VIRY.CZ

Dobry podvecer!
Obracim se na vas s prosbou o radu jak vylecit otcuv PC. Dle navodu jsem pouzil MWA (vcetne smazani offline files browseru a javy a vypnuti obnoveni systemu) a zasilam vysledny log. Urcite bych mel take napsat, ze jsem (pred uzitim mwavu) pouzil (aktualizovany) ESET a kdyz nic nenasel a problemy (nefcni ikony na plose, nemoznost spustit napr IE, problemy s pripojenim apod.) pokracovaly, preinstaloval jsem WXPHomeSP2 (plus vsechny aktualizace via WinUpdate). Nezabralo, tedy jsem sahl po mwavu.
Snad jsem tim nic nepokazil a pouzil jsem jej spravne a snad vam ten log umozni mi pomoci... Predem dekuji!

Tady je ten log (vyjma radku informujicich o tom, ze "zaznam... odkazuje na neplatny objekt...):

Invalid Entry DllName = appmgmts.dll (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\GPExtensions\{c6dc5466-785a-11d2-84d0-00c04fb169f7}). Action Taken: Deleting Registry Key {c6dc5466-785a-11d2-84d0-00c04fb169f7}.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "ezula Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "ezula Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "SmitFraud Browser Hijacker" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.

Na takove te finalni obrazovce mi to spocetlo, ze "kritickych objektu" bylo nalezeno 18ks.
Snad jsem tedy uvedl vse potrebne a ted bych chtel poprosit o radu co s tim mam, proboha, delat?

Mockrat diky.
JejaKop

PS: zapomel-li jsem na neco podstatneho, omluvte me a upozornete me, pls.

Jeste prikladam log z RSITu:

