Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

kontrola logu

#1 Příspěvek od [ACze]miky »

Dobrý večer, už po několikáté se mi sám od sebe restartoval počítač. Hned jak sem ho zapnul, tak v nástroji pro konfiguraci systému jsem měl nějaký proces pod názvem " dumprep 0 -k " . Po chvilce se mi pc znovu restartovalo. Po opětovném zapnutí jsem tam měl opět ten proces a když jsem ho vypnul, tak se mi pc už nerestartovalo. Nejspíš mám v pc ale mnohem více havěti, jelikož mám furt ty problémy s přihlašováním atd. Prosil bych o nějakou radu pro vyčištění veškeré havěti.

log z RSIT:


Logfile of random's system information tool 1.09 (written by random/random)
Run by matmik at 2011-10-28 18:29:19
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (26%) free of 20 GB
Total RAM: 3070 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:29:24, on 28.10.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
D:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Documents and Settings\matmik\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\audio svms\RSIT.exe
C:\Program Files\trend micro\matmik.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - Global Startup: avast! Free Antivirus.lnk = C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - D:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files\Common Files\Desura\desura_service.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hyperdesk Theme Enabler (HdThemeEnabler) - The Skins Factory, Inc. - C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NMSAccessU - Unknown owner - D:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: Služba Windows Media Player Network Sharing (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9282 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\UpdateCheck.job
C:\WINDOWS\tasks\WGASetup.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.cz"
prefs.js - "extensions.enabledItems" - "wrc@avast.com:6.0.1289, ffxtlbr@babylon.com:1.1.3, engine@conduit.com:3.3.3.2, plugin@gameplaylabs.com:1.0, {75656794-AB59-4712-BFBC-5D816D56F3BC}:1.1.6, jqs@sun.com:1.0, {AA994882-F391-4d2e-806F-8908DA4814ED}:2.11.19, {37b1d48c-6e0a-dfe8-8a74-05116b74c806}:4.6.6.3, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.3.3.2, {C8431CD2-C25A-45F3-BEA9-A9103C31409A}:1.0, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.16"

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=D:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=D:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=D:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2027]
"Description"=RealMedia Plugin
"Path"=D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1040]
"Description"=6.0.12.1040
"Path"=D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

D:\Program Files\Mozilla Firefox\extensions\
{37b1d48c-6e0a-dfe8-8a74-05116b74c806}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{C8431CD2-C25A-45F3-BEA9-A9103C31409A}

D:\Program Files\Mozilla Firefox\components\
aboutCertError.js
aboutPrivateBrowsing.js
aboutRights.js
aboutRobots.js
aboutSessionRestore.js
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsHandlerService.js
nsHelperAppDlg.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPostUpdateWin.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

D:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeploytk.dll
npnul32.dll
NPOFFICE.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

D:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
jookz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default\extensions\
engine@conduit.com
ffxtlbr@babylon.com
plugin@gameplaylabs.com
{20a82645-c095-46ed-80e3-08825760534b}
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
{AA994882-F391-4d2e-806F-8908DA4814ED}

