Prosim kontrolu logu. mam v PC nakej shit.

[jaro3]

To není ono, musí to být samostatně na C:
Zkus udělat znovu Combofix, tentokrát v nouzovém režimu ( po restartu držet klávesu F8).
Ten log potřebuji i kvůli odstranění zbytkú AVG.

[Reklama]

[hadic]

Tak po tom programu poslednim se mi PC dodelalo tak ze nejsem schopnej udelat ani jednu poradnou vec... Nemuzu spustit mozilu, kdyz si stahnu operu tak taky nejde, prestal mi jit i IE, malovani, vzdy tesne pred koncem instalace se PC taky resetne. Nemuzu uz skoro nic. zmohl sem se na dalsi HJT ale to asi nebude s tim nic spolecnyho co? Zkousel sem obnoveni systemu abych udelal veskery ukony znova ale ani to nejde Potrebuju vypalit na DVD obrazek do stedryho dne a nemuzu pac si nedokazu nainstalovat lightscribe program a kdyz sem uz ehnal nakej bez instalace tak zjistim ze nespustim malovani ale ja to vymyslim, drz mi palce... tady je HJT:

Logfile of HijackThis v1.99.1
Scan saved at 23:50, on 2008-12-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\uzivatel\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [jraygcwp.exe] C:\WINDOWS\jraygcwp.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A091EFBB-D800-4A6A-87C8-E98D764C5AFF}: NameServer = 192.168.124.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE

[jaro3]

Obnovu nezkoušej , vrátí se Ti nákazy.Napřed se musí PC odvirovat, pak to další.Když nejde CF, zkus ho přejmenovat na abcd.exe a spustit, pokud nepůjde :
Stáhni si GMER
Po stažení aplikaci rozbal a spusť, probehne rychlý sken a otevře se hlavní okno programu:
pokud klikneš na tlačítko Save vpravo dole, muzeš vyexportovat první log, ktery vloziš sem.

Poté:
Stáhni si RSIT (by random/random)
- spusť ho, objeví se ti okno, tak pro pokračování klikni na Continue
- počkej až program proběhne a zobrazí se ti log jinak ho najdeš zde: C:\rsit\log.txt zkopíruj sem prosím celý jeho obsah

[hadic]

GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2008-12-24 10:53:29
Windows 5.1.2600 Service Pack 2


---- Devices - GMER 1.0.14 ----

Device \FileSystem\Ntfs \Ntfs ws2_32sik.sys
Device \Driver\Tcpip \Device\Ip FF95E0C3
Device \Driver\Tcpip \Device\Tcp FF95E0C3
Device \Driver\Tcpip \Device\Udp FF95E0C3
Device \Driver\Tcpip \Device\RawIp FF95E0C3

---- Threads - GMER 1.0.14 ----

Thread 4:660 FF956AAB
Thread 4:664 FF956AAB
Thread 4:668 FF956AAB
Thread 4:672 FF956AAB
Thread 4:676 FF956AAB
Thread 4:680 FF956AAB
Thread 4:684 FF956AAB
Thread 4:688 FF956AAB
Thread 4:700 FF956AAB
Thread 4:704 FF956AAB
Thread 4:708 FF956AAB
Thread 4:712 FF956AAB
Thread 4:716 FF956AAB
Thread 4:720 FF956AAB
Thread 4:724 FF956AAB
Thread 4:728 FF956AAB
Thread 4:732 FF956AAB
Thread 4:736 FF956AAB
Thread 4:740 FF956AAB
Thread 4:744 FF956AAB
Thread 4:748 FF956AAB
Thread 4:752 FF956AAB
Thread 4:756 FF956AAB
Thread 4:760 FF956AAB
Thread 4:764 FF956AAB
Thread 4:768 FF956AAB
Thread 4:772 FF956AAB
Thread 4:776 FF956AAB
Thread 4:780 FF956AAB
Thread 4:784 FF956AAB
Thread 4:788 FF956AAB
Thread 4:792 FF956AAB
Thread 4:796 FF956AAB
Thread 4:800 FF956AAB
Thread 4:804 FF956AAB
Thread 4:808 FF956AAB
Thread 4:812 FF956AAB
Thread 4:816 FF956AAB
Thread 4:820 FF956AAB
Thread 4:824 FF956AAB
Thread 4:828 FF956AAB
Thread 4:832 FF956AAB
Thread 4:836 FF956AAB
Thread 4:840 FF956AAB
Thread 4:844 FF956AAB
Thread 4:848 FF956AAB
Thread 4:852 FF956AAB
Thread 4:856 FF956AAB
Thread 4:860 FF956AAB
Thread 4:864 FF956AAB
Thread 4:868 FF956AAB
Thread 4:872 FF956AAB
Thread 4:876 FF956AAB
Thread 4:880 FF956AAB
Thread 4:884 FF956AAB
Thread 4:888 FF956AAB

