---- C:\Program Files\Unlocker
2009-12-29 08:31:48 ----D---- C:\WINDOWS\ERDNT
2009-12-28 22:52:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-12-28 22:52:17 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-28 22:52:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-12-28 19:50:30 ----HD---- C:\WINDOWS\PIF
2009-12-28 18:53:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-28 13:20:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2009-12-28 13:20:25 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-12-28 13:18:54 ----D---- C:\Program Files\Common Files\ArcSoft
2009-12-28 13:18:53 ----A---- C:\WINDOWS\system32\unicows.dll
2009-12-28 13:18:48 ----A---- C:\WINDOWS\PCDLIB32.DLL
2009-12-28 13:17:31 ----D---- C:\WINDOWS\PixArt
2009-12-28 13:17:31 ----D---- C:\Program Files\PC Camer@
2009-12-28 13:17:31 ----D---- C:\Program Files\Common Files\PCCamera
2009-12-28 13:17:13 ----D---- C:\WINDOWS\Downloaded Installations
2009-12-27 21:30:23 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
2009-12-27 21:28:38 ----D---- C:\Program Files\ArcSoft
2009-12-27 15:24:37 ----D---- C:\Program Files\Common Files\HP
2009-12-27 15:23:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2009-12-27 15:21:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-12-27 15:20:12 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-27 15:20:11 ----D---- C:\WINDOWS\system32\URTTemp
2009-12-27 14:43:14 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\px.dll
2009-12-27 14:42:24 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2009-12-27 13:34:55 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-12-27 13:33:56 ----D---- C:\Program Files\Microsoft Works
2009-12-27 13:33:49 ----D---- C:\Program Files\MSBuild
2009-12-27 13:33:31 ----D---- C:\Program Files\Microsoft Visual Studio
2009-12-27 13:33:30 ----D---- C:\Program Files\Common Files\DESIGNER
2009-12-27 13:30:26 ----D---- C:\WINDOWS\SHELLNEW
2009-12-27 13:29:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-12-27 13:29:16 ----RD---- C:\MSOCache
2009-12-27 12:56:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2009-12-27 12:55:18 ----A---- C:\WINDOWS\WebIE.dll
2009-12-27 12:54:59 ----A---- C:\WINDOWS\WTRDCTM.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32P.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32.EXE
2009-12-27 12:53:40 ----D---- C:\TRANSLAT
2009-12-27 12:49:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
2009-12-27 12:48:37 ----D---- C:\Program Files\OpenOffice.org 2.1
2009-12-27 12:44:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Vso
2009-12-27 12:44:47 ----A---- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\Pncrt.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv43260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv33260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv23260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\cook3260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\gdiplus.dll
2009-12-27 12:44:37 ----D---- C:\Program Files\VSO
2009-12-27 12:30:49 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2009-12-27 12:29:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2009-12-27 12:27:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Common Files\Skype
2009-12-27 12:26:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-27 12:24:12 ----D---- C:\Program Files\WinRAR
2009-12-27 12:19:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-12-27 12:14:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
2009-12-27 12:10:17 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-27 12:08:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sun
2009-12-27 12:07:47 ----D---- C:\Program Files\DVD Shrink
2009-12-27 12:07:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2009-12-27 12:05:15 ----A---- C:\WINDOWS\iun6002.exe
2009-12-27 12:05:11 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-27 11:49:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
2009-12-27 11:47:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2009-12-27 11:46:25 ----D---- C:\Program Files\CyberLink
2009-12-27 00:29:15 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-12-26 22:22:26 ----A---- C:\WINDOWS\system32\fdco1.dll
2009-12-26 22:22:22 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-12-26 22:22:18 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-12-26 20:06:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2009-12-26 19:52:29 ----D---- C:\WINDOWS\nview
2009-12-26 19:52:28 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-26 19:51:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-12-26 19:51:35 ----D---- C:\NVIDIA
2009-12-26 19:33:10 ----D---- C:\Program Files\NVIDIA Corporation
2009-12-26 19:33:07 ----D---- C:\Config.Msi
2009-12-26 15:30:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2009-12-26 15:07:04 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
2009-12-26 15:06:23 ----D---- C:\Program Files\Common Files\Adobe
2009-12-26 15:06:22 ----D---- C:\Program Files\Adobe
2009-12-26 15:05:36 ----D---- C:\WINDOWS\Cache
2009-12-26 14:30:08 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-26 13:41:09 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ahead
2009-12-26 13:40:08 ----D---- C:\Program Files\Nero
2009-12-26 13:40:08 ----D---- C:\Program Files\Common Files\Ahead
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-26 13:05:51 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-26 13:00:48 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2009-12-26 13:00:47 ----A---- C:\WINDOWS\system32\idecoi.dll
