Ahojte, počítač se mi hodně zpomalil a začal se častěji sekat. Zkoušela jsem
zpustit i program Mwav, který našel nějakou havěť. Mwav jsem zatím nenechala
dokoncit - log přikládám na konec. Moc prosím o vaše rady.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Martina at 2010-02-20 06:47:41
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (65%) free of 30 GB
Total RAM: 1024 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:47:47, on 20.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Total Commander 7.03\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
c:\Documents and Settings\Martina\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Martina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: Dealio Toolbar - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FDDSTray] C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D18BEC18-D943-489D-9EB4-E48BB08F3C1D}: NameServer = 192.168.242.97,217.112.162.34
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Fazzt - KenCast, Inc. - C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 7558 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2009-12-16 700416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\SearchSettings.dll [2009-12-16 1109504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Dealio Toolbar - C:\Program Files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll [2009-12-16 700416]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"FDDSTray"=C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe [2000-12-07 25088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"DAEMON Tools-1033"=C:\Program Files\D-Tools\daemon.exe [2004-03-12 81920]
"nwiz"=nwiz.exe /install []
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2009-12-16 975360]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cmaudio]
RunDll32 cmicnfg.cpl,CMICtrlWnd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\system32\runouce.exe
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-19 20:34:13 ----A---- C:\WINDOWS\system32\msvcr80.dll
2010-02-19 20:34:11 ----A---- C:\WINDOWS\system32\msvcp80.dll
2010-02-19 20:34:10 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-19 20:34:07 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-02-19 20:34:07 ----A---- C:\WINDOWS\system32\T.COM
2010-02-19 20:34:06 ----A---- C:\WINDOWS\REGEDIT.COM
2010-02-19 20:34:06 ----A---- C:\WINDOWS\R.COM
2010-02-19 20:34:02 ----D---- C:\Program Files\Common Files\MicroWorld
2010-02-19 20:33:39 ----D---- C:\Documents and Settings\All Users\Data aplikací\MicroWorld
2010-02-19 19:51:19 ----D---- C:\Program Files\CCleaner
2010-02-19 16:56:45 ----A---- C:\nove802.txt
2010-02-19 16:39:15 ----D---- C:\Documents and Settings\Martina\Data aplikací\Search Settings
2010-02-19 16:39:12 ----D---- C:\Documents and Settings\Martina\Data aplikací\Dealio
2010-02-19 12:07:52 ----D---- C:\Program Files\Search Settings
2010-02-19 12:07:43 ----D---- C:\Program Files\Application Updater
2010-02-19 12:07:42 ----D---- C:\Program Files\Dealio Toolbar
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\lame_enc.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-02-19 12:06:57 ----D---- C:\Program Files\Free Audio Pack
2010-02-19 12:06:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\FreeAudioPack
2010-02-18 07:50:25 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-02-18 07:50:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-02-16 09:32:42 ----D---- C:\Program Files\AVIVA
2010-02-16 08:07:25 ----N---- C:\WINDOWS\system32\msxml3a.dll
2010-02-16 08:06:15 ----D---- C:\Program Files\CyberLink
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\px.dll
2010-02-16 08:03:54 ----D---- C:\Program Files\Winamp
2010-02-16 08:03:54 ----A---- C:\WINDOWS\winamp.ini
2010-02-16 08:01:44 ----D---- C:\Program Files\XviD
2010-02-16 08:00:54 ----D---- C:\Program Files\DivX
2010-02-16 07:56:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\BSplayer Pro
2010-02-16 07:56:46 ----D---- C:\Program Files\Webteh
2010-02-15 09:36:10 ----A---- C:\WINDOWS\EurekaLog.ini
2010-02-14 10:46:04 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-14 10:44:16 ----D---- C:\Program Files\TRANSLAT
2010-02-14 10:40:14 ----D---- C:\chata
2010-02-14 08:02:53 ----A---- C:\WINDOWS\Ikony.ini
2010-02-14 08:02:35 ----D---- C:\Program Files\Ikony
2010-02-14 08:02:29 ----A---- C:\WINDOWS\uninst.exe
2010-02-14 08:02:07 ----D---- C:\Program Files\GIF Icon Gallery
2010-02-14 08:01:30 ----D---- C:\Favicon
2010-02-13 18:50:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-02-13 18:49:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\LangSoft
2010-02-12 20:32:57 ----D---- C:\chata kacerov
2010-02-12 19:50:05 ----D---- C:\Program Files\Common Files\Macromedia
2010-02-12 19:17:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Macromedia
2010-02-12 19:17:39 ----D---- C:\WINDOWS\system32\QuickTime
2010-02-12 19:17:31 ----D---- C:\Program Files\Macromedia
2010-02-12 18:31:05 ----SHD---- C:\RECYCLER
2010-02-10 09:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 09:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 09:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:16:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 09:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 09:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-08 18:57:37 ----D---- C:\Documents and Settings\Martina\Data aplikací\ACD Systems
2010-02-08 18:57:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\Common Files\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\ACD Systems
2010-02-08 18:21:25 ----D---- C:\Documents and Settings\Martina\Data aplikací\Wireshark
2010-02-08 18:19:20 ----D---- C:\MAC
2010-02-08 18:19:03 ----D---- C:\Program Files\WinPcap
2010-02-08 18:18:30 ----D---- C:\Program Files\Wireshark
2010-02-07 09:33:05 ----D---- C:\Program Files\MSXML 4.0
2010-02-07 09:30:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\WinRAR
2010-02-07 09:01:39 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-07 09:00:29 ----D---- C:\WINDOWS\ShellNew
2010-02-07 08:58:04 ----D---- C:\Program Files\WinRAR
2010-02-06 13:39:46 ----A---- C:\WINDOWS\system32\cdintf400.dll
2010-02-06 13:39:27 ----A---- C:\WINDOWS\system32\Ry4CoInst.dll
2010-02-06 13:37:11 ----D---- C:\Program Files\KROSplus
2010-02-06 13:37:10 ----D---- C:\KROSplusData
2010-02-06 09:56:21 ----D---- C:\Program Files\ABAK
2010-02-06 09:55:57 ----A---- C:\WINDOWS\IsUn0405.exe
2010-02-06 08:35:38 ----D---- C:\Hrom
2010-02-06 08:27:07 ----D---- C:\Program Files\Autodesk
2010-02-06 08:26:02 ----D---- C:\Program Files\AnswerWorks 4.0
2010-02-06 08:25:59 ----D---- C:\Program Files\Microsoft Office
2010-02-06 08:25:53 ----D---- C:\Program Files\Common Files\Designer
2010-02-06 08:24:23 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-02-06 08:24:23 ----D---- C:\Program Files\AutoCAD 2005
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\Martina\Data aplikací\Autodesk
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-02-06 08:20:07 ----D---- C:\Program Files\D-Tools
2010-02-06 08:19:58 ----D---- C:\WINDOWS\Downloaded Installations
2010-02-05 22:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-02-05 22:28:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-02-05 22:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-02-05 22:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-05 22:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-02-05 22:26:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-05 21:21:39 ----D---- C:\Documents and Settings\Martina\Data aplikací\QuickScan
2010-02-05 21:13:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\Malwarebytes
2010-02-05 21:13:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-05 21:13:10 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-02-05 19:54:56 ----D---- C:\Program Files\trend micro
2010-02-05 19:54:51 ----D---- C:\rsit
2010-02-05 18:14:50 ----D---- C:\WINDOWS\pss
2010-02-05 18:01:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\CMUV
2010-02-05 17:39:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-02-05 16:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-02-05 16:24:15 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-05 16:24:11 ----D---- C:\Program Files\MSBuild
2010-02-05 16:24:09 ----D---- C:\WINDOWS\system32\en-US
2010-02-05 16:24:02 ----D---- C:\Program Files\Reference Assemblies
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-02-05 16:23:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-02-05 16:19:52 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-02-05 16:19:50 ----D---- C:\Documents and Settings\Martina\Data aplikací\Windows Desktop Search
2010-02-05 16:19:18 ----D---- C:\Program Files\Windows Desktop Search
2010-02-05 16:19:06 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-02-05 16:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-02-05 16:18:33 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-05 16:18:32 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-02-05 16:18:15 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-05 16:18:05 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-02-05 16:17:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-02-05 16:16:37 ----D---- C:\WINDOWS\system32\LogFiles
2010-02-05 16:16:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-02-05 16:14:34 ----RSD---- C:\WINDOWS\assembly
2010-02-05 16:14:34 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-05 16:14:32 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-05 12:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-05 12:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-05 09:56:36 ----D---- C:\Program Files\Western Digital Corporation
2010-02-05 09:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-02-05 09:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-05 09:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-05 09:43:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-05 09:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-05 09:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-05 09:43:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-05 09:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-05 09:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-05 09:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-05 09:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-05 09:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-05 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-05 09:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-05 09:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-05 09:40:45 ----D---- C:\WINDOWS\ie8updates
2010-02-05 09:40:14 ----D---- C:\WINDOWS\WBEM
2010-02-05 09:39:01 ----HDC---- C:\WINDOWS\ie8
2010-02-05 09:31:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-05 09:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-05 09:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-02-05 09:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-05 09:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-05 09:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-05 09:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-05 09:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-05 09:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-05 09:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-05 09:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-05 09:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-02-05 09:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-05 09:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-05 09:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-05 09:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-05 09:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-05 09:27:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-05 09:27:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-05 09:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-05 09:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-05 09:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-05 09:26:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-05 09:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-05 09:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-05 09:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-05 09:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-05 09:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-05 09:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-05 09:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-02-05 09:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-05 09:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-05 09:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-05 09:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-05 09:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-05 09:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-05 09:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-02-05 09:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-05 09:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-05 09:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-05 09:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-05 09:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-05 09:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-05 09:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-05 09:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-05 08:22:19 ----D---- C:\Program Files\dvbdream
2010-02-05 08:14:44 ----D---- C:\WINDOWS\nview
2010-02-05 08:14:44 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-02-05 08:14:23 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-05 07:54:37 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-05 07:54:32 ----D---- C:\Program Files\ffdshow
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-02-05 07:53:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-02-05 07:53:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-02-05 07:53:50 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-02-05 07:53:48 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-02-05 07:53:47 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-02-05 07:53:46 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-02-05 07:53:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-02-05 07:53:43 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-02-05 07:53:42 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-02-05 07:53:39 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-02-05 07:53:37 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-02-05 07:53:35 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-02-05 07:53:31 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-02-05 07:53:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-02-05 07:53:27 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-02-05 07:53:18 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-02-05 07:53:08 ----D---- C:\WINDOWS\Logs
2010-02-05 07:47:16 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-05 07:47:15 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-05 07:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-05 07:47:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-05 07:46:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Technisat
2010-02-05 07:46:40 ----D---- C:\Program Files\DVBViewer TE2
2010-02-05 07:46:25 ----D---- C:\Program Files\MainConcept
2010-02-05 07:46:16 ----D---- C:\Program Files\TechniSat DVB
2010-02-05 07:46:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-05 07:45:46 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrs.dll
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrDef.ini
2010-02-05 07:42:05 ----A---- C:\WINDOWS\ODBC.INI
2010-02-05 07:42:04 ----D---- C:\Program Files\KenCast
2010-02-05 07:40:03 ----D---- C:\Documents and Settings\Martina\Data aplikací\AdobeUM
2010-02-05 07:37:56 ----D---- C:\Program Files\Common Files\Adobe
2010-02-05 07:37:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-05 07:35:51 ----D---- C:\Program Files\Adobe
2010-02-05 07:05:44 ----D---- C:\Documents and Settings\Martina\Data aplikací\Macromedia
2010-02-05 07:05:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\Adobe
2010-02-05 06:58:00 ----D---- C:\Program Files\HDDScan
2010-02-05 06:55:19 ----D---- C:\Program Files\HD Tune Pro
2010-02-05 06:37:25 ----D---- C:\Program Files\Total Commander 7.03
2010-02-05 06:37:25 ----A---- C:\WINDOWS\wincmd.ini
2010-02-05 06:35:58 ----D---- C:\klice
2010-02-04 22:45:41 ----D---- C:\Documents and Settings\Martina\Data aplikací\ESET
2010-02-04 22:44:34 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-04 22:44:18 ----D---- C:\Program Files\ESET
2010-02-04 22:44:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-04 22:41:22 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-04 22:40:19 ----A---- C:\WINDOWS\IsUninst.exe
2010-02-04 22:11:58 ----A---- C:\WINDOWS\system32\h323log.txt
2010-02-04 22:10:54 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-02-04 22:08:46 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-02-04 22:08:43 ----A---- C:\WINDOWS\system32\sfman32.dll
2010-02-04 22:08:41 ----A---- C:\WINDOWS\system32\sblfx.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devldr32.exe
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devcon32.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\ctwdm32.dll
2010-02-04 22:08:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-04 22:08:26 ----A---- C:\WINDOWS\system32\usbui.dll
2010-02-04 22:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-04 22:07:09 ----SHD---- C:\WINDOWS\Installer
2010-02-04 22:07:09 ----D---- C:\Program Files\Common Files\ODBC
2010-02-04 22:07:09 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-04 22:07:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-02-04 22:07:05 ----RD---- C:\Program Files
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdycl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdro.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdcr.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2010-02-04 22:06:50 ----A---- C:\WINDOWS\system32\irclass.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-02-04 22:06:47 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-02-04 22:06:47 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-02-04 22:06:46 ----A---- C:\WINDOWS\system32\batt.dll
2010-02-04 22:06:46 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-02-04 22:06:45 ----A---- C:\WINDOWS\system32\storprop.dll
2010-02-04 22:06:37 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-02-04 22:06:32 ----RA---- C:\WINDOWS\SET8.tmp
2010-02-04 22:06:29 ----RA---- C:\WINDOWS\SET4.tmp
2010-02-04 22:06:28 ----RA---- C:\WINDOWS\SET3.tmp
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-04 22:06:17 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-02-04 22:05:54 ----SHD---- C:\System Volume Information
2010-02-04 22:05:54 ----D---- C:\Documents and Settings
2010-02-04 22:05:04 ----SH---- C:\boot.ini
2010-02-04 21:58:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-04 21:58:49 ----RSD---- C:\WINDOWS\Fonts
2010-02-04 21:58:49 ----RD---- C:\WINDOWS\Web
2010-02-04 21:58:49 ----HD---- C:\WINDOWS\inf
2010-02-04 21:58:49 ----D---- C:\WINDOWS\WinSxS
2010-02-04 21:58:49 ----D---- C:\WINDOWS\twain_32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Temp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wins
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wbem
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\usmt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\spool
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ShellExt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\Setup
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ras