---- EOF - GMER 1.0.14 ----


Logfile of random's system information tool 1.05 (written by random/random)
Run by uzivatel at 2008-12-24 10:55:00
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 782 MB (22%) free of 3 GB
Total RAM: 223 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55, on 2008-12-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\uzivatel\Plocha\RSIT.exe
C:\Program Files\trend micro\uzivatel.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [jraygcwp.exe] C:\WINDOWS\jraygcwp.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A091EFBB-D800-4A6A-87C8-E98D764C5AFF}: NameServer = 192.168.124.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE

--
End of file - 3605 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-12-11 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-18 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-12-11 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"=Mixer.exe /startup []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-18 68856]
"jraygcwp.exe"=C:\WINDOWS\jraygcwp.exe []
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-12-06 2387968]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2008-12-24 10:55:03 ----D---- C:\Program Files\trend micro
2008-12-24 10:55:00 ----D---- C:\rsit
2008-12-24 10:51:35 ----A---- C:\WINDOWS\gmer.ini
2008-12-24 10:51:32 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-24 10:51:32 ----A---- C:\WINDOWS\gmer.exe
2008-12-24 10:51:32 ----A---- C:\WINDOWS\gmer.dll
2008-12-23 23:14:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\LightScribe
2008-12-23 23:14:02 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Acoustica
2008-12-23 23:13:48 ----D---- C:\Program Files\Acoustica CD Label Maker
2008-12-22 10:40:59 ----D---- C:\Program Files\Common Files\LightScribe
2008-12-22 10:23:39 ----D---- C:\WINDOWS\temp
2008-12-22 10:20:36 ----D---- C:\ComboFix
2008-12-22 10:20:35 ----A---- C:\WINDOWS\system32\CF19506.exe
2008-12-22 10:02:17 ----A---- C:\WINDOWS\PSEXESVC.EXE
2008-12-22 09:46:07 ----A---- C:\WINDOWS\zip.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\VFIND.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\SWSC.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\SWREG.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\sed.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\grep.exe
2008-12-22 09:46:07 ----A---- C:\WINDOWS\fdsv.exe
2008-12-22 09:45:59 ----D---- C:\WINDOWS\ERDNT
2008-12-22 09:45:59 ----D---- C:\Qoobox
2008-12-21 21:59:20 ----D---- C:\WINDOWS\ERUNT
2008-12-21 21:57:10 ----A---- C:\WINDOWS\ntbtlog.txt
2008-12-21 21:50:34 ----D---- C:\SDFix
2008-12-21 20:25:58 ----D---- C:\Program Files\PartyGaming
2008-12-21 19:30:11 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Malwarebytes
2008-12-21 19:30:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-21 19:30:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2008-12-21 16:17:38 ----D---- C:\Program Files\CCleaner
2008-12-21 11:17:33 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\TeamViewer
2008-12-19 23:29:42 ----D---- C:\Program Files\DOSBox-0.72
2008-12-19 23:25:56 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\WinRAR
2008-12-19 23:21:27 ----D---- C:\Program Files\WinRAR
2008-12-19 21:14:52 ----D---- C:\Program Files\Prograph
2008-12-19 21:14:43 ----A---- C:\WINDOWS\IsUn0405.exe
2008-12-19 20:41:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\QuickTime
2008-12-15 23:03:51 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-15 23:02:28 ----D---- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2008-12-15 22:58:11 ----D---- C:\Program Files\IVT Corporation
2008-12-15 17:54:20 ----D---- C:\Program Files\Novativa Streamster
2008-12-14 13:09:54 ----D---- C:\Program Files\uTorrent
2008-12-14 13:09:54 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\uTorrent
2008-12-13 21:26:05 ----D---- C:\Program Files\Foxit Software
2008-12-13 21:24:30 ----SHD---- C:\RECYCLER
2008-12-11 22:07:40 ----A---- C:\WINDOWS\system32\rewire.dll
2008-12-11 22:06:08 ----D---- C:\Program Files\Image-Line
2008-12-11 22:05:17 ----D---- C:\Program Files\Outsim
2008-12-11 21:07:39 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Mozilla
2008-12-11 21:07:27 ----D---- C:\Program Files\Mozilla Firefox
2008-12-11 21:05:25 ----A---- C:\WINDOWS\mixerdef.ini
2008-12-11 21:04:38 ----D---- C:\WINDOWS\Minidump
2008-12-11 20:52:31 ----A---- C:\WINDOWS\adobe.bat
2008-12-11 20:17:48 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Google
2008-12-11 20:09:08 ----RA---- C:\WINDOWS\cmuninst.exe
2008-12-11 20:09:07 ----RA---- C:\WINDOWS\system32\cmnprop.dll
2008-12-11 20:09:07 ----RA---- C:\WINDOWS\system32\Audio3D.dll
2008-12-11 20:09:07 ----RA---- C:\WINDOWS\system32\a3d.dll
2008-12-11 20:09:07 ----RA---- C:\WINDOWS\mixer.exe
2008-12-11 20:09:05 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-11 20:08:46 ----D---- C:\Program Files\C-Media
2008-12-11 20:08:40 ----A---- C:\WINDOWS\CMISETUP.INI
2008-12-11 20:08:39 ----A---- C:\WINDOWS\CMCDPLAY.INI
2008-12-11 20:06:39 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Macromedia
2008-12-11 20:06:38 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Adobe
2008-12-11 20:05:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2008-12-11 20:05:36 ----D---- C:\Program Files\Google
2008-12-11 20:04:46 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-11 20:04:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-11 20:04:07 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-11 20:01:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-11 20:01:21 ----SHD---- C:\WINDOWS\Installer
2008-12-11 20:01:19 ----D---- C:\Program Files\Common Files\ODBC
2008-12-11 20:01:19 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-11 20:01:12 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-11 20:01:11 ----RD---- C:\Program Files