C:\Documents and Settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default\searchplugins\
askcom.xml
conduit.xml
icqplugin-1.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin.xml
Search.xml
sweetim.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-09-23 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-17 305328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll [2011-06-28 1007160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-11 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\HyperCam Toolbar\tbcore3.dll [2010-02-16 2495488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-08-17 305328]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"avast"=D:\Program Files\AVAST Software\Avast\avastUI.exe [2011-09-06 3722416]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
D:\Program Files\Desura\desura.exe [2011-06-11 2482496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\WINDOWS\FixCamera.exe [2007-02-12 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Game Fire]
C:\Program Files\Smart PC Utilities\Game Fire\GFTray.exe [2011-03-08 46592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\WINDOWS\system32\qttask.exe [2008-06-29 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2010-12-30 19972712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
C:\WINDOWS\vsnp325.exe [2006-10-10 827392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-04-16 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp325]
C:\WINDOWS\tsnp325.exe [2006-10-10 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ImageMixer 3 SE Camera Monitor for SD.lnk]
D:\PROGRA~1\PIXELA\IMAGEM~1\CAMERA~1.EXE [2010-03-30 253952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^BluetoothPCDialer.lnk]
D:\PROGRA~1\BLUETO~1\BLUETO~1.EXE [2005-11-29 266240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
C:\PROGRA~1\OPENOF~1.3\program\QUICKS~1.EXE [2007-09-11 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
D:\PROGRA~1\Xfire\xfire.exe [2011-02-26 3502992]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
avast! Free Antivirus.lnk - C:\Program Files\Alwil Software\Avast5\AvastUI.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-07-28 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll [2005-01-31 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-06-19 312112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~1\COMMON~1\Stardock\MCPCore.dll [2005-05-10 86016]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\Documents and Settings\matmik\Plocha\bittorrent.exe"="D:\Documents and Settings\matmik\Plocha\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"D:\Program Files\Steam\Steam.exe"="D:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\uTorrent\uTorrent.exe"="D:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\Team JPN\SpiderMan Web of Shadows\image\pc\Spider-Man Web of Shadows.exe"="D:\Program Files\Team JPN\SpiderMan Web of Shadows\image\pc\Spider-Man Web of Shadows.exe:*:Enabled:Spider-Man(R) - Web of Shadows(TM) "
"D:\Program Files\ICQ7.2\ICQ.exe"="D:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Program Files\ICQ7.2\aolload.exe"="D:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"D:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe"="D:\Program Files\Steam\steamapps\common\zero gear\Server\ZeroGearServer.exe:*:Enabled:ZeroGearServer"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"D:\Program Files\Valve\csstrike\hl.exe"="D:\Program Files\Valve\csstrike\hl.exe:*:Enabled:Half-Life Launcher"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\Xfire\xfire.exe"="D:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"D:\Program Files\Steam\steamapps\common\aliens vs predator dedicated server\AvP_CLI.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator dedicated server\AvP_CLI.exe:*:Enabled:Aliens vs Predator Dedicated Server"
"D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"D:\Program Files\LucasArts\KotF Jedi Academy Expansion Pack\GameData\jamp.exe"="D:\Program Files\LucasArts\KotF Jedi Academy Expansion Pack\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"D:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe"="D:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"D:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\EoC-S-EDed.exe"="D:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\EoC-S-EDed.exe:*:Enabled:Jedi Academy MP Dedicated Server"
"D:\Documents and Settings\matmik\Dokumenty\Downloads\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\ACBSP.exe"="D:\Documents and Settings\matmik\Dokumenty\Downloads\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\ACBSP.exe:*:Enabled:ACBSP"
"D:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"D:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="D:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"D:\Program Files\Electronic Arts\Medal of Honor\Binaries\moh.exe"="D:\Program Files\Electronic Arts\Medal of Honor\Binaries\moh.exe:*:Enabled:Medal of Honor™"
"D:\Program Files\EA GAMES\BFP4f.exe"="D:\Program Files\EA GAMES\BFP4f.exe:*:Enabled:BFP4f"
"D:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat"="D:\Program Files\Steam\steamapps\common\zero gear\ZeroGear.bat:*:Enabled:Zero Gear Demo"
"D:\Program Files\Steam\steamapps\common\call of juarez - bound in blood sp demo\CoJBiBDemo_x86.exe"="D:\Program Files\Steam\steamapps\common\call of juarez - bound in blood sp demo\CoJBiBDemo_x86.exe:*:Enabled:Call of Juarez: Bound in Blood Demo"
"D:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe"="D:\Program Files\Activision\Call of Duty - Black Ops\BlackOps.exe:*:Enabled:BlackOps"
"D:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe"="D:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe:*:Enabled:Call of Duty: Modern Warfare 2"
"D:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe"="D:\Program Files\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:Call of Duty: Modern Warfare 2 - Multiplayer"
"D:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="D:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\Program Files\Fox\Aliens vs. Predator 2\lithtech.exe"="D:\Program Files\Fox\Aliens vs. Predator 2\lithtech.exe:*:Enabled:Client"
"D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP_Launcher.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP_Launcher.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP_DX11.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP_DX11.exe:*:Enabled:Aliens vs. Predator"
"D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP.exe"="D:\Program Files\Steam\steamapps\common\aliens vs predator\AvP.exe:*:Enabled:Aliens vs. Predator"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\ICQ7.2\ICQ.exe"="D:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"D:\Program Files\ICQ7.2\aolload.exe"="D:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=D:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"msacm.lameacm"=D:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"vidc.div3"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"msacm.divxa32"=D:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"vidc.dv25"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.dv50"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.msmc"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mmjp"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx1"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx2"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx3"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx4"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx5"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx6"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx7"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx8"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mtx9"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.mmes"=D:\PROGRA~1\ACEMEG~1\SystemS\Matrox\DigiVCap.dll
"vidc.xvid"=D:\PROGRA~1\ACEMEG~1\SystemS\XviD\xvidvfw.dll
"VIDC.XFR1"=xfcodec.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FPS1"=frapsvid.dll
"msacm.lhacm"=lhacm.acm
"msacm.vorbis"=vorbis.acm
"VIDC.CFHD"=CFHD.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 1 month======

2011-10-28 18:29:19 ----D---- C:\rsit
2011-10-20 14:13:20 ----D---- C:\WINDOWS\Prefetch
2011-10-20 14:07:58 ----A---- C:\WINDOWS\setuplog.txt
2011-10-20 14:06:50 ----D---- C:\WINDOWS\ServicePackFiles
2011-10-20 14:06:49 ----D---- C:\WINDOWS\network diagnostic
2011-10-20 14:06:29 ----A---- C:\WINDOWS\000001_.tmp
2011-10-17 15:36:04 ----D---- C:\Avenger
2011-10-17 15:36:04 ----A---- C:\avenger.txt
2011-10-14 17:38:06 ----SHD---- C:\RECYCLER
2011-10-14 15:44:04 ----SHD---- C:\WINDOWS\CSC
2011-10-13 20:30:47 ----D---- C:\Documents and Settings\matmik\Data aplikací\Skinux
2011-10-13 20:25:37 ----D---- C:\Program Files\The Skins Factory
2011-10-13 06:48:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-10-13 06:33:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-10-13 06:32:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-10-13 06:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2586448$
2011-10-04 15:52:33 ----ASH---- C:\pagefile.sys
2011-09-30 14:51:55 ----D---- C:\Documents and Settings\matmik\Data aplikací\AVI ReComp