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\oobe
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\npp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\IME
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\icsxml
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ias
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\export
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\drivers
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\dhcp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3com_dmi
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3076
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\2052
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1054
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1042
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1041
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1037
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1033
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1031
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1029
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1028
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1025
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system
2010-02-04 21:58:49 ----D---- C:\WINDOWS\security
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Resources
2010-02-04 21:58:49 ----D---- C:\WINDOWS\repair
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Provisioning
2010-02-04 21:58:49 ----D---- C:\WINDOWS\pchealth
2010-02-04 21:58:49 ----D---- C:\WINDOWS\PeerNet
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Network Diagnostic
2010-02-04 21:58:49 ----D---- C:\WINDOWS\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msapps
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msagent
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Media
2010-02-04 21:58:49 ----D---- C:\WINDOWS\L2Schemas
2010-02-04 21:58:49 ----D---- C:\WINDOWS\java
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ime
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Help
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ehome
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Driver Cache
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Debug
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Cursors
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Connection Wizard
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\AppPatch
2010-02-04 21:58:49 ----D---- C:\WINDOWS\addins
2010-02-04 21:58:49 ----D---- C:\WINDOWS
2010-02-04 21:34:13 ----D---- C:\Documents and Settings\Martina\Data aplikací\Mozilla
2010-02-04 21:34:01 ----D---- C:\Program Files\Mozilla Firefox
2010-02-04 21:25:08 ----D---- C:\Documents and Settings\Martina\Data aplikací\Identities
2010-02-04 21:25:06 ----HD---- C:\Program Files\Uninstall Information
2010-02-04 21:25:01 ----SD---- C:\Documents and Settings\Martina\Data aplikací\Microsoft
2010-02-04 21:25:01 ----ASH---- C:\Documents and Settings\Martina\Data aplikací\desktop.ini
2010-02-04 21:24:08 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-04 21:23:01 ----D---- C:\WINDOWS\Prefetch
2010-02-04 21:23:00 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-04 21:23:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-04 21:18:50 ----D---- C:\WINDOWS\system32\xircom
2010-02-04 21:18:50 ----D---- C:\Program Files\xerox
2010-02-04 21:18:50 ----D---- C:\Program Files\microsoft frontpage
2010-02-04 21:18:27 ----AH---- C:\AUTOEXEC.BAT
2010-02-04 21:18:27 ----A---- C:\WINDOWS\control.ini
2010-02-04 21:18:07 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-04 21:17:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-04 21:17:04 ----RD---- C:\WINDOWS\Offline Web Pages
2010-02-04 21:17:04 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-04 21:16:57 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-04 21:16:52 ----HD---- C:\Program Files\WindowsUpdate
2010-02-04 21:16:48 ----D---- C:\Program Files\Online Services
2010-02-04 21:16:27 ----D---- C:\WINDOWS\system32\DirectX
2010-02-04 21:16:21 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-04 21:16:19 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-04 21:16:19 ----A---- C:\WINDOWS\desktop.ini
2010-02-04 21:16:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-04 21:16:11 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-04 21:16:10 ----D---- C:\Program Files\Common Files\Services
2010-02-04 21:16:07 ----SD---- C:\WINDOWS\Tasks
2010-02-04 21:16:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-04 21:16:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-04 21:16:03 ----D---- C:\WINDOWS\srchasst
2010-02-04 21:16:02 ----D---- C:\WINDOWS\system32\Macromed
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-04 21:15:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-04 21:15:57 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-02-04 21:15:54 ----D---- C:\Program Files\Movie Maker
2010-02-04 21:15:34 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-02-04 21:15:29 ----D---- C:\WINDOWS\system32\Restore
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-04 21:15:25 ----D---- C:\Program Files\NetMeeting
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-04 21:15:22 ----D---- C:\Program Files\Outlook Express
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-04 21:15:15 ----D---- C:\Program Files\Common Files\System
2010-02-04 21:15:14 ----D---- C:\Program Files\Internet Explorer
2010-02-04 21:14:30 ----D---- C:\Program Files\ComPlus Applications
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vb.ini
2010-02-04 21:14:24 ----D---- C:\WINDOWS\Registration
2010-02-04 21:14:17 ----D---- C:\Program Files\Windows Media Player
2010-02-04 21:14:10 ----D---- C:\Program Files\Messenger
2010-02-04 21:14:06 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-04 21:14:06 ----A---- C:\WINDOWS\system32\write.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-04 21:13:53 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-04 21:13:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-04 21:13:34 ----D---- C:\Program Files\Windows NT
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-04 21:13:29 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-04 21:13:27 ----D---- C:\WINDOWS\system32\Com
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-02-07 09:02:32 ----A---- C:\WINDOWS\win.ini
2010-02-05 18:15:22 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2010-02-06 22016]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2009-09-11 507408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\WINDOWS\system32\DRIVERS\Rockey4USB.sys [2010-02-06 12928]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WLAN; Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\wlanNDS.sys [2002-01-18 54784]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-14 73344]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 Fazzt;Fazzt; C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe [2000-12-01 155136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-02-06 74360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Mwav - test zatím nedokončen.
** Scanning may fail! File Locked [SUSPICIOUS]: C:\WINDOWS\system32\DRIVERS\atapi.sys (????)
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Privacy Center Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "LophtCrack Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "Cutwail Trojan" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Počítač se mi zpomalil a seká se
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
Dobrý den 
pošlete ještě log z Combofix:
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
pošlete ještě log z Combofix:
Stáhneme na plochu, ukončíme všechna aktivní okna a spustíme ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Po spuštění potvrdíme podmínky užití
- Dále postupujeme dle pokynů, během aplikování ComboFixu neklikejte do zobrazujících se oken
- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt
- ComboFix je třeba spustit pod účtem s právy administrátora
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
Při spuštění Combofix to napsalo, že v systému je rootkit.
ComboFix 10-02-19.04 - Martina 20.02.2010 9:02.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.723 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\components\config.ini
c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll
c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
c:\program files\Dealio Toolbar\FF\chrome\content\login.js
c:\program files\Dealio Toolbar\FF\chrome\content\login.xul
c:\program files\Dealio Toolbar\FF\chrome\content\parser.js
c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\Search Settings
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\components\SearchSettingsFF.dll
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\install.rdf
c:\program files\Search Settings\SearchSettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNET
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 07:38 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\TechniSat DVB
2010-02-05 06:46 . 2010-02-16 07:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 11:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2010-2-5 338448]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
MSConfigStartUp-Cmaudio - cmicnfg.cpl
AddRemove-PC Translator - c:\docume~1\COMPUT~1\LOCALS~1\Temp\UN32.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 09:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8631B6C8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x8631b6c8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(560)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-20 09:12:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-20 08:12
Před spuštěním: Volných bajtů: 20 347 117 568
Po spuštění: Volných bajtů: 20 681 097 216
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - EA7AF33A1E3D27D892686F6B2A15E5C7
[quote="meteorolog"]Dobrý den
pošlete ještě log z Combofix:
ComboFix 10-02-19.04 - Martina 20.02.2010 9:02.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.723 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\Dealio Toolbar
c:\program files\Dealio Toolbar\FF\components\config.ini
c:\program files\Dealio Toolbar\FF\components\dealioToolbarFF.dll
c:\program files\Dealio Toolbar\FF\components\IFBHOHelperWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\components\IFBHOWidgiToolbar.xpt
c:\program files\Dealio Toolbar\FF\chrome.manifest
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\chevron.xul
c:\program files\Dealio Toolbar\FF\chrome\content\login.js
c:\program files\Dealio Toolbar\FF\chrome\content\login.xul
c:\program files\Dealio Toolbar\FF\chrome\content\parser.js
c:\program files\Dealio Toolbar\FF\chrome\content\RssTickerWidget.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.js
c:\program files\Dealio Toolbar\FF\chrome\content\searchbox.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgicomm.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgihandling.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgichevron.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgilisteners.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.js
c:\program files\Dealio Toolbar\FF\chrome\content\widgitoolbarplugin.xul
c:\program files\Dealio Toolbar\FF\chrome\content\widgiui.js
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\searchbox.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties
c:\program files\Dealio Toolbar\FF\chrome\locale\EN-US\yahoo-search.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\apple.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\barnes.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\bestbuy.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\icon_settings.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\macys.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\newegg.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\overstock.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-button.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron-hover.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search-chevron.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_amazon.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_dealio.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_ebay.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\search_yahoo.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\searchbox.css
c:\program files\Dealio Toolbar\FF\chrome\skin\separator.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\target.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\walmart.gif
c:\program files\Dealio Toolbar\FF\chrome\skin\widgitoolbarplugin.css
c:\program files\Dealio Toolbar\FF\install.rdf
c:\program files\Dealio Toolbar\IE\4.0.2\config.ini
c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
c:\program files\Dealio Toolbar\Res\amazon.gif
c:\program files\Dealio Toolbar\Res\apple.gif
c:\program files\Dealio Toolbar\Res\barnes.gif
c:\program files\Dealio Toolbar\Res\bestbuy.gif
c:\program files\Dealio Toolbar\Res\dealio_logo.gif
c:\program files\Dealio Toolbar\Res\dealio_logo_hover.gif
c:\program files\Dealio Toolbar\Res\ebay.gif
c:\program files\Dealio Toolbar\Res\icon_settings.gif
c:\program files\Dealio Toolbar\Res\macys.gif
c:\program files\Dealio Toolbar\Res\newegg.gif
c:\program files\Dealio Toolbar\Res\overstock.gif
c:\program files\Dealio Toolbar\Res\search-button-hover.gif
c:\program files\Dealio Toolbar\Res\search-button.gif
c:\program files\Dealio Toolbar\Res\search-chevron-hover.gif
c:\program files\Dealio Toolbar\Res\search-chevron.gif
c:\program files\Dealio Toolbar\Res\search_amazon.gif
c:\program files\Dealio Toolbar\Res\search_dealio.gif
c:\program files\Dealio Toolbar\Res\search_ebay.gif
c:\program files\Dealio Toolbar\Res\search_yahoo.gif
c:\program files\Dealio Toolbar\Res\target.gif
c:\program files\Dealio Toolbar\Res\walmart.gif
c:\program files\Dealio Toolbar\Res\widgets.xml
c:\program files\Dealio Toolbar\WidgiHelper.exe
c:\program files\Search Settings
c:\program files\Search Settings\FF\components\IFBHOSearch.xpt
c:\program files\Search Settings\FF\components\IFBHOSearchHelperEngine.xpt
c:\program files\Search Settings\FF\components\IFHelperPreferences.xpt
c:\program files\Search Settings\FF\components\SearchSettingsFF.dll
c:\program files\Search Settings\FF\chrome.manifest
c:\program files\Search Settings\FF\chrome\content\plugin.js
c:\program files\Search Settings\FF\chrome\content\plugin.xul
c:\program files\Search Settings\FF\chrome\content\protection.js
c:\program files\Search Settings\FF\chrome\content\utils.js
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.dtd
c:\program files\Search Settings\FF\chrome\locale\en-US\searchsettingsplugin.properties
c:\program files\Search Settings\FF\install.rdf
c:\program files\Search Settings\SearchSettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\windows\regedit.com
c:\windows\system32\taskmgr.com
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNET
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-20 do 2010-02-20 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 07:38 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\TechniSat DVB
2010-02-05 06:46 . 2010-02-16 07:06 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 11:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2010-2-5 338448]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
BHO-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\Search Settings\SearchSettings.dll
Toolbar-{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - c:\program files\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
MSConfigStartUp-Cmaudio - cmicnfg.cpl
AddRemove-PC Translator - c:\docume~1\COMPUT~1\LOCALS~1\Temp\UN32.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-20 09:09
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8631B6C8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x8631b6c8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(560)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-20 09:12:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-20 08:12
Před spuštěním: Volných bajtů: 20 347 117 568
Po spuštění: Volných bajtů: 20 681 097 216
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
- - End Of File - - EA7AF33A1E3D27D892686F6B2A15E5C7
[quote="meteorolog"]Dobrý den
pošlete ještě log z Combofix:
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
toto stáhněte, uložte na c:\ a rozbalte archiv rovněž na c:\, je v něm soubor atapi.sys - http://leteckaposta.cz/971047499
otevřte poznámkový blok (Notepad) a zkopírujte do něj následující text:
spustí se ComboFix a vykoná příkaz ze skriptu - potom pošlete nový log
otevřte poznámkový blok (Notepad) a zkopírujte do něj následující text:
Soubor uložte na plochu jako CFScript.txt a podle obrázku přetáhněte nad ComboFixKillAll::
FCopy::
c:\atapi.sys | c:\windows\System32\drivers\atapi.sys
spustí se ComboFix a vykoná příkaz ze skriptu - potom pošlete nový log
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
ComboFix 10-02-19.04 - Martina 21.02.2010 6:43.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.722 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martina\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-20 18:38 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
2010-02-05 05:55 . 2010-02-05 05:55 -------- d-----w- c:\program files\HD Tune Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 10:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 06:49
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x865B1E98]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x865b1e98
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1368)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-21 06:52:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-21 05:52
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 727 336 960
Po spuštění: Volných bajtů: 20 694 224 896
- - End Of File - - 85B29CD8F096321AE256DAD28DC2D37E
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.722 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Martina\Plocha\CFScript.txt
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-20 18:38 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
2010-02-05 05:55 . 2010-02-05 05:55 -------- d-----w- c:\program files\HD Tune Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-14 10:00 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 06:49
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x865B1E98]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x865b1e98
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(1368)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-21 06:52:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-21 05:52
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 727 336 960
Po spuštění: Volných bajtů: 20 694 224 896
- - End Of File - - 85B29CD8F096321AE256DAD28DC2D37E
meteorolog píše:toto stáhněte, uložte na c:\ a rozbalte archiv rovněž na c:\, je v něm soubor atapi.sys - http://leteckaposta.cz/971047499
otevřte poznámkový blok (Notepad) a zkopírujte do něj následující text:
Soubor uložte na plochu jako CFScript.txt a podle obrázku přetáhněte nad ComboFixKillAll::
FCopy::
c:\atapi.sys | c:\windows\System32\drivers\atapi.sys
spustí se ComboFix a vykoná příkaz ze skriptu - potom pošlete nový log
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
stáhněte avenger - http://www.viry.cz/forum/viewtopic.php?f=15&t=19832 a použijte tento script:
potom pošlete log (C:\avenger.txt) a nový log z Combofix (normální spuštění bez scriptu)Begin copying here:
Files to move:
c:\atapi.sys | c:\windows\system32\drivers\atapi.sys
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\drivers\atapi.sys" completed successfully.
Completed script processing.