2008-12-11 20:01:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-11 20:01:11 ----D---- C:\Program Files\Common Files
2008-12-11 20:01:01 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-11 20:00:59 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-11 20:00:59 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-11 20:00:53 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-11 20:00:52 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-11 20:00:51 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-11 20:00:51 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-11 20:00:51 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-11 20:00:51 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-11 20:00:51 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-11 20:00:47 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-11 20:00:47 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-11 20:00:47 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-11 20:00:47 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-11 20:00:46 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-11 20:00:46 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-11 20:00:46 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-11 20:00:43 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-11 20:00:42 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-11 20:00:42 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-11 20:00:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-11 20:00:42 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdsl.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdro.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdpl.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdhu.dll
2008-12-11 20:00:32 ----A---- C:\WINDOWS\system32\kbdcr.dll
2008-12-11 20:00:31 ----A---- C:\WINDOWS\system32\kbdycl.dll
2008-12-11 20:00:31 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-11 20:00:29 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-11 20:00:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-11 20:00:28 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-11 20:00:28 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-11 20:00:27 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-11 20:00:21 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-11 20:00:21 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-11 20:00:19 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-11 20:00:19 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-11 20:00:17 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-11 20:00:01 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2008-12-11 19:58:16 ----RA---- C:\WINDOWS\SET8.tmp
2008-12-11 19:58:09 ----RA---- C:\WINDOWS\SET4.tmp
2008-12-11 19:58:06 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-11 19:57:56 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-11 19:57:56 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-11 19:57:49 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2008-12-11 19:57:10 ----D---- C:\Documents and Settings
2008-12-11 19:57:09 ----SHD---- C:\System Volume Information
2008-12-11 19:49:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-11 19:49:36 ----RSD---- C:\WINDOWS\Fonts
2008-12-11 19:49:36 ----RD---- C:\WINDOWS\Web
2008-12-11 19:49:36 ----HD---- C:\WINDOWS\inf
2008-12-11 19:49:36 ----D---- C:\WINDOWS\WinSxS
2008-12-11 19:49:36 ----D---- C:\WINDOWS\twain_32
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\wins
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\wbem
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\usmt
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\spool
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\Setup
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\ras
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\oobe
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\npp
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\mui
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\IME
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\icsxml
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\ias
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\export
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\drivers
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\dhcp
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\config
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\3076
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\2052
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1054
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1042
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1041
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1037
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1033
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1031
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1029
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1028
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32\1025
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system32
2008-12-11 19:49:36 ----D---- C:\WINDOWS\system
2008-12-11 19:49:36 ----D---- C:\WINDOWS\security
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Resources
2008-12-11 19:49:36 ----D---- C:\WINDOWS\repair
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Provisioning
2008-12-11 19:49:36 ----D---- C:\WINDOWS\pchealth
2008-12-11 19:49:36 ----D---- C:\WINDOWS\PeerNet
2008-12-11 19:49:36 ----D---- C:\WINDOWS\mui
2008-12-11 19:49:36 ----D---- C:\WINDOWS\msapps
2008-12-11 19:49:36 ----D---- C:\WINDOWS\msagent
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Media
2008-12-11 19:49:36 ----D---- C:\WINDOWS\java
2008-12-11 19:49:36 ----D---- C:\WINDOWS\ime