======List of files/folders modified in the last 1 month======

2011-10-28 18:29:24 ----D---- C:\Program Files\trend micro
2011-10-28 18:29:01 ----D---- C:\WINDOWS\Temp
2011-10-28 18:25:40 ----RSH---- C:\boot.ini
2011-10-28 18:25:40 ----A---- C:\WINDOWS\win.ini
2011-10-28 18:25:40 ----A---- C:\WINDOWS\system.ini
2011-10-28 18:25:04 ----AD---- C:\WINDOWS
2011-10-28 18:17:38 ----D---- C:\Documents and Settings\matmik\Data aplikací\Skype
2011-10-28 17:21:43 ----D---- C:\Documents and Settings\matmik\Data aplikací\Vso
2011-10-28 17:21:42 ----AC---- C:\WINDOWS\NeroDigital.ini
2011-10-28 17:14:55 ----D---- C:\Documents and Settings\matmik\Data aplikací\skypePM
2011-10-27 10:58:08 ----D---- C:\Documents and Settings\matmik\Data aplikací\Adobe
2011-10-27 10:58:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-10-27 08:42:41 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-10-27 08:42:38 ----D---- C:\WINDOWS\system32\CatRoot2
2011-10-27 08:38:50 ----DC---- C:\WINDOWS\system32\dllcache
2011-10-27 08:38:42 ----D---- C:\WINDOWS\system32\drivers
2011-10-27 08:38:42 ----D---- C:\WINDOWS\system32
2011-10-27 08:38:39 ----D---- C:\WINDOWS\inf
2011-10-23 16:49:28 ----SHD---- C:\WINDOWS\Installer
2011-10-23 11:18:37 ----D---- C:\WINDOWS\system32\CatRoot
2011-10-23 08:23:45 ----D---- C:\Program Files\Messenger
2011-10-23 08:23:44 ----HD---- C:\WINDOWS\$hf_mig$
2011-10-20 14:16:02 ----D---- C:\WINDOWS\Debug
2011-10-20 14:15:59 ----D---- C:\Program Files\Windows Media Player
2011-10-20 14:14:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2011-10-20 14:11:27 ----D---- C:\WINDOWS\security
2011-10-20 14:07:40 ----D---- C:\WINDOWS\Help
2011-10-20 14:07:40 ----D---- C:\WINDOWS\ehome
2011-10-20 14:06:49 ----D---- C:\WINDOWS\system32\oobe
2011-10-16 18:38:34 ----D---- C:\Program Files\Common Files\Stardock
2011-10-16 18:38:22 ----D---- C:\Program Files\Team17
2011-10-16 18:33:32 ----HD---- C:\Program Files\InstallShield Installation Information
2011-10-16 18:28:17 ----D---- C:\WINDOWS\system32\config
2011-10-14 18:10:54 ----AC---- C:\WINDOWS\system32\PnkBstrB.exe
2011-10-14 17:41:15 ----D---- C:\Program Files
2011-10-14 17:28:52 ----D---- C:\WINDOWS\Minidump
2011-10-14 17:26:31 ----SHD---- C:\System Volume Information
2011-10-14 17:26:31 ----D---- C:\WINDOWS\system32\Restore
2011-10-14 15:25:05 ----D---- C:\WINDOWS\system32\drivers\etc
2011-10-14 15:19:34 ----D---- C:\WINDOWS\AppPatch
2011-10-14 15:19:31 ----D---- C:\Program Files\Common Files
2011-10-14 15:05:56 ----D---- C:\Documents and Settings\matmik\Data aplikací\uTorrent
2011-10-14 13:26:39 ----D---- C:\WINDOWS\Microsoft.NET
2011-10-14 13:26:07 ----RSD---- C:\WINDOWS\assembly
2011-10-13 06:47:39 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-10-13 06:47:15 ----D---- C:\WINDOWS\WinSxS
2011-10-13 06:33:21 ----AC---- C:\WINDOWS\system32\MRT.exe
2011-10-12 18:48:09 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2011-10-11 18:32:12 ----ACT---- C:\WINDOWS\system32\SIntfNT.dll
2011-10-11 18:32:12 ----ACT---- C:\WINDOWS\system32\SIntf32.dll
2011-10-11 18:32:12 ----ACT---- C:\WINDOWS\system32\SIntf16.dll
2011-10-07 16:23:54 ----D---- C:\Documents and Settings\matmik\Data aplikací\ICQ
2011-09-30 15:29:46 ----D---- C:\Documents and Settings\matmik\Data aplikací\vlc

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d347bus;d347bus; C:\WINDOWS\system32\DRIVERS\d347bus.sys [2004-08-22 155136]
R0 d347prt;d347prt; C:\WINDOWS\System32\Drivers\d347prt.sys [2004-08-22 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\system32\DRIVERS\PxHelp20.sys [2007-03-08 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-09-06 30808]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-09-06 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-09-06 442200]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-09-06 320856]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-09-06 52568]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-09-05 232512]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\D:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [2002-07-17 16877]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-09-06 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-09-06 110552]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2010-01-27 50704]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-07-29 7084544]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-18 95232]
R3 ElbyCDFL;ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [2007-02-16 34760]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-12-30 6290024]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NTProcDrv;Process creation detector for NT.; \??\C:\WINDOWS\TEMP\drv1.tmp []
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-13 47360]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2006-08-15 83200]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CFcatchme;CFcatchme; \??\C:\DOCUME~1\matmik\LOCALS~1\Temp\CFcatchme.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\matmik\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 CrystalSysInfo;CrystalSysInfo; \??\D:\Program Files\MediaCoder\SysInfo.sys []
S3 FINEPIX_PCC;FinePix Digital Camera 030617; C:\WINDOWS\System32\Drivers\V4CB0131.SYS [2002-05-07 81700]
S3 GMSIPCI;GMSIPCI; C:\WINDOWS\system32\drivers\GMSIPCI.sys []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-02-07 17480]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-11-01 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-11-01 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-21 21568]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-07-28 643072]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-09-06 44768]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 HdThemeEnabler;Hyperdesk Theme Enabler; C:\Program Files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe [2008-07-21 106496]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-11 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 NMSAccessU;NMSAccessU; D:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-10-12 75136]
R2 UserAccess7;SecuROM User Access Service (V7); C:\WINDOWS\system32\UAService7.exe [2008-05-02 126976]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2010-02-10 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-25 135664]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-12-15 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Desura Install Service;Desura Install Service; C:\Program Files\Common Files\Desura\desura_service.exe [2011-06-11 130368]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-04-19 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-25 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-03-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\wmpnetwk.exe []
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#2 Příspěvek od [ACze]miky »