Logfile of random's system information tool 1.06 (written by random/random)
Run by Jan Kopecký at 2010-04-06 20:19:04
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 15 GB (58%) free of 25 GB
Total RAM: 1023 MB (66% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-06 20:19:05 ----D---- C:\Program Files\trend micro
2010-04-06 20:19:04 ----D---- C:\rsit
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\VDLL.DLL
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\rundll16.exe
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\logo1_.exe
2010-04-06 18:02:45 ----AD---- C:\WINDOWS\logo_1.exe
2010-04-06 17:51:17 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-04-06 17:51:16 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-04-06 17:51:15 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-04-06 17:51:12 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-04-06 17:51:12 ----A---- C:\WINDOWS\system32\T.COM
2010-04-06 17:51:12 ----A---- C:\WINDOWS\R.COM
2010-04-06 17:51:11 ----A---- C:\WINDOWS\REGEDIT.COM
2010-04-06 17:51:07 ----D---- C:\Program Files\Common Files\MicroWorld
2010-04-06 17:50:53 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MicroWorld
2010-04-06 17:50:09 ----D---- C:\for me
2010-04-05 15:38:50 ----D---- C:\Program Files\totalcmd
2010-04-05 14:17:52 ----A---- C:\WINDOWS\ODBC.INI
2010-04-05 14:17:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-04-05 14:17:11 ----D---- C:\Program Files\Common Files\DESIGNER
2010-04-05 14:16:52 ----D---- C:\Program Files\Microsoft Office
2010-04-05 14:16:52 ----D---- C:\Program Files\Common Files\ODBC
2010-04-05 08:53:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-04-05 08:51:07 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-05 08:44:41 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-05 00:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$
2010-04-05 00:22:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$
2010-04-04 23:58:48 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-04-04 23:52:56 ----A---- C:\WINDOWS\wincmd.ini
2010-04-04 23:50:06 ----A---- C:\WINDOWS\system32\h323log.txt
2010-04-04 23:50:01 ----D---- C:\WINDOWS\Prefetch
2010-04-04 23:48:07 ----A---- C:\WINDOWS\system32\hidserv.dll
2010-04-04 23:47:48 ----A---- C:\WINDOWS\system32\wshirda.dll
2010-04-04 23:47:48 ----A---- C:\WINDOWS\system32\irmon.dll
2010-04-04 23:47:48 ----A---- C:\WINDOWS\system32\irftp.exe
2010-04-04 23:47:01 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-04-04 23:46:32 ----A---- C:\WINDOWS\system32\usbui.dll
2010-04-04 23:45:18 ----A---- C:\WINDOWS\imsins.BAK
2010-04-04 23:45:15 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-04 23:45:14 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-04 23:45:09 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-04-04 23:45:08 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-04-04 23:45:08 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-04-04 23:45:07 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-04-04 23:45:07 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-04-04 23:45:07 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-04-04 23:45:07 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-04-04 23:45:06 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-04-04 23:45:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-04-04 23:45:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-04-04 23:45:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-04-04 23:45:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-04-04 23:45:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-04-04 23:45:03 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdycl.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdsl.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdro.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdpl.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdhu.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\kbdcr.dll
2010-04-04 23:44:59 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2010-04-04 23:44:58 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-04 23:44:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-04 23:44:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-04-04 23:44:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-04-04 23:44:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-04-04 23:44:55 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-04-04 23:44:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-04-04 23:44:54 ----A---- C:\WINDOWS\system32\batt.dll
2010-04-04 23:44:54 ----A---- C:\WINDOWS\notepad.exe
2010-04-04 23:44:53 ----A---- C:\WINDOWS\system32\storprop.dll
2010-04-04 23:44:44 ----RA---- C:\WINDOWS\SET21.tmp
2010-04-04 23:44:44 ----ASH---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\desktop.ini
2010-04-04 23:44:41 ----RA---- C:\WINDOWS\SET8.tmp
2010-04-04 23:44:38 ----RA---- C:\WINDOWS\SET4.tmp
2010-04-04 23:44:37 ----RA---- C:\WINDOWS\SET3.tmp
2010-04-04 23:44:25 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Microsoft
2010-04-04 23:44:04 ----A---- C:\WINDOWS\setuplog.txt
2010-04-04 23:23:18 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Windows Genuine Advantage
2010-04-04 22:23:13 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-04-04 22:17:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\ESET
2010-04-04 22:13:18 ----D---- C:\Documents and Settings\Jan Kopecký\Data aplikací\Macromedia
2010-04-04 22:13:17 ----D---- C:\Documents and Settings\Jan Kopecký\Data aplikací\Adobe
2010-04-04 22:12:53 ----D---- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Adobe
2010-04-04 22:04:53 ----D---- C:\Documents and Settings\Jan Kopecký\Data aplikací\Identities