*******************
Finished! Terminate.
ComboFix 10-02-20.04 - Martina 21.02.2010 8:49.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.717 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-20 18:38 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
2010-02-05 05:55 . 2010-02-05 05:55 -------- d-----w- c:\program files\HD Tune Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 21:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 08:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x863C79E0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x863c79e0
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2628)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-21 08:58:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-21 07:58
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 643 295 232
Po spuštění: Volných bajtů: 20 610 842 624
- - End Of File - - 74C811E16D24C4A3C7756E638557EE97
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\drivers\atapi.sys" completed successfully.
Completed script processing.
*******************
Finished! Terminate.
ComboFix 10-02-20.04 - Martina 21.02.2010 8:49.4.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.717 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:20 . 2004-03-12 21:41 5248 ----a-w- c:\windows\system32\drivers\d346prt.sys
2010-02-06 07:20 . 2004-03-12 21:41 156800 ----a-w- c:\windows\system32\drivers\d346bus.sys
2010-02-06 07:20 . 2010-02-06 07:20 -------- d-----w- c:\program files\D-Tools
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\MainConcept
2010-02-05 06:46 . 2010-02-20 18:38 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-05 06:45 . 2010-02-16 07:06 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-05 06:42 . 2000-09-18 16:07 63488 ----a-w- c:\windows\system32\FazztCtrs.dll
2010-02-05 06:42 . 2010-02-05 06:42 -------- d-----w- c:\program files\KenCast
2010-02-05 06:37 . 2010-02-05 06:37 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-05 06:11 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2010-02-05 05:58 . 2010-02-05 05:58 -------- d-----w- c:\program files\HDDScan
2010-02-05 05:55 . 2010-02-05 05:55 -------- d-----w- c:\program files\HD Tune Pro
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
------- Sigcheck -------
[7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\atapi.sys
[-] 2008-04-13 21:10 . !HASH: COULD NOT OPEN FILE !!!!! . 96512 . . [------] . . c:\windows\system32\drivers\atapi.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-03-12 81920]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R0 d346bus;d346bus;c:\windows\system32\drivers\d346bus.sys [6.2.2010 8:20 156800]
R0 d346prt;d346prt;c:\windows\system32\drivers\d346prt.sys [6.2.2010 8:20 5248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 08:55
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x863C79E0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf7872f28
\Driver\ACPI -> ACPI.sys @ 0xf77becb8
\Driver\atapi -> 0x863c79e0
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0598
ParseProcedure -> ntoskrnl.exe @ 0x8056ea15
NDIS: ADMtek AN983 10/100 PCI Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7646b0a
PacketIndicateHandler -> NDIS.sys @ 0xf7651a21
SendHandler -> NDIS.sys @ 0xf7646949
Warning: possible MBR rootkit infection !
user & kernel MBR OK
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'explorer.exe'(2628)
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WgaTray.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\devldr32.exe
c:\windows\system32\wpabaln.exe
.
**************************************************************************
.
Celkový čas: 2010-02-21 08:58:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-02-21 07:58
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 643 295 232
Po spuštění: Volných bajtů: 20 610 842 624
- - End Of File - - 74C811E16D24C4A3C7756E638557EE97
meteorolog píše:stáhněte avenger - http://www.viry.cz/forum/viewtopic.php?f=15&t=19832 a použijte tento script:
potom pošlete log (C:\avenger.txt) a nový log z Combofix (normální spuštění bez scriptu)Begin copying here:
Files to move:
c:\atapi.sys | c:\windows\system32\drivers\atapi.sys
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
odinstalujte prosím všechny virtuální jednotky od Daemonu nebo Alcoholu
Potom stáhněte SPTD http://www.duplexsecure.com/en/downloads
- vyberte verzi podle svého operačního systému - SPTD for Windows (32 bit) nebo (64 bit)
- uložte na plochu a spusťte
- zvolte možnost Uninstall a restartujte PC
a pošlete ještě logy z GMER - http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
Potom stáhněte SPTD http://www.duplexsecure.com/en/downloads- vyberte verzi podle svého operačního systému - SPTD for Windows (32 bit) nebo (64 bit)
- uložte na plochu a spusťte
- zvolte možnost Uninstall a restartujte PC
a pošlete ještě logy z GMER - http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-21 11:43:16
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Martina\LOCALS~1\Temp\kgqiraod.sys
---- System - GMER 1.0.15 ----
SSDT spch.sys ZwEnumerateKey [0xF7733DA4]
SSDT spch.sys ZwEnumerateValueKey [0xF7734132]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 867D91F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
---- Threads - GMER 1.0.15 ----
Thread System [4:536] 8600B930
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-21 13:45:59
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Martina\LOCALS~1\Temp\kgqiraod.sys
---- System - GMER 1.0.15 ----
SSDT 8600D8A0 ZwAssignProcessToJobObject
SSDT spch.sys ZwCreateKey [0xF771B0E0]
SSDT spch.sys ZwEnumerateKey [0xF7733DA4]
SSDT spch.sys ZwEnumerateValueKey [0xF7734132]
SSDT spch.sys ZwOpenKey [0xF771B0C0]
SSDT 8600CCB0 ZwOpenProcess
SSDT 8600D0D0 ZwOpenThread
SSDT spch.sys ZwQueryKey [0xF773420A]
SSDT spch.sys ZwQueryValueKey [0xF773408A]
SSDT spch.sys ZwSetValueKey [0xF773429C]
SSDT 8600D6D0 ZwSuspendProcess
SSDT 8600D4F0 ZwSuspendThread
SSDT 8600CEE0 ZwTerminateProcess
SSDT 8600D310 ZwTerminateThread
INT 0x62 ? 867DABF8
INT 0x82 ? 867DABF8
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!_abnormal_termination + 169 804E27D5 3 Bytes [3D, 73, F7]
? spch.sys Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF685E360, 0x37388D, 0xE8000020]
.text USBPORT.SYS!DllUnload F67B18AC 5 Bytes JMP 8636F4E0
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\SearchIndexer.exe[592] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[952] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 8676F2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7746DDC] spch.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7746E30] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F771C042] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F771C13E] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F771C0C0] spch.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F771C800] spch.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F771C6D6] spch.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 8636F5E0
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F772BB90] spch.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 867D91F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBPDO-0 86370500
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8676D1F8
Device \Driver\usbuhci \Device\USBPDO-1 86370500
Device \Driver\NetBT \Device\NetBT_Tcpip_{8DEC6CE6-B404-4490-82AD-1FAC43872E5E} 860B31F8
Device \Driver\usbuhci \Device\USBPDO-2 86370500
Device \Driver\usbehci \Device\USBPDO-3 86309500
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\Ftdisk \Device\HarddiskVolume1 867DB1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 867DB1F8
Device \Driver\Cdrom \Device\CdRom0 86316368
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 860B31F8
Device \Driver\NetBT \Device\NetbiosSmb 860B31F8
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBFDO-0 86370500
Device \Driver\usbuhci \Device\USBFDO-1 86370500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85FFA1F8
Device \Driver\usbuhci \Device\USBFDO-2 86370500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 85FFA1F8
Device \Driver\usbehci \Device\USBFDO-3 86309500
Device \Driver\Ftdisk \Device\FtControl 867DB1F8
Device \FileSystem\Cdfs \Cdfs 8642E500
---- Threads - GMER 1.0.15 ----
Thread System [4:536] 8600B930
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
---- EOF - GMER 1.0.15 ----
Rootkit quick scan 2010-02-21 11:43:16
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Martina\LOCALS~1\Temp\kgqiraod.sys
---- System - GMER 1.0.15 ----
SSDT spch.sys ZwEnumerateKey [0xF7733DA4]
SSDT spch.sys ZwEnumerateValueKey [0xF7734132]
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 867D91F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
---- Threads - GMER 1.0.15 ----
Thread System [4:536] 8600B930
---- EOF - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-21 13:45:59
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Martina\LOCALS~1\Temp\kgqiraod.sys
---- System - GMER 1.0.15 ----
SSDT 8600D8A0 ZwAssignProcessToJobObject
SSDT spch.sys ZwCreateKey [0xF771B0E0]
SSDT spch.sys ZwEnumerateKey [0xF7733DA4]
SSDT spch.sys ZwEnumerateValueKey [0xF7734132]
SSDT spch.sys ZwOpenKey [0xF771B0C0]
SSDT 8600CCB0 ZwOpenProcess
SSDT 8600D0D0 ZwOpenThread
SSDT spch.sys ZwQueryKey [0xF773420A]
SSDT spch.sys ZwQueryValueKey [0xF773408A]
SSDT spch.sys ZwSetValueKey [0xF773429C]
SSDT 8600D6D0 ZwSuspendProcess
SSDT 8600D4F0 ZwSuspendThread
SSDT 8600CEE0 ZwTerminateProcess
SSDT 8600D310 ZwTerminateThread
INT 0x62 ? 867DABF8
INT 0x82 ? 867DABF8
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
INT 0xB4 ? 8636FF00
---- Kernel code sections - GMER 1.0.15 ----
.text ntoskrnl.exe!_abnormal_termination + 169 804E27D5 3 Bytes [3D, 73, F7]
? spch.sys Systém nemůže nalézt uvedený soubor. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF685E360, 0x37388D, 0xE8000020]
.text USBPORT.SYS!DllUnload F67B18AC 5 Bytes JMP 8636F4E0
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\SearchIndexer.exe[592] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[952] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 4 Bytes [C2, 04, 00, 00]
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \WINDOWS\System32\Drivers\SCSIPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 8676F2D8
IAT pci.sys[ntoskrnl.exe!IoDetachDevice] [F7746DDC] spch.sys
IAT pci.sys[ntoskrnl.exe!IoAttachDeviceToDeviceStack] [F7746E30] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F771C042] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F771C13E] spch.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F771C0C0] spch.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F771C800] spch.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F771C6D6] spch.sys
IAT \SystemRoot\system32\DRIVERS\USBPORT.SYS[ntoskrnl.exe!DbgBreakPoint] 8636F5E0
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F772BB90] spch.sys
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 867D91F8
AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET)
AttachedDevice \Driver\Tcpip \Device\Ip epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBPDO-0 86370500
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8676D1F8
Device \Driver\dmio \Device\DmControl\DmConfig 8676D1F8
Device \Driver\dmio \Device\DmControl\DmPnP 8676D1F8
Device \Driver\dmio \Device\DmControl\DmInfo 8676D1F8
Device \Driver\usbuhci \Device\USBPDO-1 86370500
Device \Driver\NetBT \Device\NetBT_Tcpip_{8DEC6CE6-B404-4490-82AD-1FAC43872E5E} 860B31F8
Device \Driver\usbuhci \Device\USBPDO-2 86370500
Device \Driver\usbehci \Device\USBPDO-3 86309500
AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\Ftdisk \Device\HarddiskVolume1 867DB1F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 867DB1F8
Device \Driver\Cdrom \Device\CdRom0 86316368
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-e [F766FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 860B31F8
Device \Driver\NetBT \Device\NetbiosSmb 860B31F8
AttachedDevice \Driver\Tcpip \Device\Udp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
AttachedDevice \Driver\Tcpip \Device\RawIp epfwtdi.sys (ESET Personal Firewall TDI filter/ESET)
Device \Driver\usbuhci \Device\USBFDO-0 86370500
Device \Driver\usbuhci \Device\USBFDO-1 86370500
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85FFA1F8
Device \Driver\usbuhci \Device\USBFDO-2 86370500
Device \FileSystem\MRxSmb \Device\LanmanRedirector 85FFA1F8
Device \Driver\usbehci \Device\USBFDO-3 86309500
Device \Driver\Ftdisk \Device\FtControl 867DB1F8
Device \FileSystem\Cdfs \Cdfs 8642E500
---- Threads - GMER 1.0.15 ----
Thread System [4:536] 8600B930
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
---- EOF - GMER 1.0.15 ----
meteorolog píše:odinstalujte prosím všechny virtuální jednotky od Daemonu nebo Alcoholu
- vyberte verzi podle svého operačního systému - SPTD for Windows (32 bit) nebo (64 bit)
- uložte na plochu a spusťte
- zvolte možnost Uninstall a restartujte PC
a pošlete ještě logy z GMER - http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
OK, znovu spusťte avenger s tímnto scriptem:
potom pošlete log (C:\avenger.txt) a nový log z Combofix (normální spuštění bez scriptu)Begin copying here:
Files to move:
c:\atapi.sys | c:\windows\system32\drivers\atapi.sys
c:\atapi.sys | c:\windows\system32\dllcache\atapi.sys
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
Avenger jsem spouštěla 2x, jelikož druhý příkaz se neprovedl (prvním příkazem
se soubor atapi.sys přesunul).
Pak jsem spustila Combofix, pocitac se hned restarotval a nechtel nabehnout,
psalo to jen nacitani osobniho nastaveni a tam se to seklo. Proto jsem musela dat
spusteni pres posledni znamou konfiguraci a tak pc nabehlo a Combofix se pri
nabihani spustil, tak snad bude log O.K. nebo mam radeji Combofix zpustit znovu ??
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\drivers\atapi.sys" completed successfully.
Error: file "c:\atapi.sys" not found!
File move operation "c:\atapi.sys|c:\windows\system32\dllcache\atapi.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\dllcache\atapi.sys" completed successfully.
Completed script processing.
*******************
Finished! Terminate.