2. část logu RSIT:


info.txt logfile of random's system information tool 1.09 2011-10-28 18:29:27

======Uninstall list======

-->D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent-->"D:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
184691-->MsiExec.exe /X{79D085FB-2960-47A3-BDA0-321F22A43989}
1989-->MsiExec.exe /X{AF05C9CC-A32A-484A-AF4D-AD5CAFEA34DE}
32 Bit HP CIO Components Installer-->MsiExec.exe /I{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}
Adobe After Effects 7.0-->msiexec /I {DD362256-A7A2-4524-9457-213DDC2AFC2A}
Adobe After Effects CS3 Presets-->MsiExec.exe /I{4B215C29-1A3E-4736-92AA-10C83FA56EB9}
Adobe After Effects CS3-->C:\Program Files\Common Files\Adobe\Installers\b7dd24a87e82dcf8af8876fd727b7cf\Setup.exe
Adobe After Effects CS4 Third Party Content-->C:\Program Files\Common Files\Adobe\Installers\5aab5a491a3a52ae624fd639f6aaa95\Setup.exe --uninstall=1
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe After Effects CS4-->C:\Program Files\Common Files\Adobe\Installers\3dcb365ab9e01871fb8c6f27b0ea079\Setup.exe --uninstall=1
Adobe After Effects CS4-->MsiExec.exe /I{45EC816C-0771-4C14-AE6D-72D1B578F4C8}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0-->MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Color Video Profiles AE CS4-->MsiExec.exe /I{B15381DD-FF97-4FCD-A881-ED4DB0975500}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /Get1
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe ExtendScript Toolkit 1.0-->MsiExec.exe /I{B74D4E10-0000-0000-0000-EDED00000102}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10t_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10t_Plugin.exe -maintain plugin
Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe MotionPicture Color Files CS4-->MsiExec.exe /I{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}
Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}
Adobe Reader 9.4.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A94000000001}
Adobe Setup-->MsiExec.exe /I{2C294A0B-DF22-4023-B168-8C7645B10019}
Adobe Setup-->MsiExec.exe /I{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{8EB8E60B-315D-44EB-A896-10D88602EE46}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Shockwave Player-->C:\WINDOWS\system32\Adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP DVA Panels CS3-->MsiExec.exe /I{0224CACC-994D-45F8-B973-D65056EA9C2F}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace zabezpečení pro Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2416400)-->"C:\WINDOWS\$NtUninstallKB2416400$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2482017)-->"C:\WINDOWS\$NtUninstallKB2482017$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2497640)-->"C:\WINDOWS\$NtUninstallKB2497640$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2530548)-->"C:\WINDOWS\$NtUninstallKB2530548$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544521)-->"C:\WINDOWS\$NtUninstallKB2544521$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2559049)-->"C:\WINDOWS\$NtUninstallKB2559049$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2586448)-->"C:\WINDOWS\$NtUninstallKB2586448$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"
Aliens vs Predator Dedicated Server-->"D:\Program Files\Steam\steam.exe" steam://uninstall/34120
Aliens vs. Predator 2 Tools-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{47D511E4-CF3F-45D4-90A0-B02E086A889C}\Setup.exe"
Aliens vs. Predator 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3EF79591-BF16-4CF8-8FF0-D8AD968228B1}\Setup.exe"
Aliens vs. Predator-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10680
Allied Intent Xtended 2.0-->d:\Program Files\EA GAMES\Battlefield 2\AIXuninstaller.exe
Amazon MP3 Downloader 1.0.3-->D:\Program Files\Amazon\MP3 Downloader\Uninstall.exe
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
AMD Fusion for Gaming 1.0-->MsiExec.exe /I{83F81F91-7BE9-44D1-98AF-2B87E0B8710C}
AML Free Registry Cleaner 4.21-->"D:\Program Files\AML Products\Registry Cleaner\unins000.exe"
Ashampoo WinOptimizer 8 v.8.04-->"C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\unins000.exe"
ASIO4ALL-->D:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
ATI Catalyst Registration-->MsiExec.exe /X{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}
ATI HYDRAVISION-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe"
ATI Parental Control & Encoder-->MsiExec.exe /I{36CDA33B-909B-4719-97D1-C4B99309BDC7}
ATI Problem Report Wizard-->MsiExec.exe /X{5DA6F06A-B389-407B-BF8C-1548767914D8}
avast! Free Antivirus-->D:\Program Files\AVAST Software\Avast\aswRunDll.exe "D:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
AVI ReComp 1.5.1-->D:\Program Files\AVI ReComp\Uninstall.exe
AviSynth 2.5-->"D:\Program Files\AviSynth 2.5\Uninstall.exe"
AVIVO Codecs-->MsiExec.exe /X{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}
Babylon toolbar-->"C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe"
Balíček ovladače systému Windows - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_272AB57A055A98BD494E3A7FDA0E8216ECE25347\amdk8.inf
BATMAN VENGEANCE-->C:\WINDOWS\UbiSoft\SetupUbi.exe -uninstall BATMAN VENGEANCE
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BFSimulator-->MsiExec.exe /I{313D3F56-93B7-4148-9435-F8FC660F81AD}
Bionicle Bohrok Swarm-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE904E59-2144-11D6-AD90-00B0D03E862E}\Setup.exe" -l0x5
BitTorrent Acceleration Patch-->C:\Program Files\BitTorrent Acceleration Patch\uninstall.exe
black12-->MsiExec.exe /X{29FDDE76-CFDA-4891-BEEB-3AB04AB52841}
Bluetooth PC Dialer-->MsiExec.exe /I{4E526F25-8B1F-46AA-B50C-BBDA00EDFF66}
BS.Player ControlBar-->C:\Program Files\BS.Player ControlBar\uninst.exe
Bulletstorm Demo-->"D:\Program Files\Steam\steam.exe" steam://uninstall/99870
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch-->C:\Program Files\InstallShield Installation Information\{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch-->C:\Program Files\InstallShield Installation Information\{931C37FC-594D-43A9-B10F-A2F2B1F03498}\setup.exe -runfromtemp -l0x0409
Call of Duty(R) 4 - Modern Warfare(TM)-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409
Call of Duty: Black Ops-->"D:\Program Files\Activision\Call of Duty - Black Ops\unins000.exe"