2010-04-04 22:04:45 ----ASH---- C:\Documents and Settings\Jan Kopecký\Data aplikací\desktop.ini
2010-04-04 22:04:44 ----SD---- C:\Documents and Settings\Jan Kopecký\Data aplikací\Microsoft
2010-04-04 22:03:58 ----A---- C:\WINDOWS\system32\wpa.bak
2010-04-04 22:01:30 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-04 21:58:09 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-04-04 21:57:54 ----A---- C:\WINDOWS\control.ini
2010-04-04 21:57:42 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-04 21:57:37 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-04-04 21:56:29 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-04 21:56:21 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-04 21:55:42 ----A---- C:\WINDOWS\system32\atrace.dll
2010-04-04 21:55:40 ----A---- C:\WINDOWS\system32\desktop.ini
2010-04-04 21:55:40 ----A---- C:\WINDOWS\desktop.ini
2010-04-04 21:55:35 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-04-04 21:55:34 ----A---- C:\WINDOWS\system32\acctres.dll
2010-04-04 21:55:32 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wups.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-04-04 21:55:25 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-04-04 21:55:24 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-04-04 21:55:24 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-04-04 21:55:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-04-04 21:55:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-04-04 21:55:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-04-04 21:55:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-04-04 21:55:16 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-04-04 21:55:16 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-04-04 21:55:16 ----A---- C:\WINDOWS\system32\srclient.dll
2010-04-04 21:55:16 ----A---- C:\WINDOWS\system32\fltmc.exe
2010-04-04 21:55:16 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\msconf.dll
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-04-04 21:55:15 ----A---- C:\WINDOWS\system32\ils.dll
2010-04-04 21:55:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-04-04 21:55:12 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-04-04 21:55:11 ----A---- C:\WINDOWS\system32\inetres.dll
2010-04-04 21:55:11 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\mstask.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\isign32.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-04-04 21:55:09 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-04-04 21:54:46 ----A---- C:\WINDOWS\vbaddin.ini
2010-04-04 21:54:46 ----A---- C:\WINDOWS\vb.ini
2010-04-04 21:54:05 ----A---- C:\WINDOWS\system32\write.exe
2010-04-04 21:53:58 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-04-04 21:53:58 ----A---- C:\WINDOWS\system32\hticons.dll
2010-04-04 21:53:58 ----A---- C:\WINDOWS\system32\avwav.dll
2010-04-04 21:53:58 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-04-04 21:53:58 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-04-04 21:53:57 ----A---- C:\WINDOWS\system32\winchat.exe
2010-04-04 21:53:53 ----A---- C:\WINDOWS\system32\charmap.exe
2010-04-04 21:53:53 ----A---- C:\WINDOWS\system32\getuname.dll
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\winmine.exe
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\sol.exe
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\reset.exe
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\freecell.exe
2010-04-04 21:53:52 ----A---- C:\WINDOWS\system32\calc.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\tskill.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\tscon.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\shadow.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\regini.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\msg.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\logoff.exe
2010-04-04 21:53:51 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\stclient.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-04-04 21:53:50 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-04-04 21:53:49 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-04-04 21:53:46 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-04-04 21:53:45 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-04-04 21:53:45 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-04-04 21:53:45 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-04-04 21:53:45 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-04-04 21:53:44 ----A---- C:\WINDOWS\system32\spider.exe
2010-04-04 21:53:44 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-04-04 21:53:44 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-04-04 21:53:43 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-04-04 21:53:42 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\colbact.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-04-04 21:53:41 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-04-04 21:53:40 ----A---- C:\WINDOWS\system32\comuid.dll
2010-04-04 21:53:40 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-04-04 21:53:40 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-04-04 21:53:40 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-04-04 21:53:40 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-04-04 21:53:26 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-04-04 21:53:25 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-04-04 21:53:25 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-04-04 21:53:25 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-04-04 19:54:15 ----RD---- C:\docy
2010-03-10 13:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