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Help
2008-12-11 19:49:36 ----D---- C:\WINDOWS\ehome
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Driver Cache
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Debug
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Cursors
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Connection Wizard
2008-12-11 19:49:36 ----D---- C:\WINDOWS\Config
2008-12-11 19:49:36 ----D---- C:\WINDOWS\AppPatch
2008-12-11 19:49:36 ----D---- C:\WINDOWS\addins
2008-12-11 19:49:36 ----D---- C:\WINDOWS
2008-12-11 19:35:24 ----D---- C:\Documents and Settings\uzivatel\Data aplikací\Identities
2008-12-11 19:35:20 ----HD---- C:\Program Files\Uninstall Information
2008-12-11 19:35:00 ----ASH---- C:\Documents and Settings\uzivatel\Data aplikací\desktop.ini
2008-12-11 19:34:59 ----SD---- C:\Documents and Settings\uzivatel\Data aplikací\Microsoft
2008-12-11 19:32:47 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-11 19:32:36 ----D---- C:\WINDOWS\Prefetch
2008-12-11 19:32:35 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-11 19:32:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-11 19:23:57 ----D---- C:\WINDOWS\system32\xircom
2008-12-11 19:23:57 ----D---- C:\Program Files\xerox
2008-12-11 19:23:57 ----D---- C:\Program Files\microsoft frontpage
2008-12-11 19:22:55 ----A---- C:\WINDOWS\control.ini
2008-12-11 19:22:55 ----A---- C:\AUTOEXEC.BAT
2008-12-11 19:22:15 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-11 19:19:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-11 19:19:20 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-11 19:19:20 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-11 19:19:02 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-11 19:18:49 ----HD---- C:\Program Files\WindowsUpdate
2008-12-11 19:18:40 ----D---- C:\Program Files\Online Services
2008-12-11 19:17:54 ----D---- C:\WINDOWS\system32\DirectX
2008-12-11 19:17:09 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-11 19:17:04 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-11 19:17:04 ----A---- C:\WINDOWS\desktop.ini
2008-12-11 19:16:48 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-11 19:16:45 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-11 19:16:44 ----D---- C:\Program Files\Common Files\Services
2008-12-11 19:16:37 ----SD---- C:\WINDOWS\Tasks
2008-12-11 19:16:37 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-11 19:16:36 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-11 19:16:27 ----D---- C:\WINDOWS\srchasst
2008-12-11 19:16:26 ----D---- C:\WINDOWS\system32\Macromed
2008-12-11 19:16:19 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-11 19:16:19 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-11 19:16:19 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-11 19:16:19 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-11 19:16:19 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-11 19:16:18 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-11 19:16:17 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-11 19:16:17 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-11 19:16:05 ----D---- C:\Program Files\Movie Maker
2008-12-11 19:15:57 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-11 19:15:57 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-11 19:15:57 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-11 19:15:57 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-11 19:15:51 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-11 19:15:51 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-11 19:15:50 ----D---- C:\WINDOWS\system32\Restore
2008-12-11 19:15:50 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-11 19:15:50 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-11 19:15:50 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-11 19:15:49 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-11 19:15:49 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-11 19:15:49 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-11 19:15:48 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-11 19:15:48 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-11 19:15:47 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-11 19:15:42 ----D---- C:\Program Files\NetMeeting
2008-12-11 19:15:42 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-11 19:15:42 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-11 19:15:40 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-11 19:15:39 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-11 19:15:36 ----D---- C:\Program Files\Outlook Express
2008-12-11 19:15:36 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-11 19:15:36 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-11 19:15:35 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-11 19:15:34 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-11 19:15:33 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-11 19:15:33 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-11 19:15:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-11 19:15:18 ----D---- C:\Program Files\Common Files\System
2008-12-11 19:15:16 ----D---- C:\Program Files\Internet Explorer
2008-12-11 19:13:35 ----D---- C:\Program Files\ComPlus Applications
2008-12-11 19:13:31 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-11 19:13:31 ----A---- C:\WINDOWS\vb.ini
2008-12-11 19:13:22 ----D---- C:\WINDOWS\Registration
2008-12-11 19:13:07 ----D---- C:\Program Files\Windows Media Player
2008-12-11 19:12:54 ----D---- C:\Program Files\Messenger
2008-12-11 19:12:42 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-11 19:12:42 ----A---- C:\WINDOWS\system32\write.exe