Call of Duty: Modern Warfare 2 - Multiplayer-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10190
Call of Duty: Modern Warfare 2-->"D:\Program Files\Steam\steam.exe" steam://uninstall/10180
Call of Duty-->D:\PROGRA~1\CALLOF~1\Uninstall\Unwise.exe /u D:\PROGRA~1\CALLOF~1\Uninstall\Install.log
Call of Juarez: Bound in Blood Demo-->"D:\Program Files\Steam\steam.exe" steam://uninstall/33290
Carambis Driver Updater-->MsiExec.exe /X{542068F1-9AAE-4E1B-8ACA-094FE03728BE}
Catalyst Control Center - Branding-->MsiExec.exe /I{19A492A0-888F-44A0-9B21-D91700763F62}
CCleaner-->"D:\Program Files\CCleaner\uninst.exe"
CDBurnerXP-->"D:\Program Files\CDBurnerXP\unins000.exe"
CDex extraction audio-->"C:\Program Files\CDex_170b2\uninstall.exe"
CloneCD-->"D:\Program Files\SlySoft\CloneCD\ccd-uninst.exe" /D="D:\Program Files\SlySoft\CloneCD"
Conduit Engine-->C:\PROGRA~1\CONDUI~1\ConduitEngineUninstall.exe
ConvertXtoDVD 3.5.1.135-->"D:\Program Files\VSO\ConvertX\3\unins000.exe"
ConvertXtoDVD 4.0.6.316-->"D:\Program Files\VSO\ConvertX\4\unins000.exe"
Counter-Strike 1.6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{13B792AA-C078-43A4-8A3A-8B12D629940D}\Setup.exe" -l0x19
Crysis WARHEAD(R) Patch-->"C:\Documents and Settings\All Users\Data aplikací\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe" REMOVE=TRUE MODIFY=FALSE
Crysis WARHEAD(R) Patch-->C:\Documents and Settings\All Users\Data aplikací\{7451F7D5-591C-4490-8D3B-C73A69A0E782}\setup.exe
Crysis(R) SP Demo-->MsiExec.exe /I{92AF2F5A-4407-4A03-A80A-5A2582264746}
Crysis(R)-->MsiExec.exe /I{000E79B7-E725-4F01-870A-C12942B7F8E4}
Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9}
DAEMON Tools Lite-->D:\Program Files\DAEMON Tools Lite\uninst.exe
DAEMON Tools-->MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
DesktopX-->D:\PROGRA~1\Stardock\OBJECT~1\DesktopX\UNWISE.EXE D:\PROGRA~1\Stardock\OBJECT~1\DesktopX\INSTALL.LOG
Desura-->D:\Program Files\Desura\Desura_Uninstall.exe
DiskCheckerXP 6.1-->D:\Program Files\DiskCheckerXP\uninst.exe
Diver - Deep Water Adventures-->"D:\Program Files\Diver\unins000.exe"
DivX Codec-->D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->D:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->D:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Doom Shareware for Windows 95-->D:\Program Files\Doom Shareware for Windows 95\uninstl.exe /S D:\Program Files\Doom Shareware for Windows 95
EA Download Manager-->D:\Program Files\Electronic Arts\EADM\EADMUninstall.exe
Eusing Free Registry Cleaner-->D:\PROGRA~1\EUSING~1\UNWISE.EXE D:\PROGRA~1\EUSING~1\INSTALL.LOG
EVEREST Home Edition v2.20-->"D:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Evolution of Combat-->D:\Program Files\LucasArts\Star Wars Jedi Knight Jedi Academy\GameData\Uninstal.exe
FFOLKES Unlocks123 mod v1.4.1-->d:\Program Files\EA GAMES\Battlefield 2\Uninstall_Unlocks123_mod.exe
Fraps (remove only)-->"D:\Program Files\fraps\uninstall.exe"
Free Create-Burn ISO Image v2.0-->"D:\Program Files\Free Create-Burn ISO Image\unins000.exe"
Free YouTube Download 1.2-->"D:\Program Files\DVDVideoSoft\Free YouTube Download\unins000.exe"
Game Fire-->MsiExec.exe /X{C646C3D7-3013-4A78-A0A5-746320F94D77}
Google Earth-->MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_4E7D715D860E20E1.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Graffiti Studio 2.0-->"D:\Program Files\Graffiti Studio 2.0\unins000.exe"
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
GTA San Andreas-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Guitar Pro 5.2-->"D:\Program Files\Guitar Pro 5\unins000.exe"
Harry Potter and the Half-Blood Prince™ Demo-->MsiExec.exe /X{20EA84D4-6CB0-4FEA-8B6C-DC816CA7385F}
Harry Potter and the Order of the Phoenix™ Demo-->D:\Documents and Settings\matmik\Plocha\EAUninstall.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 10.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 10.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files\HP\Digital Imaging\{20B30DC1-E423-4939-B51D-05C58B0F9BBB}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop
HP Photosmart Essential 2.5-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Smart Web Printing-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 10.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update-->MsiExec.exe /X{11B83AD3-7A46-4C2E-A568-9505981D4C6F}
HWiNFO32 Version 3.35-->"D:\Program Files\HWiNFO32\unins000.exe"
HyperCam 2-->"D:\Program Files\HyCam2\UnHyCam2.exe"
HyperCam Toolbar-->C:\Program Files\HyperCam Toolbar\UninstallToolbar.exe
Hyperdesk - Crysis Warhead-->MsiExec.exe /X{97F868BE-3FCD-42BB-863B-36EE10E60127}
Cheat Engine 5.3-->"D:\Program Files\Cheat Engine\unins001.exe"
ICQ7.2-->"C:\Program Files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
ijji Auto Installer-->"C:\Program Files\InstallShield Installation Information\{1DCC7418-2089-4BDD-B321-3771956160FC}\setup.exe" -runfromtemp -l0x0009 -removeonly
ImageMixer 3 SE for SD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E1D7C392-EAF5-405F-A31D-BBD3B56C0C6A}\Setup.exe" -l0x9 UNINSTALL -removeonly
Java(TM) 6 Update 19-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216019FF}
kikin plugin 2.11-->C:\Program Files\kikin\uninst.exe
Knights of the Force 2.0-->d:\Program Files\LucasArts\KotF Jedi Academy Expansion Pack\..\uninstall.exe
Lingea Lexicon 2002-->C:\WINDOWS\LgUninst.exe d:\Setup.exe
Liveupdate4-->"C:\Program Files\MSI\Live Update 4\unins000.exe"
Malwarebytes' Anti-Malware verze 1.51.0.1200-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MediaCoder 0.7.1.4490-->D:\Program Files\MediaCoder\uninst.exe
Microsoft .NET Framework 1.1 Security Update (KB2572067)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2572067\M2572067Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{A2C9CD1B-2551-3AED-B244-6698FB929FA6}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY-->MsiExec.exe /I{546C143E-68DC-314D-97BC-1E454E3BA429}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack SP1 - csy-->MsiExec.exe /I{DD73CA82-EA82-38AA-863D-9A24A018DC96}
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - csy\setup.exe
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{8FB1B528-E260-451E-9B55-E9152F94B80B}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Miranda IM 0.8.1-->D:\Program Files\Miranda IM\Uninstall.exe