ComboFix 10-02-20.04 - Martina 21.02.2010 16:30:44.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.718 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-21 15:00 . 2010-02-21 15:03 -------- d-----w- C:\aven log
2010-02-21 10:37 . 2010-02-21 10:37 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-21 09:50 . 2006-01-10 11:52 118784 ------w- c:\windows\system32\fppr232.dll
2010-02-21 09:50 . 2006-01-10 11:45 303104 ------w- c:\windows\system32\fppmon2.dll
2010-02-21 09:38 . 2004-04-23 06:00 7680 ----a-w- c:\windows\system32\CNMVS5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 54272 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 17920 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 116736 ----a-w- c:\windows\system32\CNMLM5y.DLL
2010-02-21 09:38 . 2004-03-11 17:06 86016 ----a-w- c:\windows\system32\CNMCP5y.exe
2010-02-21 09:38 . 2010-02-21 09:38 -------- d-----w- C:\BJPrinter
2010-02-21 09:33 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-02-21 09:33 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-20_08.09.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-21 09:38 . 2004-04-23 06:00 80896 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMPV5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 30320 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP25y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 27140 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP15y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 23280 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP05y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 19456 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMFU5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 61952 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMCP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 80896 c:\windows\system32\spool\drivers\w32x86\3\CNMPV5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 30320 c:\windows\system32\spool\drivers\w32x86\3\CNMP25y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 27140 c:\windows\system32\spool\drivers\w32x86\3\CNMP15y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 23280 c:\windows\system32\spool\drivers\w32x86\3\CNMP05y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 19456 c:\windows\system32\spool\drivers\w32x86\3\CNMFU5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 61952 c:\windows\system32\spool\drivers\w32x86\3\CNMCP5y.DLL
+ 2008-04-14 08:00 . 2008-04-13 22:10 96512 c:\windows\system32\drivers\atapi.sys
- 2008-04-14 11:00 . 2008-04-14 11:00 96512 c:\windows\system32\drivers\atapi.sys
- 2008-04-14 11:00 . 2008-04-14 11:00 96512 c:\windows\system32\dllcache\atapi.sys
+ 2008-04-14 08:00 . 2008-04-13 22:10 96512 c:\windows\system32\dllcache\atapi.sys
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMW35y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSQ5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 8704 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSD5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMPI5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMW35y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMSQ5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 8704 c:\windows\system32\spool\drivers\w32x86\3\CNMSD5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMPI5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 219136 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 614912 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUM5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 205312 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 110592 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 130048 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSM5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 758784 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 106496 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMOP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 397824 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMDR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 153600 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMD55y.DLL
+ 2010-02-21 09:50 . 2006-01-10 11:52 118784 c:\windows\system32\spool\drivers\w32x86\3\fppr232.dll
+ 2010-02-21 09:50 . 2006-01-10 11:45 303104 c:\windows\system32\spool\drivers\w32x86\3\fppmon2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:46 380928 c:\windows\system32\spool\drivers\w32x86\3\fppint2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:44 425984 c:\windows\system32\spool\drivers\w32x86\3\fppinst2.exe
+ 2010-02-21 09:50 . 2006-01-10 11:45 528384 c:\windows\system32\spool\drivers\w32x86\3\fppgraf2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:42 495616 c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe
+ 2010-02-21 09:50 . 2006-01-10 11:42 761856 c:\windows\system32\spool\drivers\w32x86\3\fppdes2a.dll
+ 2010-02-21 09:38 . 2004-04-23 06:00 219136 c:\windows\system32\spool\drivers\w32x86\3\CNMUR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 614912 c:\windows\system32\spool\drivers\w32x86\3\CNMUM5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 205312 c:\windows\system32\spool\drivers\w32x86\3\CNMUB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 110592 c:\windows\system32\spool\drivers\w32x86\3\CNMSR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 130048 c:\windows\system32\spool\drivers\w32x86\3\CNMSM5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 758784 c:\windows\system32\spool\drivers\w32x86\3\CNMSB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 106496 c:\windows\system32\spool\drivers\w32x86\3\CNMOP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 397824 c:\windows\system32\spool\drivers\w32x86\3\CNMDR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 153600 c:\windows\system32\spool\drivers\w32x86\3\CNMD55y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 1571840 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUI5y.DLL
+ 2010-02-21 09:50 . 2006-01-10 11:44 1761280 c:\windows\system32\spool\drivers\w32x86\3\fppui2a.dll
+ 2010-02-21 09:38 . 2004-04-23 06:00 1571840 c:\windows\system32\spool\drivers\w32x86\3\CNMUI5y.DLL
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2006-01-10 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.2.2010 11:37 691696]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 16:35
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-02-21 16:36:57
ComboFix-quarantined-files.txt 2010-02-21 15:36
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 428 247 040
Po spuštění: Volných bajtů: 20 390 699 008
- - End Of File - - A263B97F32C3A9B177B7F551B861914E
se soubor atapi.sys přesunul).
Pak jsem spustila Combofix, pocitac se hned restarotval a nechtel nabehnout,
psalo to jen nacitani osobniho nastaveni a tam se to seklo. Proto jsem musela dat
spusteni pres posledni znamou konfiguraci a tak pc nabehlo a Combofix se pri
nabihani spustil, tak snad bude log O.K. nebo mam radeji Combofix zpustit znovu ??
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\drivers\atapi.sys" completed successfully.
Error: file "c:\atapi.sys" not found!
File move operation "c:\atapi.sys|c:\windows\system32\dllcache\atapi.sys" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist
Completed script processing.
*******************
Finished! Terminate.
Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com
Platform: Windows XP
*******************
Script file opened successfully.
Script file read successfully.
Backups directory opened successfully at C:\Avenger
*******************
Beginning to process script file:
Rootkit scan active.
No rootkits found!
File move operation "c:\atapi.sys|c:\windows\system32\dllcache\atapi.sys" completed successfully.
Completed script processing.
*******************
Finished! Terminate.
ComboFix 10-02-20.04 - Martina 21.02.2010 16:30:44.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1024.718 [GMT 1:00]
Spuštěný z: c:\documents and settings\Martina\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-21 do 2010-02-21 )))))))))))))))))))))))))))))))
.
2010-02-21 15:00 . 2010-02-21 15:03 -------- d-----w- C:\aven log
2010-02-21 10:37 . 2010-02-21 10:37 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-02-21 09:50 . 2006-01-10 11:52 118784 ------w- c:\windows\system32\fppr232.dll
2010-02-21 09:50 . 2006-01-10 11:45 303104 ------w- c:\windows\system32\fppmon2.dll
2010-02-21 09:38 . 2004-04-23 06:00 7680 ----a-w- c:\windows\system32\CNMVS5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 54272 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 17920 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD5y.DLL
2010-02-21 09:38 . 2004-04-23 06:00 116736 ----a-w- c:\windows\system32\CNMLM5y.DLL
2010-02-21 09:38 . 2004-03-11 17:06 86016 ----a-w- c:\windows\system32\CNMCP5y.exe
2010-02-21 09:38 . 2010-02-21 09:38 -------- d-----w- C:\BJPrinter
2010-02-21 09:33 . 2008-04-13 23:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-02-21 09:33 . 2008-04-13 23:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-02-20 07:31 . 2010-02-20 07:31 548 ----a-w- C:\outlook.reg
2010-02-20 07:19 . 2010-02-20 18:54 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\VDLL.DLL
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\system32\runouce.exe
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\RUNDL132.EXE
2010-02-19 19:51 . 2010-02-19 19:51 -------- d---a-w- c:\windows\logo_1.exe
2010-02-19 19:34 . 2010-02-19 19:34 632064 ----a-w- c:\windows\system32\msvcr80.dll
2010-02-19 19:34 . 2010-02-19 19:34 554240 ----a-w- c:\windows\system32\msvcp80.dll
2010-02-19 19:34 . 2010-02-19 19:34 34048 ----a-w- c:\windows\system32\eEmpty.exe
2010-02-19 19:34 . 2008-04-14 12:00 137216 ----a-w- c:\windows\system32\T.COM
2010-02-19 19:34 . 2008-04-14 12:00 147968 ----a-w- c:\windows\R.COM
2010-02-19 19:34 . 2010-02-19 19:34 -------- d-----w- c:\program files\Common Files\MicroWorld
2010-02-19 18:51 . 2010-02-19 18:51 -------- d-----w- c:\program files\CCleaner
2010-02-19 18:46 . 2010-02-19 18:46 -------- d-sh--w- c:\documents and settings\Martina\IECompatCache
2010-02-18 06:50 . 2001-10-24 11:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-02-18 06:50 . 2008-04-14 07:51 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-02-18 06:50 . 2008-04-13 23:15 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-02-18 06:50 . 2008-04-13 23:15 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-02-16 08:32 . 2010-02-16 08:32 -------- d-----w- c:\program files\AVIVA
2010-02-16 07:07 . 2001-03-08 17:30 24064 ------w- c:\windows\system32\msxml3a.dll
2010-02-16 07:06 . 2010-02-16 07:07 -------- d-----w- c:\program files\CyberLink
2010-02-16 07:04 . 2003-10-28 10:02 20016 ------w- c:\windows\system32\drivers\pxhelp20.sys
2010-02-16 07:03 . 2010-02-16 07:05 -------- d-----w- c:\program files\Winamp
2010-02-16 07:01 . 2010-02-16 07:01 -------- d-----w- c:\program files\XviD
2010-02-16 07:00 . 2010-02-16 07:02 -------- d-----w- c:\program files\DivX
2010-02-16 06:56 . 2010-02-16 06:56 -------- d-----w- c:\program files\Webteh
2010-02-14 09:44 . 2010-02-14 09:49 -------- d-----w- c:\program files\TRANSLAT
2010-02-14 09:40 . 2010-02-14 09:40 -------- d-----w- C:\chata
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\Ikony
2010-02-14 07:02 . 1998-02-06 21:37 299520 ----a-w- c:\windows\uninst.exe
2010-02-14 07:02 . 2010-02-14 07:02 -------- d-----w- c:\program files\GIF Icon Gallery
2010-02-14 07:01 . 2010-02-14 07:01 -------- d-----w- C:\Favicon
2010-02-12 19:32 . 2010-02-12 19:33 -------- d-----w- C:\chata kacerov
2010-02-12 18:50 . 2010-02-12 18:51 -------- d-----w- c:\program files\Common Files\Macromedia
2010-02-12 18:17 . 2010-02-12 18:17 -------- d-----w- c:\windows\system32\QuickTime
2010-02-12 18:17 . 2010-02-12 18:56 -------- d-----w- c:\program files\Macromedia
2010-02-08 18:25 . 2010-02-08 18:25 543504 ----a-w- C:\skola_roz.zip
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-02-08 17:57 . 2010-02-08 17:57 -------- d-----w- c:\program files\ACD Systems
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- C:\MAC
2010-02-08 17:19 . 2010-02-08 17:19 -------- d-----w- c:\program files\WinPcap
2010-02-08 17:18 . 2010-02-08 17:20 -------- d-----w- c:\program files\Wireshark
2010-02-08 08:14 . 2010-02-17 13:29 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-07 08:33 . 2010-02-07 08:33 -------- d-----w- c:\program files\MSXML 4.0
2010-02-07 08:30 . 2010-02-07 08:30 701467 ----a-w- C:\hr_skola.zip
2010-02-07 08:00 . 2010-02-07 08:01 -------- d-----w- c:\windows\ShellNew
2010-02-06 12:39 . 2009-12-08 05:47 4194304 ----a-w- c:\windows\system32\cdintf400.dll
2010-02-06 12:39 . 2010-02-06 12:39 4096 ----a-w- c:\windows\system32\Ry4CoInst.dll
2010-02-06 12:39 . 2010-02-06 12:39 12928 ----a-w- c:\windows\system32\drivers\Rockey4USB.sys
2010-02-06 12:39 . 2010-02-06 12:39 22016 ----a-w- c:\windows\system32\drivers\Rockey4.sys
2010-02-06 12:37 . 2010-02-06 12:39 -------- d-----w- c:\program files\KROSplus
2010-02-06 12:37 . 2010-02-08 18:26 -------- d-----w- C:\KROSplusData
2010-02-06 08:56 . 2010-02-06 08:56 -------- d-----w- c:\program files\ABAK
2010-02-06 08:55 . 1998-01-23 11:19 304640 ----a-w- c:\windows\IsUn0405.exe
2010-02-06 07:35 . 2010-02-09 17:05 -------- d-----w- C:\Hrom
2010-02-06 07:27 . 2010-02-06 07:27 -------- d-----w- c:\program files\Autodesk
2010-02-06 07:26 . 2010-02-06 07:26 -------- d-----w- c:\program files\AnswerWorks 4.0
2010-02-06 07:24 . 2010-02-06 07:32 -------- d-----w- c:\program files\AutoCAD 2005
2010-02-06 07:24 . 2010-02-06 07:27 -------- d-----w- c:\program files\Common Files\Autodesk Shared
2010-02-06 07:19 . 2010-02-12 18:49 -------- d-----w- c:\windows\Downloaded Installations
2010-02-05 20:13 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-05 20:13 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-05 20:13 . 2010-02-05 20:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-05 18:54 . 2010-02-20 05:47 -------- d-----w- c:\program files\trend micro
2010-02-05 18:54 . 2010-02-05 18:56 -------- d-----w- C:\rsit
2010-02-05 16:40 . 2010-02-14 17:58 8 ----a-w- c:\windows\system32\nvModes.dat
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\windows\system32\XPSViewer
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\MSBuild
2010-02-05 15:24 . 2010-02-05 15:24 -------- d-----w- c:\program files\Reference Assemblies
2010-02-05 15:23 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-02-05 15:23 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-02-05 15:23 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-02-05 15:23 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-02-05 15:23 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-02-05 15:19 . 2010-02-06 07:01 -------- d-----w- c:\program files\Windows Desktop Search
2010-02-05 15:18 . 2010-02-05 15:18 -------- d-----w- c:\program files\Windows Media Connect 2
2010-02-05 15:16 . 2010-02-05 15:17 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-02-05 15:16 . 2010-02-05 15:16 -------- d-----w- c:\windows\system32\LogFiles
2010-02-05 15:14 . 2010-02-05 15:14 -------- d-----w- c:\windows\system32\URTTemp
2010-02-05 11:33 . 2010-02-05 11:33 -------- d-sh--w- c:\documents and settings\Martina\PrivacIE
2010-02-05 08:56 . 2010-02-05 08:56 -------- d-----w- c:\program files\Western Digital Corporation
2010-02-05 08:49 . 2010-02-05 08:49 -------- d-sh--w- c:\documents and settings\Martina\IETldCache
2010-02-05 08:41 . 2009-12-11 08:38 69120 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-02-05 08:40 . 2010-02-05 08:40 -------- d-----w- c:\windows\ie8updates
2010-02-05 08:40 . 2009-12-21 19:08 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-02-05 08:40 . 2009-12-21 19:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-05 08:40 . 2009-12-21 19:08 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-02-05 08:40 . 2009-12-21 19:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-02-05 08:40 . 2009-12-21 19:08 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-02-05 08:40 . 2009-12-21 19:08 11070464 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-02-05 08:39 . 2010-02-05 08:39 -------- dc-h--w- c:\windows\ie8
2010-02-05 07:42 . 2009-12-09 10:11 2147328 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-05 07:42 . 2009-12-09 10:11 2068224 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-05 07:42 . 2009-12-09 10:11 2025984 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-02-05 07:39 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-02-05 07:39 . 2008-06-14 17:35 272128 ------w- c:\windows\system32\drivers\bthport.sys
2010-02-05 07:26 . 2009-12-04 18:22 455424 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-05 07:22 . 2010-02-15 08:36 -------- d-----w- c:\program files\dvbdream
2010-02-05 07:14 . 2010-02-05 07:14 -------- d-----w- c:\windows\nview
2010-02-05 07:14 . 2008-05-16 13:01 446464 ----a-w- c:\windows\system32\nvudisp.exe
2010-02-05 07:14 . 2008-05-16 10:48 446464 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-02-05 06:54 . 2009-10-08 18:27 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2010-02-05 06:54 . 2009-07-05 20:33 60273 ----a-w- c:\windows\system32\pthreadGC2.dll
2010-02-05 06:54 . 2010-02-16 07:02 -------- d-----w- c:\program files\ffdshow
2010-02-05 06:50 . 2002-01-18 01:01 54784 ----a-r- c:\windows\system32\drivers\wlanNDS.sys
2010-02-05 06:50 . 2002-01-18 01:01 50176 ----a-r- c:\windows\system32\drivers\wlanUSB.sys
2010-02-05 06:47 . 2009-05-12 14:12 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2010-02-05 06:47 . 2010-02-10 08:18 -------- d--h--w- c:\windows\$hf_mig$
2010-02-05 06:46 . 2010-02-05 06:46 -------- d-----w- c:\program files\DVBViewer TE2
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-19 11:07 . 2010-02-19 11:07 -------- d-----w- c:\program files\Application Updater
2010-02-19 11:07 . 2010-02-19 11:06 -------- d-----w- c:\program files\Free Audio Pack
2010-02-12 09:45 . 2008-04-14 12:00 91062 ----a-w- c:\windows\system32\perfc005.dat
2010-02-12 09:45 . 2008-04-14 12:00 459394 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 20:30 . 2010-02-04 20:17 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-05 20:30 . 2010-02-04 20:17 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-05 20:29 . 2010-02-04 20:17 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-04 20:34 . 2010-02-04 20:34 0 ----a-w- c:\windows\nsreg.dat