======List of files/folders modified in the last 1 months======

2010-04-06 20:19:05 ----RD---- C:\Program Files
2010-04-06 18:37:54 ----D---- C:\WINDOWS\Temp
2010-04-06 18:02:45 ----D---- C:\WINDOWS\system32
2010-04-06 18:02:45 ----D---- C:\WINDOWS
2010-04-06 17:51:07 ----D---- C:\Program Files\Common Files
2010-04-06 17:15:44 ----D---- C:\WINDOWS\system32\Restore
2010-04-05 17:21:28 ----HD---- C:\WINDOWS\inf
2010-04-05 17:21:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-04-05 17:21:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-05 14:17:53 ----SHD---- C:\WINDOWS\Installer
2010-04-05 14:17:53 ----SHD---- C:\Config.Msi
2010-04-05 14:17:32 ----A---- C:\WINDOWS\win.ini
2010-04-05 14:17:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-05 14:17:20 ----RSD---- C:\WINDOWS\Fonts
2010-04-05 14:17:16 ----HD---- C:\WINDOWS\ShellNew
2010-04-05 14:16:54 ----D---- C:\Program Files\Common Files\System
2010-04-05 14:13:42 ----D---- C:\WINDOWS\system
2010-04-05 12:39:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-05 12:38:52 ----D---- C:\Program Files\Windows NT
2010-04-05 12:38:50 ----D---- C:\Program Files\Windows Media Player
2010-04-05 12:38:46 ----D---- C:\Program Files\Outlook Express
2010-04-05 12:38:41 ----D---- C:\Program Files\NetMeeting
2010-04-05 12:38:24 ----D---- C:\Program Files\Movie Maker
2010-04-05 12:38:19 ----D---- C:\Program Files\Internet Explorer
2010-04-05 08:58:41 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-05 08:58:40 ----D---- C:\WINDOWS\Help
2010-04-05 08:54:13 ----D---- C:\WINDOWS\system32\drivers
2010-04-05 08:54:12 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-04-05 08:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-04-05 08:54:00 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-04-05 08:53:53 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-05 08:52:49 ----D---- C:\WINDOWS\WBEM
2010-04-05 08:52:42 ----D---- C:\WINDOWS\Media
2010-04-05 08:52:34 ----HDC---- C:\WINDOWS\ie8
2010-04-05 08:51:10 ----D---- C:\WINDOWS\Debug
2010-04-05 08:45:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-04-05 08:45:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-04-05 08:44:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-04-05 08:39:16 ----D---- C:\WINDOWS\system32\wbem
2010-04-05 08:39:16 ----D---- C:\WINDOWS\AppPatch
2010-04-05 00:25:39 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-04-05 00:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-04-05 00:25:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-04-05 00:24:45 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-04-05 00:24:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-04-05 00:23:30 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-04-05 00:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-04-05 00:23:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-04-05 00:22:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-04-05 00:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-04-05 00:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-04-05 00:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-04-05 00:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-04-05 00:21:44 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-04-05 00:21:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-04-05 00:21:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-04-05 00:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-04-05 00:21:18 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-04-05 00:21:06 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$
2010-04-05 00:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-04-05 00:20:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-04-05 00:20:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-04-05 00:07:15 ----SHD---- C:\RECYCLER
2010-04-05 00:02:39 ----D---- C:\Program Files\Lexmark 2200 Series
2010-04-05 00:02:36 ----D---- C:\Program Files\Common Files\Adobe
2010-04-05 00:02:35 ----D---- C:\Program Files\Adobe
2010-04-04 23:49:47 ----D---- C:\WINDOWS\system32\Setup
2010-04-04 23:49:08 ----D---- C:\WINDOWS\security
2010-04-04 23:48:29 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-04 23:45:23 ----D---- C:\WINDOWS\network diagnostic
2010-04-04 23:45:23 ----D---- C:\WINDOWS\ime
2010-04-04 23:45:10 ----A---- C:\WINDOWS\system.ini
2010-04-04 23:44:57 ----D---- C:\WINDOWS\system32\usmt
2010-04-04 23:44:55 ----D---- C:\WINDOWS\system32\cs
2010-04-04 23:44:55 ----D---- C:\WINDOWS\l2schemas
2010-04-04 23:44:54 ----D---- C:\WINDOWS\system32\bits
2010-04-04 23:44:54 ----D---- C:\WINDOWS\PeerNet
2010-04-04 23:39:57 ----D---- C:\WINDOWS\system32\1029
2010-04-04 23:39:47 ----D---- C:\WINDOWS\twain_32
2010-04-04 23:39:20 ----D---- C:\WINDOWS\system32\ras
2010-04-04 23:38:55 ----D---- C:\WINDOWS\system32\icsxml
2010-04-04 23:38:32 ----D---- C:\WINDOWS\system32\1033
2010-04-04 23:37:50 ----D---- C:\WINDOWS\system32\XPSViewer
2010-04-04 23:37:50 ----D---- C:\WINDOWS\system32\npp
2010-04-04 23:37:48 ----D---- C:\WINDOWS\msagent
2010-04-04 23:37:47 ----D---- C:\WINDOWS\system32\en-US
2010-04-04 23:37:44 ----D---- C:\WINDOWS\srchasst
2010-04-04 23:37:39 ----D---- C:\WINDOWS\system32\Com
2010-04-04 23:37:36 ----RSD---- C:\WINDOWS\assembly
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallWudf01005$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-04-04 23:37:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969898$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB969897$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968537_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961373_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB959772_WM11$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-04-04 23:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-04-04 23:36:40 ----D---- C:\WINDOWS\system32\oobe
2010-04-04 23:30:15 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-04-04 23:27:48 ----D---- C:\WINDOWS\EHome
2010-04-04 22:22:45 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-04-04 22:04:44 ----D---- C:\Documents and Settings
2010-04-04 22:03:23 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-04 22:01:39 ----SHD---- C:\System Volume Information
2010-04-04 22:01:30 ----SD---- C:\WINDOWS\Tasks
2010-04-04 22:01:05 ----D---- C:\WINDOWS\system32\config
2010-04-04 21:58:13 ----D---- C:\WINDOWS\repair
2010-04-04 21:57:33 ----D---- C:\WINDOWS\Registration
2010-04-04 21:57:22 ----D---- C:\WINDOWS\system32\ias
2010-04-04 21:56:33 ----RD---- C:\WINDOWS\Web
2010-04-04 21:56:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-04 21:56:29 ----RD---- C:\WINDOWS\Offline Web Pages
2010-04-04 21:54:41 ----D---- C:\WINDOWS\system32\MsDtc
2010-04-04 21:54:02 ----D---- C:\WINDOWS\Cursors
2010-04-04 21:50:27 ----SH---- C:\boot.ini
2010-03-28 19:41:52 ----D---- C:\Program Files\ABBYY FineReader 5.0 Sprint
2010-03-10 06:43:10 ----A---- C:\WINDOWS\system32\shdocvw.dll
2010-03-10 06:43:04 ----A---- C:\WINDOWS\system32\browseui.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R3 BthEnum;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-04 1897408]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

JejeKop

Dobrý večer

To co našel mwaw, jsou jen neškodné zbytky v registrech.

Počítač jste přeinstaloval s formátem?

DV,
mam jeden fyzicky HDD rozdeleny na C: a D: - C: je pro system, D: pro data. Cili format se nekonal...

JejaKop

Omlouvam se,
ale pro dnesek to musim sbalit

- za jakekoli rady predem dekuji a hned zitra rano se pokusim se jimi ridit (budou-li tu jake. Uprimne doufam, ze ano

)

JejaKop

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Dobrá, děkuji.
Jen co skončím v práci, jedu k tomu nakaženému počítači a provedu to co radíte. Potom se ozvu i s logem.
Zatím díky.
JK

Dobře, já tu budu asi až kolem půl 9 večer.

DD,
mam dotaz - ted jsem spustil combofix, ale pise mi to, ze

**
Tento pocitac nema naistalovanou KONZOLU PRO ZOTAVENI
Bez ni CF nebudde automaticky odstranovat nektere druhy odolne a nebezpecne haveti
Kliknete ANO chcete-li ji stahnout a instalovat
POZN: vyzaduje pripojeni k netu...
**

Co s tim, o tom ve vasich instrukcich nebylo ani slovo

Pripojen k netu nejsem, zamerne.