Mirror's Edge™-->MsiExec.exe /X{AEDBD563-24BB-4EE3-8366-A654DAC2D988}
MOV to AVI MPEG WMV Converter 1.7.4-->"D:\Program Files\MOV to AVI MPEG WMV Converter\unins000.exe"
Mozilla Firefox (3.5.16)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Multi Virus Cleaner 2007-->"D:\Program Files\AxBx\Multi Virus Cleaner 2007\unins000.exe"
MyAshampoo Toolbar-->C:\PROGRA~1\MYASHA~1\UNINST~1.EXE
Nero 6 Ultra Edition-->D:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Media Player-->C:\WINDOWS\UNNMP.exe /UNINSTALL
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
OCR Software by I.R.I.S. 10.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
Online_Sharing Toolbar-->C:\PROGRA~1\ONLINE~2\UNWISE.EXE /U C:\PROGRA~1\ONLINE~2\INSTALL.LOG
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
OpenOffice.org 2.3-->MsiExec.exe /I{519556CC-4382-4B35-80F5-DD8E9460EEAC}
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"
P2P Energy Toolbar-->C:\PROGRA~1\P2P_EN~1\UNWISE.EXE C:\PROGRA~1\P2P_EN~1\INSTALL.LOG
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Prince of Persia Warrior Within (Demo)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6B7E731-A9E1-4AEC-A1E7-2E63646647FE}\Setup.exe" -l0x9
PunkBuster Services-->D:\Program Files\EA GAMES\pbsvc_p4f.exe -u
RAD Video Tools-->"D:\Program Files\RADVideo\uninstall.exe"
RadioBar Toolbar-->C:\Program Files\RadioBar\UNINSTALL.exe
REALTEK GbE & FE Ethernet PCI-E NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.exe" -l0x5 -removeonly
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sada Compatibility Pack pro systém Office 2007-->MsiExec.exe /X{90120000-0020-0405-0000-0000000FF1CE}
Sakura-->C:\Program Files\Image-Line\Sakura\uninstall.exe
San Andreas Mod Installer-->"C:\WINDOWS\San Andreas Mod Installer\uninstall.exe" "/U:D:\Program Files\San Andreas Mod Installer\Uninstall\uninstall.xml"
Sanny Builder 3.04-->"D:\Program Files\Sanny Builder 3\unins000.exe"
Sawer-->C:\Program Files\Image-Line\Sawer\uninstall.exe
Secret Crush Revealer-->"C:\Program Files\Browser Plugin\Uninstall.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Serenity Sabersystem Demo-->D:\Program Files\LucasArts\KotF Jedi Academy Expansion Pack\GameData\KnightsoftheForce\base\Uninstal.exe
Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~2\Install.log
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SLOW-PCfighter-->D:\Program Files\Fighters\SLOW-PCfighter\Uninstall.exe
SLOW-PCfighter-->MsiExec.exe /X{BDE0CF4C-8DE2-41DB-A845-78D48874E2C6}
Softonic_VLC_EN Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG
Sony Vegas Pro 8.0-->MsiExec.exe /X{1246FF64-3035-4A92-8FE6-A968275495EB}
SpeedBit Toolbar-->"C:\Program Files\SpeedBit Toolbar\TRRemove.exe" temp
Spider-Man(R) - Web of Shadows(TM) 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{9208F706-6528-4591-A997-F41395FBD8A7}\setup.exe -runfromtemp -l0x0409
Star Wars Jedi Knight Jedi Academy Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D1F6BB2F-E9A4-4233-BA03-BB62E8AED82A}\Setup.exe" -l0x9
Star Wars Jedi Knight Jedi Academy-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0D994CC5-819F-4657-84DD-397B8FE1EA80}\Setup.exe" -l0x9
Star Wars JK II Jedi Outcast-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}\Setup.exe"
Star Wars®: Knights of the Old Republic (TM)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}\Setup.exe" -l0x9
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
SweetIM for Messenger 2.6-->MsiExec.exe /X{C359507C-30B1-48A6-BD9B-C7B1CC3B06D7}
SweetIM Toolbar for Internet Explorer 3.3-->MsiExec.exe /X{266C7330-C0F4-49E5-8F20-A56F9F822875}
TeamSpeak 2 RC2-->D:\Teamspeak2_RC2\unins000.exe
TeamViewer 5-->C:\Program Files\TeamViewer\Version5\uninstall.exe
The Hulk(TM) Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C0DDC931-CD9C-4527-872A-5FA96F6EF77F}\Setup.exe" -l0x9
The Lord of the Rings FREE Trial -->MsiExec.exe /X{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}
ToggleEN Toolbar-->C:\PROGRA~1\ToggleEN\UNWISE.EXE /U C:\PROGRA~1\ToggleEN\INSTALL.LOG
Tornado Jockey-->"D:\Program Files\WildGames\Tornado Jockey\Uninstall.exe"
TubeSucker-->MsiExec.exe /X{4E906533-F57F-45BD-A837-FCF24A2C243E}
Ultimate Spider-Man (TM)-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{CC35B08B-4EC1-4759-B159-0EC4E69C3E7C} /l2057
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
UpdateMyDrivers-->"C:\Documents and Settings\All Users\Data aplikací\{5E98E5C2-0C82-4AE9-AED4-E6D1EDB6EFF2}\UpdateMyDrivers.exe" REMOVE=TRUE MODIFY=FALSE
UpdateMyDrivers-->C:\Documents and Settings\All Users\Data aplikací\{5E98E5C2-0C82-4AE9-AED4-E6D1EDB6EFF2}\UpdateMyDrivers.exe
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VDownloader 0.82-->"D:\Program Files\VDOWNLOADER\unins000.exe"
VDownloader 3.0.752-->"D:\Program Files\VDownloader\unins001.exe"
Vegas Movie Studio Platinum 9.0-->MsiExec.exe /X{97E038E1-41AD-4C93-BCDC-6A2394AEE352}
venomspiderman-->MsiExec.exe /X{7396ED28-EFCC-41F1-B267-9E1E73CC9AF3}
Vietcong 2 - public MP test-->D:\Program Files\Vietcong2-MP-test\uninstall.exe
Virtual DJ - Atomix Productions-->D:\PROGRA~1\VIRTUA~1\UNWISE.EXE D:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Virtual Dj Studio 5.3-->"D:\Program Files\VDJ5\unins000.exe"
VLC media player 1.0.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"D:\Program Files\Gabest\VobSub\uninstall.exe"
WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"
WinASO Registry Optimizer 4.5.5-->"D:\Program Files\WinASO\Registry Optimizer\unins000.exe"
WinAVI VideoConverter-->"D:\WinAVI VideoConverter\unins000.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
WinPcap 4.1.1-->"C:\Program Files\WinPcap\uninstall.exe"
WinRAR-->D:\Program Files\WinRAR\uninstall.exe
WinRez LT Studio-->MsiExec.exe /I{1A621A2F-98F6-4373-89A2-8ED16076990A}
Worms 2-->D:\PROGRA~1\WORMS2~1\unwise.exe D:\PROGRA~1\WORMS2~1\INSTALL.LOG
Xfire (remove only)-->"D:\Program Files\Xfire\uninst.exe"
X-Men(TM) Legends 2 Demo-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{8662F390-6B44-4BB8-909A-F6EBC94D1722}
XnView 1.82.3-->"C:\Program Files\XnView\unins000.exe"
Xvid 1.1.2 final uninstall-->"D:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe
ZBrush3-->MsiExec.exe /I{6084D038-3401-4C9D-A216-86E6EEA25AFB}
Zero Gear Demo-->"D:\program files\steam\steam.exe" steam://uninstall/18800