2008-12-11 19:12:22 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-11 19:12:22 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-11 19:12:21 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-11 19:12:21 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-11 19:12:21 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-11 19:12:18 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-11 19:12:01 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-11 19:12:00 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-11 19:12:00 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-11 19:11:58 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-11 19:11:58 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-11 19:11:57 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-11 19:11:57 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-11 19:11:57 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-11 19:11:57 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-11 19:11:57 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-11 19:11:56 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-11 19:11:55 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-11 19:11:55 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-11 19:11:55 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-11 19:11:55 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-11 19:11:55 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-11 19:11:53 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-11 19:11:52 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-11 19:11:48 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-11 19:11:48 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-11 19:11:48 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-11 19:11:48 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-11 19:11:47 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-11 19:11:47 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-11 19:11:47 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-11 19:11:47 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-11 19:11:37 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-11 19:11:35 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-11 19:11:34 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-11 19:11:34 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-11 19:11:33 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-11 19:11:32 ----D---- C:\Program Files\Windows NT
2008-12-11 19:11:32 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-11 19:11:32 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-11 19:11:31 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-11 19:11:30 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-11 19:11:30 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-11 19:11:29 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-11 19:11:28 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-11 19:11:27 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-11 19:11:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-11 19:11:27 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-11 19:11:27 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-11 19:11:26 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-11 19:11:25 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-11 19:11:25 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-11 19:11:25 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-11 19:11:22 ----D---- C:\WINDOWS\system32\Com
2008-12-11 19:11:22 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-11 19:11:22 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-11 19:11:21 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-11 19:11:21 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-11 19:11:18 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-11 19:11:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-11 19:11:15 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-11 19:11:15 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-11 19:10:59 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-11 19:10:59 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-11 19:10:59 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-11 19:10:58 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2008-12-11 20:01:09 ----A---- C:\WINDOWS\system.ini
2008-12-11 19:22:55 ----A---- C:\WINDOWS\win.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
R3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2001-10-30 280782]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 S3SavageNB;S3SavageNB; C:\WINDOWS\system32\DRIVERS\s3gnbm.sys [2004-08-03 166912]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-04 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S1 ethefttp;ethefttp; C:\WINDOWS\system32\drivers\ethefttp.sys [2008-12-11 135808]
S2 acpi32;acpi32; \??\C:\WINDOWS\system32\drivers\acpi32.sys []
S2 amd64si;amd64si; \??\C:\WINDOWS\system32\drivers\amd64si.sys []
S2 ati64si;ati64si; \??\C:\WINDOWS\system32\drivers\ati64si.sys []
S2 fips32cup;fips32cup; \??\C:\WINDOWS\system32\drivers\fips32cup.sys []
S2 i386si;i386si; \??\C:\WINDOWS\system32\drivers\i386si.sys []
S2 ksi32sk;ksi32sk; \??\C:\WINDOWS\system32\drivers\ksi32sk.sys []
S2 netsik;netsik; \??\C:\WINDOWS\system32\drivers\netsik.sys []
S2 port135sik;port135sik; \??\C:\WINDOWS\system32\drivers\port135sik.sys []
S2 systemntmi;systemntmi; \??\C:\WINDOWS\system32\drivers\systemntmi.sys []
S2 ws2_32sik;ws2_32sik; \??\C:\WINDOWS\system32\drivers\ws2_32sik.sys []
S3 BTNetFilter;Bluetooth Network Filter; \??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\uzivatel\LOCALS~1\Temp\catchme.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-24 85969]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-12-06 73728]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-11 138168]
S3 PSEXESVC;PsExec; C:\WINDOWS\PSEXESVC.EXE [2008-12-22 53248]