2010-02-04 20:18 . 2010-02-04 20:18 -------- d-----w- c:\program files\microsoft frontpage
2010-02-04 20:14 . 2010-02-04 20:14 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-01-08 17:43 . 2010-01-08 17:43 1709056 ----a-r- c:\windows\system32\XlsImportLib.dll
2010-01-08 17:33 . 2010-01-08 17:33 24576 ----a-r- c:\windows\system32\AST.dll
2010-01-08 17:33 . 2010-01-08 17:33 73728 ----a-r- c:\windows\system32\ASPE.dll
2010-01-08 07:13 . 2010-01-08 07:13 33096 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2009-12-31 16:50 . 2008-04-14 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:08 . 2008-04-14 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-12-18 14:02 . 2009-12-18 14:02 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-12-17 07:42 . 2010-02-04 20:13 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2008-04-14 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2008-04-14 12:00 2191360 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2008-04-14 08:06 2068224 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 12:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2008-04-14 12:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2008-04-14 08:51 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2001-10-24 12:25 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2008-04-14 12:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2008-04-14 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2008-04-14 08:51 48128 ----a-w- c:\windows\system32\iyuv_32.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-02-20_08.09.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-02-21 09:38 . 2004-04-23 06:00 80896 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMPV5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 30320 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP25y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 27140 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP15y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 23280 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMP05y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 19456 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMFU5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 61952 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMCP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 80896 c:\windows\system32\spool\drivers\w32x86\3\CNMPV5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 30320 c:\windows\system32\spool\drivers\w32x86\3\CNMP25y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 27140 c:\windows\system32\spool\drivers\w32x86\3\CNMP15y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 23280 c:\windows\system32\spool\drivers\w32x86\3\CNMP05y.DAT
+ 2010-02-21 09:38 . 2004-04-23 06:00 19456 c:\windows\system32\spool\drivers\w32x86\3\CNMFU5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 61952 c:\windows\system32\spool\drivers\w32x86\3\CNMCP5y.DLL
+ 2008-04-14 08:00 . 2008-04-13 22:10 96512 c:\windows\system32\drivers\atapi.sys
- 2008-04-14 11:00 . 2008-04-14 11:00 96512 c:\windows\system32\drivers\atapi.sys
- 2008-04-14 11:00 . 2008-04-14 11:00 96512 c:\windows\system32\dllcache\atapi.sys
+ 2008-04-14 08:00 . 2008-04-13 22:10 96512 c:\windows\system32\dllcache\atapi.sys
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMW35y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSQ5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 8704 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSD5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMPI5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMW35y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMSQ5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 8704 c:\windows\system32\spool\drivers\w32x86\3\CNMSD5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 6656 c:\windows\system32\spool\drivers\w32x86\3\CNMPI5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 219136 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 614912 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUM5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 205312 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 110592 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 130048 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSM5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 758784 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMSB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 106496 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMOP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 397824 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMDR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 153600 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMD55y.DLL
+ 2010-02-21 09:50 . 2006-01-10 11:52 118784 c:\windows\system32\spool\drivers\w32x86\3\fppr232.dll
+ 2010-02-21 09:50 . 2006-01-10 11:45 303104 c:\windows\system32\spool\drivers\w32x86\3\fppmon2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:46 380928 c:\windows\system32\spool\drivers\w32x86\3\fppint2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:44 425984 c:\windows\system32\spool\drivers\w32x86\3\fppinst2.exe
+ 2010-02-21 09:50 . 2006-01-10 11:45 528384 c:\windows\system32\spool\drivers\w32x86\3\fppgraf2.dll
+ 2010-02-21 09:50 . 2006-01-10 11:42 495616 c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe
+ 2010-02-21 09:50 . 2006-01-10 11:42 761856 c:\windows\system32\spool\drivers\w32x86\3\fppdes2a.dll
+ 2010-02-21 09:38 . 2004-04-23 06:00 219136 c:\windows\system32\spool\drivers\w32x86\3\CNMUR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 614912 c:\windows\system32\spool\drivers\w32x86\3\CNMUM5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 205312 c:\windows\system32\spool\drivers\w32x86\3\CNMUB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 110592 c:\windows\system32\spool\drivers\w32x86\3\CNMSR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 130048 c:\windows\system32\spool\drivers\w32x86\3\CNMSM5y.EXE
+ 2010-02-21 09:38 . 2004-04-23 06:00 758784 c:\windows\system32\spool\drivers\w32x86\3\CNMSB5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 106496 c:\windows\system32\spool\drivers\w32x86\3\CNMOP5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 397824 c:\windows\system32\spool\drivers\w32x86\3\CNMDR5y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 153600 c:\windows\system32\spool\drivers\w32x86\3\CNMD55y.DLL
+ 2010-02-21 09:38 . 2004-04-23 06:00 1571840 c:\windows\system32\spool\drivers\w32x86\canonip150039e6\CNMUI5y.DLL
+ 2010-02-21 09:50 . 2006-01-10 11:44 1761280 c:\windows\system32\spool\drivers\w32x86\3\fppui2a.dll
+ 2010-02-21 09:38 . 2004-04-23 06:00 1571840 c:\windows\system32\spool\drivers\w32x86\3\CNMUI5y.DLL
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"FDDSTray"="c:\progra~1\KenCast\Fazzt\bin\FDDSTray.exe" [2000-12-07 25088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2006-01-10 495616]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 13:01 86016 ----a-w- c:\windows\system32\nvmctray.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 13:01 1630208 ----a-w- c:\windows\system32\nwiz.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
R2 Fazzt;Fazzt;c:\progra~1\KenCast\Fazzt\bin\FazztSrv.exe [5.2.2010 7:42 155136]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [21.2.2010 11:37 691696]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [6.11.2007 21:22 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service;c:\windows\system32\drivers\Rockey4USB.sys [6.2.2010 13:39 12928]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\drivers\wlanNDS.sys [5.2.2010 7:50 54784]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
TCP: {D18BEC18-D943-489D-9EB4-E48BB08F3C1D} = 192.168.242.97,217.112.162.34
FF - ProfilePath - c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=867034&p=
FF - component: c:\documents and settings\Martina\Data aplikací\Mozilla\Firefox\Profiles\nsvtscyt.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}\components\nsWebFF15.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-21 16:35
Windows 5.1.2600 Service Pack 3 NTFS
skenování skrytých procesů ...
skenování skrytých položek 'Po spuštění' ...
skenování skrytých souborů ...
sken byl úspešně dokončen
skryté soubory: 0
**************************************************************************
.
Celkový čas: 2010-02-21 16:36:57
ComboFix-quarantined-files.txt 2010-02-21 15:36
ComboFix2.txt 2010-02-20 11:56
Před spuštěním: Volných bajtů: 20 428 247 040
Po spuštění: Volných bajtů: 20 390 699 008
- - End Of File - - A263B97F32C3A9B177B7F551B861914E
meteorolog píše:OK, znovu spusťte avenger s tímnto scriptem:
potom pošlete log (C:\avenger.txt) a nový log z Combofix (normální spuštění bez scriptu)Begin copying here:
Files to move:
c:\atapi.sys | c:\windows\system32\drivers\atapi.sys
c:\atapi.sys | c:\windows\system32\dllcache\atapi.sys
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
uf 
oprava se podařila, už to vypadá OK
ještě použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter
potom CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
oprava se podařila, už to vypadá OK ještě použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter
potom CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Re: Počítač se mi zpomalil a seká se
Počítač už vypadá O.K. děkuji moc - pro jistotu ještě přikládám log
z RSIT.
Chtěla by jsem se ještě zeptat k čemu slouží SPTDinst-v162-x86.exe ?
A ještě jaké škody páchá rootkit třeba ten, který se dostal ke mě (odesílá
např. hesla z emailu, int. bankovnictví ?)?
A jak je možné, že když mám antivir Eset smart security, že se mi do PC dostane ?
a proč jej eset nenajde a neodstraní. jen MWAV mě při testu upozonil že tam mám vir.
Ještě jednou děkuji.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Martina at 2010-02-21 19:07:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (68%) free of 30 GB
Total RAM: 1024 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:36, on 21.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wpabaln.exe
C:\RSIT.exe
C:\Program Files\trend micro\Martina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FDDSTray] C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D18BEC18-D943-489D-9EB4-E48BB08F3C1D}: NameServer = 192.168.242.97,217.112.162.34
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Fazzt - KenCast, Inc. - C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 6562 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"FDDSTray"=C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe [2000-12-07 25088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"pdfFactory Pro Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2006-01-10 495616]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-02-21 19:07:21 ----D---- C:\rsit
2010-02-21 19:07:21 ----D---- C:\Program Files\trend micro
2010-02-21 19:07:10 ----A---- C:\RSIT.exe
2010-02-21 18:58:19 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-02-21 18:57:40 ----D---- C:\Program Files\Common Files\Ahead
2010-02-21 18:57:40 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-02-21 18:57:36 ----D---- C:\Program Files\Ahead
2010-02-21 18:21:40 ----D---- C:\Program Files\TechniSat DVB
2010-02-21 18:09:25 ----SHD---- C:\RECYCLER
2010-02-21 18:03:08 ----A---- C:\WINDOWS\wininit.ini
2010-02-21 11:30:51 ----D---- C:\WINDOWS\system32\appmgmt
2010-02-21 10:50:36 ----N---- C:\WINDOWS\system32\fppr232.dll
2010-02-21 10:50:36 ----N---- C:\WINDOWS\system32\fppmon2.dll
2010-02-21 10:38:33 ----A---- C:\WINDOWS\system32\CNMVS5y.DLL
2010-02-21 10:38:33 ----A---- C:\WINDOWS\system32\CNMLM5y.DLL
2010-02-21 10:38:30 ----A---- C:\WINDOWS\system32\CNMCP5y.exe
2010-02-21 10:38:28 ----HD---- C:\BJPrinter
2010-02-21 06:48:20 ----D---- C:\WINDOWS\temp
2010-02-20 08:59:46 ----A---- C:\Boot.bak
2010-02-20 08:59:43 ----RASHD---- C:\cmdcons
2010-02-20 08:19:36 ----D---- C:\Documents and Settings\Martina\Data aplikací\Thunderbird
2010-02-20 08:19:18 ----D---- C:\Program Files\Mozilla Thunderbird
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-19 20:34:10 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-19 19:51:19 ----D---- C:\Program Files\CCleaner
2010-02-19 16:39:15 ----D---- C:\Documents and Settings\Martina\Data aplikací\Search Settings
2010-02-19 12:07:43 ----D---- C:\Program Files\Application Updater
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-02-19 12:06:57 ----D---- C:\Program Files\Free Audio Pack
2010-02-19 12:06:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\FreeAudioPack
2010-02-18 07:50:25 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-02-18 07:50:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-02-16 09:32:42 ----D---- C:\Program Files\AVIVA
2010-02-16 08:07:25 ----N---- C:\WINDOWS\system32\msxml3a.dll
2010-02-16 08:06:15 ----D---- C:\Program Files\CyberLink
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\px.dll
2010-02-16 08:03:54 ----D---- C:\Program Files\Winamp
2010-02-16 08:03:54 ----A---- C:\WINDOWS\winamp.ini
2010-02-16 08:01:44 ----D---- C:\Program Files\XviD
2010-02-16 08:00:54 ----D---- C:\Program Files\DivX
2010-02-16 07:56:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\BSplayer Pro
2010-02-16 07:56:46 ----D---- C:\Program Files\Webteh
2010-02-15 09:36:10 ----A---- C:\WINDOWS\EurekaLog.ini
2010-02-14 10:46:04 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-14 10:44:16 ----D---- C:\Program Files\TRANSLAT
2010-02-14 08:02:53 ----A---- C:\WINDOWS\Ikony.ini
2010-02-14 08:02:35 ----D---- C:\Program Files\Ikony
2010-02-14 08:02:29 ----A---- C:\WINDOWS\uninst.exe
2010-02-13 18:50:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-02-13 18:49:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\LangSoft
2010-02-12 19:50:05 ----D---- C:\Program Files\Common Files\Macromedia
2010-02-12 19:17:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Macromedia
2010-02-12 19:17:39 ----D---- C:\WINDOWS\system32\QuickTime
2010-02-12 19:17:31 ----D---- C:\Program Files\Macromedia
2010-02-10 09:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 09:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 09:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:16:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 09:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 09:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-08 18:57:37 ----D---- C:\Documents and Settings\Martina\Data aplikací\ACD Systems
2010-02-08 18:57:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\Common Files\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\ACD Systems
2010-02-08 18:21:25 ----D---- C:\Documents and Settings\Martina\Data aplikací\Wireshark
2010-02-08 18:19:03 ----D---- C:\Program Files\WinPcap
2010-02-08 18:18:30 ----D---- C:\Program Files\Wireshark
2010-02-07 09:33:05 ----D---- C:\Program Files\MSXML 4.0
2010-02-07 09:30:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\WinRAR
2010-02-07 09:01:39 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-07 09:00:29 ----D---- C:\WINDOWS\ShellNew
2010-02-07 08:58:04 ----D---- C:\Program Files\WinRAR
2010-02-06 13:39:46 ----A---- C:\WINDOWS\system32\cdintf400.dll
2010-02-06 13:39:27 ----A---- C:\WINDOWS\system32\Ry4CoInst.dll
2010-02-06 13:37:11 ----D---- C:\Program Files\KROSplus
2010-02-06 13:37:10 ----D---- C:\KROSplusData
2010-02-06 09:56:21 ----D---- C:\Program Files\ABAK
2010-02-06 09:55:57 ----A---- C:\WINDOWS\IsUn0405.exe
2010-02-06 08:27:07 ----D---- C:\Program Files\Autodesk
2010-02-06 08:26:02 ----D---- C:\Program Files\AnswerWorks 4.0
2010-02-06 08:25:59 ----D---- C:\Program Files\Microsoft Office
2010-02-06 08:25:53 ----D---- C:\Program Files\Common Files\Designer
2010-02-06 08:24:23 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-02-06 08:24:23 ----D---- C:\Program Files\AutoCAD 2005
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\Martina\Data aplikací\Autodesk
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-02-06 08:19:58 ----D---- C:\WINDOWS\Downloaded Installations
2010-02-05 22:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-02-05 22:28:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-02-05 22:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-02-05 22:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-05 22:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-02-05 22:26:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-05 21:21:39 ----D---- C:\Documents and Settings\Martina\Data aplikací\QuickScan
2010-02-05 21:13:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\Malwarebytes
2010-02-05 21:13:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-05 18:14:50 ----D---- C:\WINDOWS\pss
2010-02-05 18:01:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\CMUV
2010-02-05 17:39:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-02-05 16:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-02-05 16:24:15 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-05 16:24:11 ----D---- C:\Program Files\MSBuild
2010-02-05 16:24:09 ----D---- C:\WINDOWS\system32\en-US
2010-02-05 16:24:02 ----D---- C:\Program Files\Reference Assemblies
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-02-05 16:23:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-02-05 16:19:52 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-02-05 16:19:50 ----D---- C:\Documents and Settings\Martina\Data aplikací\Windows Desktop Search
2010-02-05 16:19:18 ----D---- C:\Program Files\Windows Desktop Search
2010-02-05 16:19:06 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-02-05 16:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-02-05 16:18:33 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-05 16:18:32 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-02-05 16:18:15 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-05 16:18:05 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-02-05 16:17:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-02-05 16:16:37 ----D---- C:\WINDOWS\system32\LogFiles