======Security center information======

AV: avast! Antivirus
FW: AVG Firewall (disabled)

======System event log======

Computer Name: MATMIK-D179D564
Event Code: 7036
Message: Stav služby Služba modelu COM pro zápis na disk CD (IMAPI) byl změněn na: Spuštěno

Record Number: 59487
Source Name: Service Control Manager
Time Written: 20110912170014.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Služba modelu COM pro zápis na disk CD (IMAPI) úspěšně odeslán.

Record Number: 59486
Source Name: Service Control Manager
Time Written: 20110912170014.000000+120
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: MATMIK-D179D564
Event Code: 7035
Message: Řídící příkaz Spuštěno byl službě Správce vzdáleného přístupu úspěšně odeslán.

Record Number: 59485
Source Name: Service Control Manager
Time Written: 20110912170012.000000+120
Event Type: Informace
User: MATMIK-D179D564\matmik

Computer Name: MATMIK-D179D564
Event Code: 7036
Message: Stav služby Telefonní subsystém byl změněn na: Spuštěno

Record Number: 59484
Source Name: Service Control Manager
Time Written: 20110912170012.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 7036
Message: Stav služby Služba rozpoznávání pomocí protokolu SSDP byl změněn na: Spuštěno

Record Number: 59483
Source Name: Service Control Manager
Time Written: 20110912170012.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: MATMIK-D179D564
Event Code: 1004
Message: Uživatel přijal smlouvu Eula.

Record Number: 7935
Source Name: WgaSetup
Time Written: 20110616133520.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 1002
Message: Starting interactive setup.

Record Number: 7934
Source Name: WgaSetup
Time Written: 20110616133520.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 1006
Message: Smlouva Eula byla v minulosti přijata.