2009-12-26 13:00:42 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-26 12:59:53 ----SHD---- C:\WINDOWS\Installer
2009-12-26 12:59:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-26 12:59:52 ----D---- C:\Program Files\Common Files\ODBC
2009-12-26 12:59:52 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-26 12:59:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-26 12:59:48 ----RD---- C:\Program Files
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-26 12:59:26 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-26 12:59:26 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-26 12:59:25 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-12-26 12:59:24 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-26 12:59:17 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-26 12:57:19 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-26 12:56:58 ----SHD---- C:\System Volume Information
2009-12-26 12:56:58 ----D---- C:\Documents and Settings
2009-12-26 12:56:17 ----RASH---- C:\boot.ini
2009-12-26 12:54:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2009-12-26 12:54:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
2009-12-26 12:50:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-26 12:50:54 ----RSD---- C:\WINDOWS\Fonts
2009-12-26 12:50:54 ----RD---- C:\WINDOWS\Web
2009-12-26 12:50:54 ----HD---- C:\WINDOWS\inf
2009-12-26 12:50:54 ----D---- C:\WINDOWS\WinSxS
2009-12-26 12:50:54 ----D---- C:\WINDOWS\twain_32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wins
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wbem
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\usmt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\spool
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\Setup
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ras
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\oobe
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\npp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\IME
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\icsxml
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ias
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\export
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\drivers
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\dhcp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3076
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\2052
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1054
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1042
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1041
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1037
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1033
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1031
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1029
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1028
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1025
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system
2009-12-26 12:50:54 ----D---- C:\WINDOWS\security
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Resources
2009-12-26 12:50:54 ----D---- C:\WINDOWS\repair
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Provisioning
2009-12-26 12:50:54 ----D---- C:\WINDOWS\pchealth
2009-12-26 12:50:54 ----D---- C:\WINDOWS\PeerNet
2009-12-26 12:50:54 ----D---- C:\WINDOWS\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msapps
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msagent
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Media
2009-12-26 12:50:54 ----D---- C:\WINDOWS\java
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ime
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Help
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ehome
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Driver Cache
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Debug
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Cursors
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Connection Wizard
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\AppPatch
2009-12-26 12:50:54 ----D---- C:\WINDOWS\addins
2009-12-26 12:50:54 ----D---- C:\WINDOWS
2009-12-26 12:50:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2009-12-26 12:49:56 ----D---- C:\Program Files\Mozilla Firefox
2009-12-26 12:36:08 ----D---- C:\Program Files\Kerio
2009-12-26 12:33:52 ----A---- C:\WINDOWS\system32\nms32.dll
2009-12-26 12:33:52 ----A---- C:\WINDOWS\system32\imon.dll
2009-12-26 12:33:26 ----D---- C:\Program Files\ESET
2009-12-26 12:32:54 ----D---- C:\totalcmd
2009-12-26 12:32:54 ----A---- C:\WINDOWS\wincmd.ini
2009-12-26 12:28:56 ----D---- C:\WINDOWS\system32\Lang
2009-12-26 12:27:28 ----R---- C:\WINDOWS\system32\ChCfg.exe
2009-12-26 12:27:05 ----D---- C:\WINDOWS\system32\RTCOM
2009-12-26 12:27:03 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-26 12:26:36 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-26 12:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\RtlUpd.exe
2009-12-26 12:26:29 ----RA---- C:\WINDOWS\RTLCPL.EXE
2009-12-26 12:26:25 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2009-12-26 12:26:24 ----RA---- C:\WINDOWS\MicCal.exe
2009-12-26 12:26:23 ----RA---- C:\WINDOWS\ALCMTR.EXE
2009-12-26 12:26:22 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2009-12-26 12:26:22 ----D---- C:\Program Files\Realtek