Diky
JK

DD,
takze tady je ten log z CF (nakonec jsem klikl na NE - viz predchozi prispevek)

LOG Z COMBOFIXU:

ComboFix 10-04-06.04 - Jan Kopecký 07.04.2010 17:02:49.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.648 [GMT 2:00]
Spuštěný z: c:\documents and settings\Jan Kopecký\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\S-1-5-21-1715567821-179605362-682003330-1004
c:\recycler\S-1-5-21-343818398-1563985344-725345543-1004
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
c:\windows\system32\Temp

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-07 do 2010-04-07 )))))))))))))))))))))))))))))))
.

2010-04-06 18:19 . 2010-04-06 18:19 -------- d-----w- c:\program files\trend micro
2010-04-06 18:19 . 2010-04-06 18:19 -------- d-----w- C:\rsit
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\VDLL.DLL
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\system32\runouce.exe
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\rundll16.exe
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\logo1_.exe
2010-04-06 16:02 . 2010-04-06 16:02 -------- d---a-w- c:\windows\logo_1.exe
2010-04-06 15:51 . 2010-04-06 15:51 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-04-06 15:51 . 2010-04-06 15:51 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-04-06 15:51 . 2010-04-06 15:51 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-04-06 15:51 . 2008-04-14 03:22 137216 ----a-w- c:\windows\system32\T.COM
2010-04-06 15:51 . 2008-04-14 03:22 147968 ----a-w- c:\windows\R.COM
2010-04-06 15:51 . 2010-04-06 15:51 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-04-06 15:50 . 2010-04-06 18:18 -------- d-----w- C:\for me
2010-04-05 13:38 . 2010-04-05 13:39 -------- d-----w- c:\program files\totalcmd
2010-04-05 12:17 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-04-05 12:17 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2010-04-05 06:53 . 2010-02-25 06:18 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-05 06:53 . 2010-02-25 06:18 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-05 06:53 . 2010-02-25 06:18 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-05 06:53 . 2010-02-25 06:18 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-05 06:53 . 2010-02-25 06:18 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-05 06:53 . 2010-02-25 09:48 11070976 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-04-05 06:53 . 2010-02-16 04:50 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-04-05 06:44 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\UC.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\RAR.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\PKZIP.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\LHA.PIF
2010-04-04 21:52 . 2006-11-22 05:00 545 ----a-w- c:\windows\ARJ.PIF
2010-04-04 21:48 . 2001-08-17 21:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2010-04-04 21:48 . 2008-04-14 03:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-04-04 21:47 . 2008-04-13 18:51 101120 ----a-w- c:\windows\system32\drivers\bthpan.sys
2010-04-04 21:47 . 2008-04-13 18:46 59136 ----a-w- c:\windows\system32\drivers\rfcomm.sys
2010-04-04 21:47 . 2008-04-14 03:22 152064 ----a-w- c:\windows\system32\irftp.exe
2010-04-04 21:47 . 2008-04-14 03:22 8192 ----a-w- c:\windows\system32\wshirda.dll
2010-04-04 21:47 . 2008-04-14 03:21 27648 ----a-w- c:\windows\system32\irmon.dll
2010-04-04 21:47 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\bthenum.sys
2010-04-04 21:47 . 2008-06-14 17:35 272128 ----a-w- c:\windows\system32\drivers\bthport.sys
2010-04-04 21:47 . 2008-04-13 18:46 18944 ----a-w- c:\windows\system32\drivers\bthusb.sys
2010-04-04 21:47 . 2008-04-14 02:14 58496 ----a-w- c:\windows\system32\drivers\redbook.sys
2010-04-04 21:47 . 2004-08-03 22:29 1897408 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-04-04 21:47 . 2008-04-14 03:21 4274816 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-04 21:46 . 2004-08-03 22:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2010-04-04 21:46 . 2008-04-13 18:36 42368 ----a-w- c:\windows\system32\drivers\agp440.sys
2010-04-04 21:46 . 2008-04-14 03:22 75264 ----a-w- c:\windows\system32\usbui.dll
2010-04-04 21:46 . 2008-04-14 02:25 5504 ----a-w- c:\windows\system32\drivers\intelide.sys
2010-04-04 21:44 . 2006-03-02 12:00 6656 -c--a-w- c:\windows\system32\dllcache\kbdycl.dll
2010-04-04 21:43 . 2010-04-04 19:56 -------- d-----w- c:\documents and settings\All Users.WINDOWS