2010-02-05 16:16:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-02-05 16:14:34 ----RSD---- C:\WINDOWS\assembly
2010-02-05 16:14:34 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-05 16:14:32 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-05 12:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-05 12:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-05 09:56:36 ----D---- C:\Program Files\Western Digital Corporation
2010-02-05 09:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-02-05 09:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-05 09:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-05 09:43:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-05 09:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-05 09:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-05 09:43:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-05 09:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-05 09:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-05 09:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-05 09:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-05 09:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-05 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-05 09:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-05 09:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-05 09:40:45 ----D---- C:\WINDOWS\ie8updates
2010-02-05 09:40:14 ----D---- C:\WINDOWS\WBEM
2010-02-05 09:39:01 ----HDC---- C:\WINDOWS\ie8
2010-02-05 09:31:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-05 09:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-05 09:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-02-05 09:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-05 09:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-05 09:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-05 09:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-05 09:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-05 09:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-05 09:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-05 09:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-05 09:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-02-05 09:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-05 09:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-05 09:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-05 09:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-05 09:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-05 09:27:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-05 09:27:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-05 09:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-05 09:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-05 09:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-05 09:26:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-05 09:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-05 09:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-05 09:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-05 09:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-05 09:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-05 09:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-05 09:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-02-05 09:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-05 09:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-05 09:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-05 09:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-05 09:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-05 09:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-05 09:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-02-05 09:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-05 09:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-05 09:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-05 09:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-05 09:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-05 09:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-05 09:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-05 09:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-05 08:22:19 ----D---- C:\Program Files\dvbdream
2010-02-05 08:14:44 ----D---- C:\WINDOWS\nview
2010-02-05 08:14:44 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-02-05 08:14:23 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-05 07:54:37 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-05 07:54:32 ----D---- C:\Program Files\ffdshow
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-02-05 07:53:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-02-05 07:53:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-02-05 07:53:50 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-02-05 07:53:48 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-02-05 07:53:47 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-02-05 07:53:46 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-02-05 07:53:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-02-05 07:53:43 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-02-05 07:53:42 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-02-05 07:53:39 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-02-05 07:53:37 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-02-05 07:53:35 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-02-05 07:53:31 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-02-05 07:53:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-02-05 07:53:27 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-02-05 07:53:18 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-02-05 07:53:08 ----D---- C:\WINDOWS\Logs
2010-02-05 07:47:16 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-05 07:47:15 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-05 07:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-05 07:47:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-05 07:46:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Technisat
2010-02-05 07:46:40 ----D---- C:\Program Files\DVBViewer TE2
2010-02-05 07:46:25 ----D---- C:\Program Files\MainConcept
2010-02-05 07:46:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-05 07:45:46 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrs.dll
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrDef.ini
2010-02-05 07:42:05 ----A---- C:\WINDOWS\ODBC.INI
2010-02-05 07:42:04 ----D---- C:\Program Files\KenCast
2010-02-05 07:40:03 ----D---- C:\Documents and Settings\Martina\Data aplikací\AdobeUM
2010-02-05 07:37:56 ----D---- C:\Program Files\Common Files\Adobe
2010-02-05 07:37:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-05 07:35:51 ----D---- C:\Program Files\Adobe
2010-02-05 07:05:44 ----D---- C:\Documents and Settings\Martina\Data aplikací\Macromedia
2010-02-05 07:05:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\Adobe
2010-02-05 06:58:00 ----D---- C:\Program Files\HDDScan
2010-02-05 06:55:19 ----D---- C:\Program Files\HD Tune Pro
2010-02-05 06:37:25 ----D---- C:\Program Files\Total Commander 7.03
2010-02-05 06:37:25 ----A---- C:\WINDOWS\wincmd.ini
2010-02-04 22:45:41 ----D---- C:\Documents and Settings\Martina\Data aplikací\ESET
2010-02-04 22:44:34 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-04 22:44:18 ----D---- C:\Program Files\ESET
2010-02-04 22:44:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-04 22:41:22 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-04 22:40:19 ----A---- C:\WINDOWS\IsUninst.exe
2010-02-04 22:11:58 ----A---- C:\WINDOWS\system32\h323log.txt
2010-02-04 22:10:54 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-02-04 22:08:46 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-02-04 22:08:43 ----A---- C:\WINDOWS\system32\sfman32.dll
2010-02-04 22:08:41 ----A---- C:\WINDOWS\system32\sblfx.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devldr32.exe
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devcon32.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\ctwdm32.dll
2010-02-04 22:08:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-04 22:08:26 ----A---- C:\WINDOWS\system32\usbui.dll
2010-02-04 22:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-04 22:07:09 ----SHD---- C:\WINDOWS\Installer
2010-02-04 22:07:09 ----D---- C:\Program Files\Common Files\ODBC
2010-02-04 22:07:09 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-04 22:07:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-02-04 22:07:05 ----RD---- C:\Program Files
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdycl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdro.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdcr.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2010-02-04 22:06:50 ----A---- C:\WINDOWS\system32\irclass.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-02-04 22:06:47 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-02-04 22:06:47 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-02-04 22:06:46 ----A---- C:\WINDOWS\system32\batt.dll
2010-02-04 22:06:46 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-02-04 22:06:45 ----A---- C:\WINDOWS\system32\storprop.dll
2010-02-04 22:06:37 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-02-04 22:06:32 ----RA---- C:\WINDOWS\SET8.tmp
2010-02-04 22:06:29 ----RA---- C:\WINDOWS\SET4.tmp
2010-02-04 22:06:28 ----RA---- C:\WINDOWS\SET3.tmp
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-04 22:06:17 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-02-04 22:05:54 ----SHD---- C:\System Volume Information
2010-02-04 22:05:54 ----D---- C:\Documents and Settings
2010-02-04 22:05:04 ----RASH---- C:\boot.ini
2010-02-04 21:58:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-04 21:58:49 ----RSD---- C:\WINDOWS\Fonts
2010-02-04 21:58:49 ----RD---- C:\WINDOWS\Web
2010-02-04 21:58:49 ----HD---- C:\WINDOWS\inf
2010-02-04 21:58:49 ----D---- C:\WINDOWS\WinSxS
2010-02-04 21:58:49 ----D---- C:\WINDOWS\twain_32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wins
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wbem
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\usmt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\spool
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ShellExt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\Setup
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ras
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\oobe
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\npp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\IME
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\icsxml
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ias
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\export
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\drivers
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\dhcp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3com_dmi
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3076
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\2052
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1054
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1042
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1041
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1037
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1033
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1031
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1029
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1028
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1025
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system
2010-02-04 21:58:49 ----D---- C:\WINDOWS\security
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Resources
2010-02-04 21:58:49 ----D---- C:\WINDOWS\repair
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Provisioning
2010-02-04 21:58:49 ----D---- C:\WINDOWS\pchealth
2010-02-04 21:58:49 ----D---- C:\WINDOWS\PeerNet
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Network Diagnostic
2010-02-04 21:58:49 ----D---- C:\WINDOWS\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msapps
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msagent
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Media
2010-02-04 21:58:49 ----D---- C:\WINDOWS\L2Schemas
2010-02-04 21:58:49 ----D---- C:\WINDOWS\java
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ime
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Help
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ehome
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Driver Cache
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Debug
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Cursors
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Connection Wizard
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\AppPatch
2010-02-04 21:58:49 ----D---- C:\WINDOWS\addins
2010-02-04 21:58:49 ----D---- C:\WINDOWS
2010-02-04 21:34:13 ----D---- C:\Documents and Settings\Martina\Data aplikací\Mozilla
2010-02-04 21:34:01 ----D---- C:\Program Files\Mozilla Firefox
2010-02-04 21:25:08 ----D---- C:\Documents and Settings\Martina\Data aplikací\Identities
2010-02-04 21:25:06 ----HD---- C:\Program Files\Uninstall Information
2010-02-04 21:25:01 ----SD---- C:\Documents and Settings\Martina\Data aplikací\Microsoft
2010-02-04 21:25:01 ----ASH---- C:\Documents and Settings\Martina\Data aplikací\desktop.ini
2010-02-04 21:24:08 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-04 21:23:01 ----D---- C:\WINDOWS\Prefetch
2010-02-04 21:23:00 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-04 21:23:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-04 21:18:50 ----D---- C:\WINDOWS\system32\xircom
2010-02-04 21:18:50 ----D---- C:\Program Files\xerox
2010-02-04 21:18:50 ----D---- C:\Program Files\microsoft frontpage
2010-02-04 21:18:27 ----A---- C:\WINDOWS\control.ini
2010-02-04 21:18:07 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-04 21:17:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-04 21:17:04 ----RD---- C:\WINDOWS\Offline Web Pages
2010-02-04 21:17:04 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-04 21:16:57 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-04 21:16:52 ----HD---- C:\Program Files\WindowsUpdate
2010-02-04 21:16:48 ----D---- C:\Program Files\Online Services
2010-02-04 21:16:27 ----D---- C:\WINDOWS\system32\DirectX
2010-02-04 21:16:21 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-04 21:16:19 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-04 21:16:19 ----A---- C:\WINDOWS\desktop.ini
2010-02-04 21:16:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-04 21:16:11 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-04 21:16:10 ----D---- C:\Program Files\Common Files\Services
2010-02-04 21:16:07 ----SD---- C:\WINDOWS\Tasks
2010-02-04 21:16:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-04 21:16:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-04 21:16:03 ----D---- C:\WINDOWS\srchasst
2010-02-04 21:16:02 ----D---- C:\WINDOWS\system32\Macromed
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-04 21:15:58 ----N---- C:\WINDOWS\system32\wuauclt.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-04 21:15:57 ----N---- C:\WINDOWS\system32\qmgr.dll
2010-02-04 21:15:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-04 21:15:54 ----D---- C:\Program Files\Movie Maker
2010-02-04 21:15:34 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-02-04 21:15:29 ----N---- C:\WINDOWS\system32\srsvc.dll
2010-02-04 21:15:29 ----D---- C:\WINDOWS\system32\Restore
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-04 21:15:25 ----D---- C:\Program Files\NetMeeting
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-04 21:15:22 ----N---- C:\WINDOWS\system32\schedsvc.dll
2010-02-04 21:15:22 ----D---- C:\Program Files\Outlook Express
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-04 21:15:15 ----D---- C:\Program Files\Common Files\System
2010-02-04 21:15:14 ----D---- C:\Program Files\Internet Explorer
2010-02-04 21:14:30 ----D---- C:\Program Files\ComPlus Applications
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vb.ini
2010-02-04 21:14:24 ----D---- C:\WINDOWS\Registration
2010-02-04 21:14:17 ----D---- C:\Program Files\Windows Media Player
2010-02-04 21:14:10 ----D---- C:\Program Files\Messenger
2010-02-04 21:14:06 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-04 21:14:06 ----A---- C:\WINDOWS\system32\write.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-04 21:13:53 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-04 21:13:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-04 21:13:34 ----D---- C:\Program Files\Windows NT
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-02-04 21:13:30 ----N---- C:\WINDOWS\system32\termsrv.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-04 21:13:29 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-04 21:13:27 ----D---- C:\WINDOWS\system32\Com
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-02-21 16:35:19 ----A---- C:\WINDOWS\system.ini
2010-02-07 09:02:32 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2010-02-06 22016]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2009-09-11 507408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 bcm4sbe5;ASUSTeK/Broadcom 440x 10/100 Integrated Controller Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbe5.sys [2002-07-18 57306]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\WINDOWS\system32\DRIVERS\Rockey4USB.sys [2010-02-06 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WLAN; Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\wlanNDS.sys [2002-01-18 54784]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 Fazzt;Fazzt; C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe [2000-12-01 155136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-02-06 74360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
z RSIT.
Chtěla by jsem se ještě zeptat k čemu slouží SPTDinst-v162-x86.exe ?
A ještě jaké škody páchá rootkit třeba ten, který se dostal ke mě (odesílá
např. hesla z emailu, int. bankovnictví ?)?
A jak je možné, že když mám antivir Eset smart security, že se mi do PC dostane ?
a proč jej eset nenajde a neodstraní. jen MWAV mě při testu upozonil že tam mám vir.