-----------------EOF-----------------

[jaro3]

Stahni jsi Avanger
do nej podle navodu: http://www.viry.cz/forum/viewtopic.php?t=19832%20.
zadej prikaz z kodu:

Kód: Vybrat vše

Files to delete:
C:\WINDOWS\SET8.tmp
C:\WINDOWS\SET4.tmp
C:\WINDOWS\SET3.tmp
C:\WINDOWS\vb.ini
C:\WINDOWS\jraygcwp.exe

Registry to delete:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0

Po restartu pošli z avengera log co na tebe vybafne+nový log z hijackthis( viz pozn.)
Toto otestuj na Virustotal
C:\WINDOWS\PSEXESVC.EXE
C:\WINDOWS\SWXCACLS.exe
C:\WINDOWS\SWSC.exe
C:\WINDOWS\system32\ils.dll
Vlož sem pak výsledky.
Pozn.:
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:

Kód: Vybrat vše

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O4 - HKCU\..\Run: [jraygcwp.exe] C:\WINDOWS\jraygcwp.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE

Pokud se Ti potom povede rozjet ComboFixu , tak sem dej i log z něho.

[hadic]

Tak CF se mi nepodaril rizjet a uz asi vim proc. taky se zahadne resetuje ale hned nazacatku ale nekde v testu. neni to totiz reset jako ze se vsechno povypina a zase pozapina ale tvrdej reset jako kdybych zmacknul tlacitko dal tu mas ty dva logy:

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\WINDOWS\SET8.tmp" deleted successfully.
File "C:\WINDOWS\SET4.tmp" deleted successfully.
File "C:\WINDOWS\SET3.tmp" deleted successfully.
File "C:\WINDOWS\vb.ini" deleted successfully.