2010-04-04 21:43 . 2010-04-04 20:04 -------- d--h--w- c:\documents and settings\Default User.WINDOWS
2010-04-04 20:58 . 2004-08-03 20:41 1041536 ------w- c:\windows\system32\drivers\hsfdpsp2.sys
2010-04-04 20:58 . 2004-08-03 20:41 685056 ------w- c:\windows\system32\drivers\hsfcxts2.sys
2010-04-04 20:58 . 2004-08-03 20:41 220032 ------w- c:\windows\system32\drivers\hsfbs2s2.sys
2010-04-04 20:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-04-04 20:38 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-04-04 20:38 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-04 20:35 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-04-04 20:32 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-04-04 20:30 . 2008-04-11 19:06 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll
2010-04-04 20:29 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-04-04 20:29 . 2009-07-31 04:35 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-04-04 20:23 . 2009-01-07 16:20 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-04-04 20:04 . 2010-04-05 07:00 -------- d-----w- c:\documents and settings\Jan Kopecký
2010-04-04 20:01 . 2010-04-04 20:01 -------- d-sh--w- c:\documents and settings\LocalService.NT AUTHORITY.000
2010-04-04 20:01 . 2010-04-04 20:01 -------- d-----w- c:\documents and settings\LocalService.NT AUTHORITY.000\Data aplikací
2010-04-04 20:01 . 2010-04-04 20:01 -------- d-----w- c:\documents and settings\NetworkService.NT AUTHORITY.000\Data aplikací
2010-04-04 20:01 . 2010-04-04 20:01 -------- d-sh--w- c:\documents and settings\NetworkService.NT AUTHORITY.000
2010-04-04 20:00 . 2006-03-02 12:00 41600 -c--a-w- c:\windows\system32\dllcache\weitekp9.dll
2010-04-04 20:00 . 2006-03-02 12:00 31360 -c--a-w- c:\windows\system32\dllcache\weitekp9.sys
2010-04-04 20:00 . 2006-03-02 12:00 48256 -c--a-w- c:\windows\system32\dllcache\w32.dll
2010-04-04 19:58 . 2008-04-14 03:16 13463552 -c--a-w- c:\windows\system32\dllcache\hwxjpn.dll
2010-04-04 19:56 . 2010-04-04 19:57 -------- d-sh--w- c:\documents and settings\All Users.WINDOWS\DRM
2010-04-04 19:54 . 2010-04-04 19:54 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-04 19:54 . 2006-03-02 12:00 5632 -c--a-w- c:\windows\system32\dllcache\write.exe
2010-04-04 19:54 . 2006-03-02 12:00 5632 ----a-w- c:\windows\system32\write.exe
2010-04-04 17:54 . 2010-04-04 17:54 -------- d-----r- C:\docy
2010-03-10 04:43 . 2010-03-10 04:43 1510400 -c----w- c:\windows\system32\dllcache\shdocvw.dll
2010-03-10 04:43 . 2010-03-10 04:43 1025024 -c----w- c:\windows\system32\dllcache\browseui.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-07 06:22 . 2006-03-02 12:00 46016 ----a-w- c:\windows\system32\perfc005.dat
2010-04-07 06:22 . 2006-03-02 12:00 309716 ----a-w- c:\windows\system32\perfh005.dat
2010-04-04 22:02 . 2009-12-15 22:01 -------- d-----w- c:\program files\Lexmark 2200 Series
2010-04-04 22:02 . 2009-05-05 20:20 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-04 21:47 . 2010-04-04 19:56 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-04-04 21:47 . 2010-04-04 19:56 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-04-04 21:46 . 2010-04-04 19:57 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-03-28 17:41 . 2009-12-15 22:05 -------- d-----w- c:\program files\ABBYY FineReader 5.0 Sprint
2010-02-25 06:18 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14.5.2009 15:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14.5.2009 15:49 94360]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.5.2009 15:47 731840]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Adobe AIR - c:\program files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-07 17:07
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
Celkový čas: 2010-04-07 17:08:42
ComboFix-quarantined-files.txt 2010-04-07 15:08

Před spuštěním: Volných bajtů: 15 233 286 144
Po spuštění: Volných bajtů: 15 799 029 760

- - End Of File - - C43222F9AC31F788AC48F9227AECA671

Diky za pomoc
JK

V pořádku, konzole není potřeba.
Jak to vypadá s počítačem?

Pro jistotu zkontrolujeme i flešky , externí disky a pod.

Zapojte do pc všechny usb klíče, flashky...co používáte

Stáhněte na plochu UsbFix
-spusťte, zvolte jazyk E - potvrdťe enter
-klikněte na volbu 2 - enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt

DV,
mam dotaz - snad ne uplne blby... Mam vic flesek nez portu pro ne, cili otazka zni: mohu cely proces opakovat??