Ještě jednou děkuji.
Logfile of random's system information tool 1.06 (written by random/random)
Run by Martina at 2010-02-21 19:07:21
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 20 GB (68%) free of 30 GB
Total RAM: 1024 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:07:36, on 21.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wpabaln.exe
C:\RSIT.exe
C:\Program Files\trend micro\Martina.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [FDDSTray] C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D18BEC18-D943-489D-9EB4-E48BB08F3C1D}: NameServer = 192.168.242.97,217.112.162.34
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Fazzt - KenCast, Inc. - C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
--
End of file - 6562 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll [2010-02-14 520192]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-11-16 2054360]
"FDDSTray"=C:\PROGRA~1\KenCast\Fazzt\bin\FDDSTray.exe [2000-12-07 25088]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"pdfFactory Pro Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2006-01-10 495616]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"=C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE [2010-02-14 26624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE [2004-12-14 29696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
======List of files/folders created in the last 1 months======
2010-02-21 19:07:21 ----D---- C:\rsit
2010-02-21 19:07:21 ----D---- C:\Program Files\trend micro
2010-02-21 19:07:10 ----A---- C:\RSIT.exe
2010-02-21 18:58:19 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2010-02-21 18:57:45 ----N---- C:\WINDOWS\system32\ImagX7.dll
2010-02-21 18:57:40 ----D---- C:\Program Files\Common Files\Ahead
2010-02-21 18:57:40 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2010-02-21 18:57:36 ----D---- C:\Program Files\Ahead
2010-02-21 18:21:40 ----D---- C:\Program Files\TechniSat DVB
2010-02-21 18:09:25 ----SHD---- C:\RECYCLER
2010-02-21 18:03:08 ----A---- C:\WINDOWS\wininit.ini
2010-02-21 11:30:51 ----D---- C:\WINDOWS\system32\appmgmt
2010-02-21 10:50:36 ----N---- C:\WINDOWS\system32\fppr232.dll
2010-02-21 10:50:36 ----N---- C:\WINDOWS\system32\fppmon2.dll
2010-02-21 10:38:33 ----A---- C:\WINDOWS\system32\CNMVS5y.DLL
2010-02-21 10:38:33 ----A---- C:\WINDOWS\system32\CNMLM5y.DLL
2010-02-21 10:38:30 ----A---- C:\WINDOWS\system32\CNMCP5y.exe
2010-02-21 10:38:28 ----HD---- C:\BJPrinter
2010-02-21 06:48:20 ----D---- C:\WINDOWS\temp
2010-02-20 08:59:46 ----A---- C:\Boot.bak
2010-02-20 08:59:43 ----RASHD---- C:\cmdcons
2010-02-20 08:19:36 ----D---- C:\Documents and Settings\Martina\Data aplikací\Thunderbird
2010-02-20 08:19:18 ----D---- C:\Program Files\Mozilla Thunderbird
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\VDLL.DLL
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\RUNDL132.EXE
2010-02-19 20:51:24 ----AD---- C:\WINDOWS\logo_1.exe
2010-02-19 20:34:10 ----A---- C:\WINDOWS\system32\eEmpty.exe
2010-02-19 19:51:19 ----D---- C:\Program Files\CCleaner
2010-02-19 16:39:15 ----D---- C:\Documents and Settings\Martina\Data aplikací\Search Settings
2010-02-19 12:07:43 ----D---- C:\Program Files\Application Updater
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\WMAFile.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudPlayer.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioVisu.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioRecord.dll
2010-02-19 12:07:02 ----A---- C:\WINDOWS\system32\AudioInfos.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\TABCTFR.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\inetfr.DLL
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudFile.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDisplay.dll
2010-02-19 12:07:01 ----A---- C:\WINDOWS\system32\AudDesign.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\MSCMCFR.DLL
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\Mscc2fr.dll
2010-02-19 12:07:00 ----A---- C:\WINDOWS\system32\CMDLGFR.DLL
2010-02-19 12:06:57 ----D---- C:\Program Files\Free Audio Pack
2010-02-19 12:06:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\FreeAudioPack
2010-02-18 07:50:25 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-02-18 07:50:23 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-02-16 09:32:42 ----D---- C:\Program Files\AVIVA
2010-02-16 08:07:25 ----N---- C:\WINDOWS\system32\msxml3a.dll
2010-02-16 08:06:15 ----D---- C:\Program Files\CyberLink
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\vxblock.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxwave.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxmas.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\pxdrv.dll
2010-02-16 08:04:07 ----N---- C:\WINDOWS\system32\px.dll
2010-02-16 08:03:54 ----D---- C:\Program Files\Winamp
2010-02-16 08:03:54 ----A---- C:\WINDOWS\winamp.ini
2010-02-16 08:01:44 ----D---- C:\Program Files\XviD
2010-02-16 08:00:54 ----D---- C:\Program Files\DivX
2010-02-16 07:56:57 ----D---- C:\Documents and Settings\Martina\Data aplikací\BSplayer Pro
2010-02-16 07:56:46 ----D---- C:\Program Files\Webteh
2010-02-15 09:36:10 ----A---- C:\WINDOWS\EurekaLog.ini
2010-02-14 10:46:04 ----A---- C:\WINDOWS\TRNCOM.INI
2010-02-14 10:44:16 ----D---- C:\Program Files\TRANSLAT
2010-02-14 08:02:53 ----A---- C:\WINDOWS\Ikony.ini
2010-02-14 08:02:35 ----D---- C:\Program Files\Ikony
2010-02-14 08:02:29 ----A---- C:\WINDOWS\uninst.exe
2010-02-13 18:50:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\LangSoft
2010-02-13 18:49:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\LangSoft
2010-02-12 19:50:05 ----D---- C:\Program Files\Common Files\Macromedia
2010-02-12 19:17:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Macromedia
2010-02-12 19:17:39 ----D---- C:\WINDOWS\system32\QuickTime
2010-02-12 19:17:31 ----D---- C:\Program Files\Macromedia
2010-02-10 09:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$
2010-02-10 09:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-02-10 09:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-02-10 09:17:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-02-10 09:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$
2010-02-10 09:16:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-02-10 09:16:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-02-10 09:16:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-02-10 09:16:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977165$
2010-02-08 18:57:37 ----D---- C:\Documents and Settings\Martina\Data aplikací\ACD Systems
2010-02-08 18:57:11 ----D---- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\Common Files\ACD Systems
2010-02-08 18:57:04 ----D---- C:\Program Files\ACD Systems
2010-02-08 18:21:25 ----D---- C:\Documents and Settings\Martina\Data aplikací\Wireshark
2010-02-08 18:19:03 ----D---- C:\Program Files\WinPcap
2010-02-08 18:18:30 ----D---- C:\Program Files\Wireshark
2010-02-07 09:33:05 ----D---- C:\Program Files\MSXML 4.0
2010-02-07 09:30:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\WinRAR
2010-02-07 09:01:39 ----D---- C:\Program Files\Microsoft Visual Studio
2010-02-07 09:00:29 ----D---- C:\WINDOWS\ShellNew
2010-02-07 08:58:04 ----D---- C:\Program Files\WinRAR
2010-02-06 13:39:46 ----A---- C:\WINDOWS\system32\cdintf400.dll
2010-02-06 13:39:27 ----A---- C:\WINDOWS\system32\Ry4CoInst.dll
2010-02-06 13:37:11 ----D---- C:\Program Files\KROSplus
2010-02-06 13:37:10 ----D---- C:\KROSplusData
2010-02-06 09:56:21 ----D---- C:\Program Files\ABAK
2010-02-06 09:55:57 ----A---- C:\WINDOWS\IsUn0405.exe
2010-02-06 08:27:07 ----D---- C:\Program Files\Autodesk
2010-02-06 08:26:02 ----D---- C:\Program Files\AnswerWorks 4.0
2010-02-06 08:25:59 ----D---- C:\Program Files\Microsoft Office
2010-02-06 08:25:53 ----D---- C:\Program Files\Common Files\Designer
2010-02-06 08:24:23 ----D---- C:\Program Files\Common Files\Autodesk Shared
2010-02-06 08:24:23 ----D---- C:\Program Files\AutoCAD 2005
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\Martina\Data aplikací\Autodesk
2010-02-06 08:24:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Autodesk
2010-02-06 08:19:58 ----D---- C:\WINDOWS\Downloaded Installations
2010-02-05 22:30:08 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2010-02-05 22:28:13 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-02-05 22:27:57 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2010-02-05 22:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-02-05 22:27:25 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2010-02-05 22:26:59 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-02-05 21:21:39 ----D---- C:\Documents and Settings\Martina\Data aplikací\QuickScan
2010-02-05 21:13:21 ----D---- C:\Documents and Settings\Martina\Data aplikací\Malwarebytes
2010-02-05 21:13:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-02-05 18:14:50 ----D---- C:\WINDOWS\pss
2010-02-05 18:01:55 ----D---- C:\Documents and Settings\All Users\Data aplikací\CMUV
2010-02-05 17:39:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2010-02-05 16:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2010-02-05 16:24:15 ----D---- C:\WINDOWS\system32\XPSViewer
2010-02-05 16:24:11 ----D---- C:\Program Files\MSBuild
2010-02-05 16:24:09 ----D---- C:\WINDOWS\system32\en-US
2010-02-05 16:24:02 ----D---- C:\Program Files\Reference Assemblies
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2010-02-05 16:23:33 ----N---- C:\WINDOWS\system32\prntvpt.dll
2010-02-05 16:23:32 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2010-02-05 16:19:52 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2010-02-05 16:19:50 ----D---- C:\Documents and Settings\Martina\Data aplikací\Windows Desktop Search
2010-02-05 16:19:18 ----D---- C:\Program Files\Windows Desktop Search
2010-02-05 16:19:06 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2010-02-05 16:19:00 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2010-02-05 16:18:33 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-02-05 16:18:32 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2010-02-05 16:18:15 ----D---- C:\Program Files\Windows Media Connect 2
2010-02-05 16:18:05 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2010-02-05 16:17:10 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2010-02-05 16:16:37 ----D---- C:\WINDOWS\system32\LogFiles
2010-02-05 16:16:33 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2010-02-05 16:14:34 ----RSD---- C:\WINDOWS\assembly
2010-02-05 16:14:34 ----D---- C:\WINDOWS\Microsoft.NET
2010-02-05 16:14:32 ----D---- C:\WINDOWS\system32\URTTemp
2010-02-05 12:36:27 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-02-05 12:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-02-05 09:56:36 ----D---- C:\Program Files\Western Digital Corporation
2010-02-05 09:51:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-02-05 09:44:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-02-05 09:44:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-02-05 09:43:55 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-02-05 09:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-02-05 09:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-02-05 09:43:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-02-05 09:43:14 ----HDC---- C:\WINDOWS\$NtUninstallKB978207$
2010-02-05 09:43:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-02-05 09:42:59 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2010-02-05 09:42:50 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-02-05 09:42:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-02-05 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-02-05 09:42:18 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-02-05 09:42:11 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2010-02-05 09:40:45 ----D---- C:\WINDOWS\ie8updates
2010-02-05 09:40:14 ----D---- C:\WINDOWS\WBEM
2010-02-05 09:39:01 ----HDC---- C:\WINDOWS\ie8
2010-02-05 09:31:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-02-05 09:30:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-02-05 09:30:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2010-02-05 09:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-02-05 09:30:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-02-05 09:30:29 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-02-05 09:30:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-02-05 09:30:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-02-05 09:29:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-02-05 09:29:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-02-05 09:29:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-02-05 09:29:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2010-02-05 09:29:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-02-05 09:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-02-05 09:29:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-02-05 09:28:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-02-05 09:28:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-02-05 09:27:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-02-05 09:27:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-02-05 09:27:20 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-02-05 09:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2010-02-05 09:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2010-02-05 09:26:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-02-05 09:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2010-02-05 09:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-02-05 09:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-02-05 09:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-02-05 09:26:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2010-02-05 09:26:08 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-02-05 09:26:02 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2010-02-05 09:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-02-05 09:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-02-05 09:25:26 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-02-05 09:25:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2010-02-05 09:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-02-05 09:24:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-02-05 09:24:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2010-02-05 09:24:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-02-05 09:24:37 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-02-05 09:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-02-05 09:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-02-05 09:24:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-02-05 09:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-02-05 09:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-02-05 09:23:34 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2010-02-05 08:22:19 ----D---- C:\Program Files\dvbdream
2010-02-05 08:14:44 ----D---- C:\WINDOWS\nview
2010-02-05 08:14:44 ----A---- C:\WINDOWS\system32\nvudisp.exe
2010-02-05 08:14:23 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2010-02-05 07:54:37 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\pthreadGC2.dll
2010-02-05 07:54:35 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2010-02-05 07:54:32 ----D---- C:\Program Files\ffdshow
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-02-05 07:53:56 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-02-05 07:53:54 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-02-05 07:53:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-02-05 07:53:52 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-02-05 07:53:51 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-02-05 07:53:50 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-02-05 07:53:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-02-05 07:53:48 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-02-05 07:53:47 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-02-05 07:53:46 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-02-05 07:53:45 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-02-05 07:53:44 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-02-05 07:53:43 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-02-05 07:53:42 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-02-05 07:53:40 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-02-05 07:53:39 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-02-05 07:53:37 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-02-05 07:53:36 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-02-05 07:53:35 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2010-02-05 07:53:34 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-02-05 07:53:32 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2010-02-05 07:53:31 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2010-02-05 07:53:29 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-02-05 07:53:28 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2010-02-05 07:53:27 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2010-02-05 07:53:26 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2010-02-05 07:53:25 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2010-02-05 07:53:24 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2010-02-05 07:53:23 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2010-02-05 07:53:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2010-02-05 07:53:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2010-02-05 07:53:20 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2010-02-05 07:53:19 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2010-02-05 07:53:18 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2010-02-05 07:53:08 ----D---- C:\WINDOWS\Logs
2010-02-05 07:47:16 ----D---- C:\WINDOWS\system32\PreInstall
2010-02-05 07:47:15 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-02-05 07:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-02-05 07:47:13 ----HD---- C:\WINDOWS\$hf_mig$
2010-02-05 07:46:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Technisat
2010-02-05 07:46:40 ----D---- C:\Program Files\DVBViewer TE2
2010-02-05 07:46:25 ----D---- C:\Program Files\MainConcept