Error: file "C:\WINDOWS\jraygcwp.exe" not found!
Deletion of file "C:\WINDOWS\jraygcwp.exe" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: file "Registry to delete:" not found!
Deletion of file "Registry to delete:" failed!
Status: 0xc0000034 (STATUS_OBJECT_NAME_NOT_FOUND)
--> the object does not exist


Error: could not open file "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0"
Deletion of file "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0" failed!
Status: 0xc000003a (STATUS_OBJECT_PATH_NOT_FOUND)
--> bad path / the parent directory does not exist


Completed script processing.

*******************

Finished! Terminate.


Logfile of HijackThis v1.99.1
Scan saved at 13:26, on 2008-12-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\uzivatel\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{A091EFBB-D800-4A6A-87C8-E98D764C5AFF}: NameServer = 192.168.124.1
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE

[jaro3]

Co ty soubory na VirusTotal?

[hadic]

jej, na to sem uplne zapomel...

http://www.virustotal.com/cs/analisis/2 ... 5d1916bca4
http://www.virustotal.com/cs/analisis/3 ... 25faf58e8b
http://www.virustotal.com/cs/analisis/4 ... 1e3bcbb0a1
http://www.virustotal.com/cs/analisis/9 ... 302db28afe

[jaro3]

Script Avenger:

Kód: Vybrat vše

Files to delete:
C:\WINDOWS\SWXCACLS.exe

log z Avengeru.
+ log z HJT novější verze 2.0.2:
http://www.trendsecure.com/portal/en-US ... ckThis.exe

vyčisti systém CCleanerem
viewtopic.php?t=5130
a RegCleanerem
http://www.pcpomocnik.cz/c/softwarova-u ... leaner.htm
Zítra..

[hadic]

Tak doslo na nejhorsi scenar kdyz se pokusim zapnout jakejkoliv .exe soubor tak hned reset. Kdyz sem pred spustenim win zakazal reset pri problemu tak to hazelo modrou smrt... Neni mozny aby si nakej xindl pamatoval mou ip a furt tam posilal bordel? Pac se mi zda ze cimdal castejc formatuju disk...

PS: tohle sem nepatri ale neexistuje program kterej by dokazal precist vsechno ze vseho? Mam na mysli treba firmware mobilu, mp3, atd. Potreboval bych prelozit 2 cinsky mobily do cestiny a casem i naky prehravace...

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u
vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš>spustíš
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found, pak klik empty selected.
Pokud chceš zachovat svoje uložená hesla, klikni na No.

Podle mě by tam nákaza být už neměla, otázkou je zda je Tvoje adresa, mail někde na netu na zasílání spamů. proti tomu není žádná ochrana, jen mazat...
Měl jsem před časem taky problém, tak jsem to mazal , neodpovídal a tak za 3-4 měsíce to přestalo.
Chtělo by to opravit( windows) třeba pomocí XPManageru nebo opravnou konzolí, systém je zřejmě poškozen.
Můžeš zkusit i toto:
Stáhni si Dial-a-fix
Klikni na kladívko-další možnosti:
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).
Klikni na službu a poté na GO.

Ohledně čínštiny nemohu sloužit, myslím zde na fóru X se zajímá o japonštinu, můžeš zadat téma do sekce vše ostatní.

[hadic]

Tak jsem dnes rano udelal format. Ne kuli tne virum - ty bys asi jak koukam vyresil ale nebylo misto na rozbaleni hry. Stazena zabalena ma 2.5gb a rozbalena 3gb ale ty 3gb uz na hdd nenajdu tak sem musel preinstit PC. ted sem si uz hru rozbalil a jdu hrat Diky ti za pomoc ale bylo to nevyhnutelny kuli tomu mistu (to sem si ale driv neuvedomil...)