2009-12-26 12:26:21 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-26 12:25:56 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l2052.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1046.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1042.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1041.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1040.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1036.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1034.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1031.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1028.dll
2009-12-26 12:24:29 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-12-26 12:24:03 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-26 12:23:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-26 12:16:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Identities
2009-12-26 12:16:20 ----HD---- C:\Program Files\Uninstall Information
2009-12-26 12:16:04 ----ASH---- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
2009-12-26 12:16:03 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2009-12-26 12:15:55 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-26 12:15:54 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-26 12:15:54 ----D---- C:\WINDOWS\Prefetch
2009-12-26 12:15:54 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-26 12:12:00 ----D---- C:\WINDOWS\system32\xircom
2009-12-26 12:12:00 ----D---- C:\Program Files\xerox
2009-12-26 12:12:00 ----D---- C:\Program Files\microsoft frontpage
2009-12-26 12:11:40 ----A---- C:\WINDOWS\control.ini
2009-12-26 12:11:40 ----A---- C:\AUTOEXEC.BAT
2009-12-26 12:11:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-26 12:10:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-26 12:10:38 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-26 12:10:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-26 12:10:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-26 12:10:28 ----HD---- C:\Program Files\WindowsUpdate
2009-12-26 12:10:26 ----D---- C:\Program Files\Online Services
2009-12-26 12:10:03 ----D---- C:\WINDOWS\system32\DirectX
2009-12-26 12:09:29 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-26 12:09:26 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-26 12:09:26 ----A---- C:\WINDOWS\desktop.ini
2009-12-26 12:09:18 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-26 12:09:17 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-26 12:09:16 ----D---- C:\Program Files\Common Files\Services
2009-12-26 12:09:12 ----SD---- C:\WINDOWS\Tasks
2009-12-26 12:09:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-26 12:09:11 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-26 12:09:06 ----D---- C:\WINDOWS\system32\Macromed
2009-12-26 12:09:06 ----D---- C:\WINDOWS\srchasst
2009-12-26 12:09:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-26 12:09:00 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-26 12:08:59 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-26 12:08:54 ----D---- C:\Program Files\Movie Maker
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-26 12:08:43 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-12-26 12:08:43 ----D---- C:\WINDOWS\system32\Restore
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-26 12:08:38 ----D---- C:\Program Files\NetMeeting
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-26 12:08:37 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-26 12:08:36 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-26 12:08:34 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-12-26 12:08:34 ----D---- C:\Program Files\Outlook Express
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-26 12:08:24 ----D---- C:\Program Files\Common Files\System
2009-12-26 12:08:23 ----D---- C:\Program Files\Internet Explorer
2009-12-26 12:07:57 ----D---- C:\Program Files\ComPlus Applications
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vb.ini
2009-12-26 12:07:52 ----D---- C:\WINDOWS\Registration
2009-12-26 12:07:47 ----D---- C:\Program Files\Windows Media Player
2009-12-26 12:07:42 ----D---- C:\Program Files\Messenger
2009-12-26 12:07:37 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-26 12:07:37 ----A---- C:\WINDOWS\system32\write.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-26 12:07:18 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-26 12:07:08 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-26 12:06:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-26 12:06:51 ----D---- C:\Program Files\Windows NT
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-26 12:06:48 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-26 12:06:47 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-26 12:06:44 ----D---- C:\WINDOWS\system32\Com
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-26 12:06:33 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-01-17 14:03:20 ----A---- C:\WINDOWS\win.ini
2010-01-17 13:35:45 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-06-21 270336]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-05-30 53248]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-06 4258816]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 PAC207;SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-27 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 mbr;mbr; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-02 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2009-12-26 1630208]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2009-12-26 331776]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe []
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]

-----------------EOF-----------------

[Unlimited_Killer]

A kolik Vám zobrazuje Windows?
NOD už nic nehlásí?