2010-02-05 07:46:15 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-05 07:45:46 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrs.dll
2010-02-05 07:42:15 ----A---- C:\WINDOWS\system32\FazztCtrDef.ini
2010-02-05 07:42:05 ----A---- C:\WINDOWS\ODBC.INI
2010-02-05 07:42:04 ----D---- C:\Program Files\KenCast
2010-02-05 07:40:03 ----D---- C:\Documents and Settings\Martina\Data aplikací\AdobeUM
2010-02-05 07:37:56 ----D---- C:\Program Files\Common Files\Adobe
2010-02-05 07:37:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-05 07:35:51 ----D---- C:\Program Files\Adobe
2010-02-05 07:05:44 ----D---- C:\Documents and Settings\Martina\Data aplikací\Macromedia
2010-02-05 07:05:43 ----D---- C:\Documents and Settings\Martina\Data aplikací\Adobe
2010-02-05 06:58:00 ----D---- C:\Program Files\HDDScan
2010-02-05 06:55:19 ----D---- C:\Program Files\HD Tune Pro
2010-02-05 06:37:25 ----D---- C:\Program Files\Total Commander 7.03
2010-02-05 06:37:25 ----A---- C:\WINDOWS\wincmd.ini
2010-02-04 22:45:41 ----D---- C:\Documents and Settings\Martina\Data aplikací\ESET
2010-02-04 22:44:34 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2010-02-04 22:44:18 ----D---- C:\Program Files\ESET
2010-02-04 22:44:18 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2010-02-04 22:41:22 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-02-04 22:40:19 ----A---- C:\WINDOWS\IsUninst.exe
2010-02-04 22:11:58 ----A---- C:\WINDOWS\system32\h323log.txt
2010-02-04 22:10:54 ----HD---- C:\WINDOWS\system32\GroupPolicy
2010-02-04 22:08:46 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-02-04 22:08:43 ----A---- C:\WINDOWS\system32\sfman32.dll
2010-02-04 22:08:41 ----A---- C:\WINDOWS\system32\sblfx.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devldr32.exe
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\devcon32.dll
2010-02-04 22:08:40 ----A---- C:\WINDOWS\system32\ctwdm32.dll
2010-02-04 22:08:39 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-02-04 22:08:26 ----A---- C:\WINDOWS\system32\usbui.dll
2010-02-04 22:07:10 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-02-04 22:07:09 ----SHD---- C:\WINDOWS\Installer
2010-02-04 22:07:09 ----D---- C:\Program Files\Common Files\ODBC
2010-02-04 22:07:09 ----A---- C:\WINDOWS\ODBCINST.INI
2010-02-04 22:07:06 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-02-04 22:07:05 ----RD---- C:\Program Files
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-02-04 22:07:05 ----D---- C:\Program Files\Common Files
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-02-04 22:07:01 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-02-04 22:06:59 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-02-04 22:06:57 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-02-04 22:06:55 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdycl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdsl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdro.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdpl.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdhu.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\kbdcr.dll
2010-02-04 22:06:51 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2010-02-04 22:06:50 ----A---- C:\WINDOWS\system32\irclass.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-02-04 22:06:49 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-02-04 22:06:47 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-02-04 22:06:47 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-02-04 22:06:46 ----A---- C:\WINDOWS\system32\batt.dll
2010-02-04 22:06:46 ----A---- C:\WINDOWS\NOTEPAD.EXE
2010-02-04 22:06:45 ----A---- C:\WINDOWS\system32\storprop.dll
2010-02-04 22:06:37 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-02-04 22:06:32 ----RA---- C:\WINDOWS\SET8.tmp
2010-02-04 22:06:29 ----RA---- C:\WINDOWS\SET4.tmp
2010-02-04 22:06:28 ----RA---- C:\WINDOWS\SET3.tmp
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-04 22:06:22 ----D---- C:\WINDOWS\system32\CatRoot
2010-02-04 22:06:17 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-02-04 22:05:54 ----SHD---- C:\System Volume Information
2010-02-04 22:05:54 ----D---- C:\Documents and Settings
2010-02-04 22:05:04 ----RASH---- C:\boot.ini
2010-02-04 21:58:49 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-02-04 21:58:49 ----RSD---- C:\WINDOWS\Fonts
2010-02-04 21:58:49 ----RD---- C:\WINDOWS\Web
2010-02-04 21:58:49 ----HD---- C:\WINDOWS\inf
2010-02-04 21:58:49 ----D---- C:\WINDOWS\WinSxS
2010-02-04 21:58:49 ----D---- C:\WINDOWS\twain_32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wins
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\wbem
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\usmt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\spool
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ShellExt
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\Setup
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ras
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\oobe
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\npp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\inetsrv
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\IME
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\icsxml
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\ias
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\export
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\drivers
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\dhcp
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs-cz
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\cs
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3com_dmi
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\3076
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\2052
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1054
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1042
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1041
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1037
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1033
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1031
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1029
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1028
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32\1025
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system32
2010-02-04 21:58:49 ----D---- C:\WINDOWS\system
2010-02-04 21:58:49 ----D---- C:\WINDOWS\security
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Resources
2010-02-04 21:58:49 ----D---- C:\WINDOWS\repair
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Provisioning
2010-02-04 21:58:49 ----D---- C:\WINDOWS\pchealth
2010-02-04 21:58:49 ----D---- C:\WINDOWS\PeerNet
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Network Diagnostic
2010-02-04 21:58:49 ----D---- C:\WINDOWS\mui
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msapps
2010-02-04 21:58:49 ----D---- C:\WINDOWS\msagent
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Media
2010-02-04 21:58:49 ----D---- C:\WINDOWS\L2Schemas
2010-02-04 21:58:49 ----D---- C:\WINDOWS\java
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ime
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Help
2010-02-04 21:58:49 ----D---- C:\WINDOWS\ehome
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Driver Cache
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Debug
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Cursors
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Connection Wizard
2010-02-04 21:58:49 ----D---- C:\WINDOWS\Config
2010-02-04 21:58:49 ----D---- C:\WINDOWS\AppPatch
2010-02-04 21:58:49 ----D---- C:\WINDOWS\addins
2010-02-04 21:58:49 ----D---- C:\WINDOWS
2010-02-04 21:34:13 ----D---- C:\Documents and Settings\Martina\Data aplikací\Mozilla
2010-02-04 21:34:01 ----D---- C:\Program Files\Mozilla Firefox
2010-02-04 21:25:08 ----D---- C:\Documents and Settings\Martina\Data aplikací\Identities
2010-02-04 21:25:06 ----HD---- C:\Program Files\Uninstall Information
2010-02-04 21:25:01 ----SD---- C:\Documents and Settings\Martina\Data aplikací\Microsoft
2010-02-04 21:25:01 ----ASH---- C:\Documents and Settings\Martina\Data aplikací\desktop.ini
2010-02-04 21:24:08 ----D---- C:\WINDOWS\SoftwareDistribution
2010-02-04 21:23:01 ----D---- C:\WINDOWS\Prefetch
2010-02-04 21:23:00 ----SD---- C:\WINDOWS\system32\Microsoft
2010-02-04 21:23:00 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-04 21:18:50 ----D---- C:\WINDOWS\system32\xircom
2010-02-04 21:18:50 ----D---- C:\Program Files\xerox
2010-02-04 21:18:50 ----D---- C:\Program Files\microsoft frontpage
2010-02-04 21:18:27 ----A---- C:\WINDOWS\control.ini
2010-02-04 21:18:07 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-02-04 21:17:04 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-02-04 21:17:04 ----RD---- C:\WINDOWS\Offline Web Pages
2010-02-04 21:17:04 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-02-04 21:16:57 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-02-04 21:16:52 ----HD---- C:\Program Files\WindowsUpdate
2010-02-04 21:16:48 ----D---- C:\Program Files\Online Services
2010-02-04 21:16:27 ----D---- C:\WINDOWS\system32\DirectX
2010-02-04 21:16:21 ----A---- C:\WINDOWS\system32\atrace.dll
2010-02-04 21:16:19 ----A---- C:\WINDOWS\system32\desktop.ini
2010-02-04 21:16:19 ----A---- C:\WINDOWS\desktop.ini
2010-02-04 21:16:12 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-02-04 21:16:11 ----A---- C:\WINDOWS\system32\acctres.dll
2010-02-04 21:16:10 ----D---- C:\Program Files\Common Files\Services
2010-02-04 21:16:07 ----SD---- C:\WINDOWS\Tasks
2010-02-04 21:16:07 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-02-04 21:16:06 ----D---- C:\Program Files\Common Files\MSSoap
2010-02-04 21:16:03 ----D---- C:\WINDOWS\srchasst
2010-02-04 21:16:02 ----D---- C:\WINDOWS\system32\Macromed
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuweb.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-02-04 21:15:59 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2010-02-04 21:15:58 ----N---- C:\WINDOWS\system32\wuauclt.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wups.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2010-02-04 21:15:58 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2010-02-04 21:15:57 ----N---- C:\WINDOWS\system32\qmgr.dll
2010-02-04 21:15:57 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-02-04 21:15:54 ----D---- C:\Program Files\Movie Maker
2010-02-04 21:15:34 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-02-04 21:15:33 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltMc.exe
2010-02-04 21:15:30 ----A---- C:\WINDOWS\system32\fltlib.dll
2010-02-04 21:15:29 ----N---- C:\WINDOWS\system32\srsvc.dll
2010-02-04 21:15:29 ----D---- C:\WINDOWS\system32\Restore
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\srclient.dll
2010-02-04 21:15:29 ----A---- C:\WINDOWS\system32\ils.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\msconf.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-02-04 21:15:28 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-02-04 21:15:25 ----D---- C:\Program Files\NetMeeting
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-02-04 21:15:25 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetres.dll
2010-02-04 21:15:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-02-04 21:15:22 ----N---- C:\WINDOWS\system32\schedsvc.dll
2010-02-04 21:15:22 ----D---- C:\Program Files\Outlook Express
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-02-04 21:15:22 ----A---- C:\WINDOWS\system32\mstask.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\isign32.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-02-04 21:15:21 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-02-04 21:15:15 ----D---- C:\Program Files\Common Files\System
2010-02-04 21:15:14 ----D---- C:\Program Files\Internet Explorer
2010-02-04 21:14:30 ----D---- C:\Program Files\ComPlus Applications
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vbaddin.ini
2010-02-04 21:14:28 ----A---- C:\WINDOWS\vb.ini
2010-02-04 21:14:24 ----D---- C:\WINDOWS\Registration
2010-02-04 21:14:17 ----D---- C:\Program Files\Windows Media Player
2010-02-04 21:14:10 ----D---- C:\Program Files\Messenger
2010-02-04 21:14:06 ----D---- C:\Program Files\MSN Gaming Zone
2010-02-04 21:14:06 ----A---- C:\WINDOWS\system32\write.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\hticons.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avwav.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-02-04 21:13:54 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-02-04 21:13:53 ----A---- C:\WINDOWS\system32\winchat.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\charmap.exe
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\getuname.dll
2010-02-04 21:13:45 ----A---- C:\WINDOWS\system32\calc.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\winmine.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\sol.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-02-04 21:13:44 ----A---- C:\WINDOWS\system32\freecell.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tskill.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\tscon.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\shadow.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\reset.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\regini.exe
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-02-04 21:13:43 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msg.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\logoff.exe
2010-02-04 21:13:42 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-02-04 21:13:35 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-02-04 21:13:34 ----D---- C:\Program Files\Windows NT
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-02-04 21:13:34 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\spider.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-02-04 21:13:33 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tsgqec.dll
2010-02-04 21:13:32 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-02-04 21:13:31 ----A---- C:\WINDOWS\system32\aaclient.dll
2010-02-04 21:13:30 ----N---- C:\WINDOWS\system32\termsrv.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-02-04 21:13:30 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-02-04 21:13:29 ----D---- C:\WINDOWS\system32\MsDtc
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-02-04 21:13:29 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-02-04 21:13:28 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-02-04 21:13:27 ----D---- C:\WINDOWS\system32\Com
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-02-04 21:13:27 ----A---- C:\WINDOWS\system32\colbact.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\stclient.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\comrepl.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-02-04 21:13:26 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comuid.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-02-04 21:13:25 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-02-04 21:13:18 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2010-02-21 16:35:19 ----A---- C:\WINDOWS\system.ini
2010-02-07 09:02:32 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-11-16 108792]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2009-11-16 55768]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-11-16 116520]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2009-12-18 135048]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2008-04-14 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2008-04-14 55936]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\AN983.sys [2008-04-13 36224]
R3 ctljystk;Game port pro zařízení Creative SB Live!; C:\WINDOWS\system32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); C:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); C:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-01-08 33096]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\WINDOWS\system32\DRIVERS\Rockey4.sys [2010-02-06 22016]
R3 sfman;Creative SoundFont Manager Driver (WDM); C:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2009-09-11 507408]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 bcm4sbe5;ASUSTeK/Broadcom 440x 10/100 Integrated Controller Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbe5.sys [2002-07-18 57306]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys []
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-14 40320]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\WINDOWS\system32\DRIVERS\Rockey4USB.sys [2010-02-06 12928]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WLAN; Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\wlanNDS.sys [2002-01-18 54784]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2009-11-16 735960]
R2 Fazzt;Fazzt; C:\PROGRA~1\KenCast\Fazzt\bin\FazztSrv.exe [2000-12-01 155136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2010-02-06 74360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-11-16 20680]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
meteorolog píše:uf
ještě použijte http://sweb.cz/Marinus/T-Cleaner.exe - pro potvrzení stiskněte vždy klávesu A nebo Enter
potom CCleaner - položky Čistič a Registry - čištění opakujte do odstranění všech problémů
a nakonec ATF Cleaner - http://www.atribune.org/ccount/click.php?id=1:
po spuštění staženého souboru se objeví okno:
zatrhněte Select All, klikněte na Empty Selected a Exit
stejným způsobem vymažte případně cache Firefoxu a Opery
restartujte PC
-
meteorolog
- Vzorný návštěvník
- Příspěvky: 308
- Registrován: 07 led 2007 15:20
- Bydliště: Pardubice
Re: Počítač se mi zpomalil a seká se
SPTDinst-v162-x86.exe je jádro daemonu
http://www.wug.sk/?name=blog&id=23_Root ... jak_a_proc
http://www.wug.sk/?name=blog&id=28_Root ... ubor%C5%AF
http://www.wug.sk/?name=blog&id=23_Root ... jak_a_proc
http://www.wug.sk/?name=blog&id=28_Root ... ubor%C5%AF
"Život je život, louka je louka, koukneš se do trávy – a vidíš brouka."
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
"Neodpovídej tupci na jeho tupost, aby ses mu sám nezačal podobat. Odpověz tupci na jeho tupost, aby si přestal moudrý připadat...."
(Přísloví krále Šalomouna)
Přispějete na provoz fóra?