Diky
JK

Ano, můžete

Tak tady to je, posilam log z USBFixu...

############################## | UsbFix V6.100 |

User : Jan Kopecký (Administrators) # VINICE-KUCHYN
Update on 18/03/2010 by El Desaparecido , C_XX & Chimay8
Start at: 21:56:24 | 7.4.2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

Intel(R) Pentium(R) 4 CPU 3.00GHz
Microsoft Windows XP Home Edition (5.1.2600 32-bit) # Service Pack 3
Internet Explorer 8.0.6001.18702
Windows Firewall Status : Enabled
AV : ESET NOD32 Antivirus 4.0 4.0 [ Enabled | Updated ]

C:\ -> Místní pevný disk # 24,41 Go (14,72 Go free) # NTFS
D:\ -> Místní pevný disk # 124,63 Go (24,41 Go free) [DOKUMENTY] # NTFS
E:\ -> Disk CD-ROM
F:\ -> Vyměnitelný disk # 1,86 Go (1,71 Go free) # FAT
G:\ -> Vyměnitelný disk
H:\ -> Vyměnitelný disk # 7,41 Go (6,03 Go free) [CANON_DC] # FAT32
I:\ -> Vyměnitelný disk
J:\ -> Vyměnitelný disk
K:\ -> Vyměnitelný disk
L:\ -> Vyměnitelný disk # 1,88 Go (1,47 Go free) [USBDISK] # FAT
M:\ -> Vyměnitelný disk # 7,51 Go (85,93 Mo free) [KINGSTON] # FAT32

################## | Files # Infected Folders |

Deleted ! C:\WINDOWS\rundl132.exe
Deleted ! D:\Recycler\S-1-5-21-1715567821-179605362-682003330-1004
Deleted ! D:\Recycler\S-1-5-21-2025429265-1060284298-725345543-1004
Deleted ! D:\Recycler\S-1-5-21-343818398-1563985344-725345543-1004

################## | Registry |

Deleted ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"
Deleted ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"

################## | Mountpoints2 |

################## | Listing of the present files |

[28.04.2009 21:41|---------|0] C:\AUTOEXEC.BAT
[04.04.2010 21:50|---hs----|211] C:\boot.ini
[02.03.2006 14:00|-rahs----|4952] C:\Bootfont.bin
[26.09.2009 23:30|--a------|915] C:\cmd.txt
[07.04.2010 17:08|--a------|11081] C:\ComboFix.txt
[28.04.2009 21:41|--a------|0] C:\CONFIG.SYS
[?|?|?] C:\hiberfil.sys
[28.04.2009 21:41|-rahs----|0] C:\IO.SYS
[28.04.2009 21:41|-rahs----|0] C:\MSDOS.SYS
[02.03.2006 14:00|-rahs----|47564] C:\NTDETECT.COM
[28.04.2009 22:13|-rahs----|250576] C:\ntldr
[?|?|?] C:\pagefile.sys
[07.04.2010 21:59|--a------|2200] C:\UsbFix.txt
[16.05.2009 01:11|--a------|700] C:\wsr.txt
[28.01.2010 20:51|--a------|83] D:\20100128 poznamka k cisteni PC doma.txt
[09.03.2010 22:31|--ah-----|1732] D:\Default.rdp
[05.04.2010 08:58|--ahs----|157] D:\desktop.ini
[13.10.2009 21:04|--a------|405504] D:\Exekuźnˇ ý d.doc
[29.09.2009 21:12|--a------|939809] D:\GetFile.aspx
[04.05.2009 00:19|--a------|602835100] D:\Image.nrg
[04.04.2010 22:08|--ahs----|78] D:\Kopie - desktop.ini
[06.04.2010 20:19|--a------|1369] D:\pinfect.zip
[22.02.2010 00:51|--a------|284] D:\spider.sav
[12.04.2009 19:01|--a------|17629] D:\Zalozky 2009-04-12.json
[26.10.2009 10:39|--a------|24064] D:\ů.doc
[06.04.2010 17:47|--a------|68866904] F:\mwav.exe
[06.04.2010 19:42|--a------|2165] F:\mwavlog-20100406.txt
[06.04.2010 20:19|--a------|781909] F:\RSIT.exe
[06.04.2010 13:46|--a------|497882] F:\PSISetup.exe
[29.01.2010 17:17|--a------|3357024] F:\ccsetup227.exe
[07.04.2010 21:21|--a------|1776011] F:\StartUpLite.exe
[18.08.2006 10:40|--a------|133530068] L:\BMC 17 DCP.mpg
[15.04.2005 12:18|--a------|196447306] L:\LEMIC 216 - english.mpg
[23.05.2008 06:53|--a------|69632] L:\Popis_zavad.doc
[10.02.2009 13:58|--a------|260029] L:\Prospekt Bmc17(smol).eml
[11.11.2009 10:12|--a------|795120] L:\CadStd_Lite_V3_Install.exe
[19.01.2010 14:01|--a------|3326576] L:\ccsetup226.exe
[24.04.2009 22:21|--a------|339257] L:\CleanUp452.exe
[11.11.2009 14:51|--a------|31570432] L:\eav_nt32_csy.msi
[03.03.2008 07:56|--a------|17346048] L:\eavbe_nt32_csy.msi
[14.10.2009 08:48|--a------|322560] L:\Exekuźnˇ ý d.doc
[11.12.2009 14:40|--a------|727040] L:\netscan.exe
[09.10.2009 16:40|--a------|10752] L:\ozp--zadost-o-prominuti-penale.doc
[05.05.2008 08:42|--a------|2804857] L:\ProfiCAD 4.6.4.exe
[12.10.2009 11:43|--a------|11390422] L:\quicktimealt292.exe
[24.04.2009 22:23|--a------|2691072] L:\rmvirut.exe
[10.03.2010 19:37|--a------|6256471] L:\hmi.zip
[15.03.2010 09:21|--a------|1919990] L:\AdolixSplitMergePDFSetup.exe.exe
[15.03.2010 09:22|--a------|226904] L:\pdfhelper.zip

################## | Vaccination |

# C:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# D:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# F:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# H:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# L:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).
# M:\autorun.inf -> Autorun.inf created by UsbFix (El Desaparecido).

################## | Upload |

Please send the file : C:\UsbFix_Upload_Me_VINICE-KUCHYN.zip : http://chiquitine.changelog.fr/Sample/Upload.php
Thank you for your contribution .

################## | ! End of report # UsbFix V6.100 ! |

Takze co ted? Predpokladam, ze vy z toho dovedete poznat, zda je vycisteno ci nikoli - nechce se mi s tim PC nic podnikat dokud mi nenapisete ze je to v poradku, takze pockam na odpoved, nez se budu pokouset o cokoli. Resp zkusim to ted restartovat a uvidim...
Stale nejsem pripojen na Net (mam vypnuty Eset) a zatim se pripojovat nebudu, dokud mi nereknete, ze mohu...

Jo, ted si uvedomuju: nakonec stacilo spustit to jen jednou, neb se nakonec ukazalo, ze se mi prec jen vsechny flasky a pametove karty vejdou do dostupnych USB konektoru... Tedy proto je tu jen jeden log...

Prozatim mockrat dekuju za dosavadni rady a budu trpelive cekat na dalsi...

Pozn.:
Ted uz jdu chrnet, ale rano se sem zase podivam a zitra (snad) budu mit i kdy podivat vse k tomu PC i behem dne a ne az po skonceni pracovni doby...

Jeste jednou, omlouvam se... Jeste jeden/dva dotazy me napadaji:

A) Mohla by jste mi pls rici, jakou cestou (zrejme, pravdepodobne, ...) doslo k nakaze? Skrze pripojeni (navsteva spatne stranky napr.). Nebo stazenim, nezkontrolovanim a naslednym otevrenim infikovaneho souboru? Nebo (jak naznacuje nazev USBFix) skrze infikovany USB FlashDisk? Rozumejte - ja u toho PC nesedavam (mam jich az dost v praci

), pouzivaji ho moji rodice; jde mi tedy o to, pred cim je "varovat"... (Snad se vyjadruji aspon trochu srozumitelne...).

B.1) Co to bylo/je za potvoru (-ry)? Nazev jsem si precetl (a taky jsem jej napsal do predmetu tohoto threadu), mam spis na mysli co za typ/druh mallware (spravne??) to je - lze-li to tedy nejak strucne a vystizne popsat... (mozna idealni byl bylo, kdyby jste mi mohla napsat odkaz na stranku kde bych si o tom mohl neco precist (cz/eng/rus - jinymi jazyky nevladnu).

B.2) Hrozi riziko, ze - byla-li tim postizena napr. pametova karta z dig. fotaku - by mohlo dojit napr. k poskozeni firmware toho fotaku. Nebo totez v pripade GPS navigace?

Snad Vas prilis nezatezuju, pokud ano, omlouvam se a trochu me zklidnete

Diky!

VIRY.CZ

SmitFraud Browser Hijacker & ezula Spyware/Adware

SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware

Re: SmitFraud Browser Hijacker & ezula Spyware/Adware