Record Number: 7933
Source Name: WgaSetup
Time Written: 20110616133520.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 0
Message:
Record Number: 7932
Source Name: gupdate
Time Written: 20110616063903.000000+120
Event Type: Informace
User:

Computer Name: MATMIK-D179D564
Event Code: 0
Message:
Record Number: 7931
Source Name: gupdate
Time Written: 20110616063900.000000+120
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\AMD APP\bin\x86;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Adobe\AGL;D:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 75 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=4b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#3 Příspěvek od Rudy »

Zdravím!
Poprosím o log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#4 Příspěvek od [ACze]miky »

ComboFix 11-10-29.01 - matmik 29.10.2011 9:05.13.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.1897 [GMT 2:00]
Spuštěný z: c:\documents and settings\matmik\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\ehome\medctrro.exe
c:\windows\help\tours\htmltour\unlock_playing.htm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-20 12:06 . 2011-10-20 12:07 -------- d-----w- c:\windows\ServicePackFiles
2011-10-20 12:06 . 2006-12-28 22:31 19569 ----a-w- c:\windows\000001_.tmp
2011-10-13 18:30 . 2011-10-13 18:30 -------- d-----w- c:\documents and settings\matmik\Data aplikací\Skinux
2011-10-13 18:25 . 2011-10-13 18:25 -------- d-----w- c:\program files\The Skins Factory
2011-09-30 12:51 . 2011-09-30 13:00 -------- d-----w- c:\documents and settings\matmik\Data aplikací\AVI ReComp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-14 16:11 . 2009-03-15 16:08 138264 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-10-14 16:10 . 2010-05-04 14:56 234768 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-14 16:10 . 2009-03-15 16:08 234768 -c--a-w- c:\windows\system32\PnkBstrB.exe
2011-10-12 16:48 . 2009-03-15 16:08 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-11 16:32 . 2008-10-19 15:06 21840 -c--atw- c:\windows\system32\SIntfNT.dll
2011-10-11 16:32 . 2008-10-19 15:06 17212 -c--atw- c:\windows\system32\SIntf32.dll
2011-10-11 16:32 . 2008-10-19 15:06 12067 -c--atw- c:\windows\system32\SIntf16.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-12 13:16 . 2010-05-03 13:47 22328 -c--a-w- c:\documents and settings\matmik\Data aplikací\PnkBstrK.sys
2011-09-09 09:12 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-07-01 15:40 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-07-01 15:40 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-01 15:40 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-07-01 15:40 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-07-01 15:40 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-07-01 15:40 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-07-01 15:40 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-07-01 15:40 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-07-01 15:40 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-07-01 15:40 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 14:15 . 2011-09-05 14:15 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-05 13:56 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-09-05 13:56 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 13:55 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-01-26 21:11 . 2011-09-20 10:47 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2011-07-30 15:26 87552 --sh--w- c:\windows\system32\h4x0r.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"avast"="d:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
avast! Free Antivirus.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [N/A]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ImageMixer 3 SE Camera Monitor for SD.lnk]
backup=c:\windows\pss\ImageMixer 3 SE Camera Monitor for SD.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^BluetoothPCDialer.lnk]
backup=c:\windows\pss\BluetoothPCDialer.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\matmik\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
2011-06-11 12:10 2482496 ----a-w- d:\program files\Desura\desura.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-02-12 13:50 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Game Fire]
2011-03-08 11:26 46592 ----a-w- c:\program files\Smart PC Utilities\Game Fire\GFTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-06-29 14:17 98304 -c--a-w- c:\windows\system32\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-12-30 13:17 19972712 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
2006-10-10 13:11 827392 ----a-w- c:\windows\vsnp325.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-07-28 15:14 98304 ----a-w- d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-16 05:00 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp325]
2006-10-10 14:49 270336 ----a-w- c:\windows\tsnp325.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Documents and Settings\\matmik\\Plocha\\bittorrent.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Team JPN\\SpiderMan Web of Shadows\\image\\pc\\Spider-Man Web of Shadows.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ.exe"=
"d:\\Program Files\\ICQ7.2\\aolload.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Valve\\csstrike\\hl.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Program Files\\Xfire\\xfire.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator dedicated server\\AvP_CLI.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Program Files\\LucasArts\\KotF Jedi Academy Expansion Pack\\GameData\\jamp.exe"=
"d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\EoC-S-EDed.exe"=
"d:\\Documents and Settings\\matmik\\Dokumenty\\Downloads\\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\\ACBSP.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"d:\\Program Files\\EA GAMES\\BFP4f.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of juarez - bound in blood sp demo\\CoJBiBDemo_x86.exe"=
"d:\\Program Files\\Activision\\Call of Duty - Black Ops\\BlackOps.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"d:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Program Files\\Fox\\Aliens vs. Predator 2\\lithtech.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_Launcher.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_DX11.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [28.5.2008 10:13 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [28.5.2008 10:13 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 17:40 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 17:40 320856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [5.9.2011 16:15 232512]
R1 HWiNFO32;HWiNFO32 Kernel Driver;d:\program files\HWiNFO32\HWiNFO32.SYS [2.5.2010 10:12 19064]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 17:40 20568]
R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\program files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe [21.7.2008 12:50 106496]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 4:09 50704]
R3 NTProcDrv;Process creation detector for NT.;\??\c:\windows\TEMP\drv1.tmp --> c:\windows\TEMP\drv1.tmp [?]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [13.3.2009 11:51 47360]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 17:27 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.5.2010 10:27 1691480]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\matmik\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\matmik\LOCALS~1\Temp\CFcatchme.sys [?]
S3 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [11.6.2011 14:10 130368]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 17:27 135664]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [20.1.2011 19:27 10251904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 15:27]
.
2011-10-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 15:27]
.
2011-10-14 c:\windows\Tasks\UpdateCheck.job
- c:\program files\Smart PC Utilities\Game Fire\UpdateCheck.exe [2011-03-08 13:40]
.
2011-10-28 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-09-14 20:18]
.
.
------- Doplňkový sken -------
.
uLocal Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default\
FF - prefs.js: browser.startup.homepage - google.cz
FF - Ext: LoudMo Contextual Ad Assistant: {37b1d48c-6e0a-dfe8-8a74-05116b74c806} - d:\program files\Mozilla Firefox\extensions\{37b1d48c-6e0a-dfe8-8a74-05116b74c806}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ResultUrl: {C8431CD2-C25A-45F3-BEA9-A9103C31409A} - d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: MyAshampoo Community Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - %profile%\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
FF - Ext: kikin plugin: {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - d:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-29 09:14
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
hpqSRMon = c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NTProcDrv]
"ImagePath"="\??\c:\windows\TEMP\drv1.tmp"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(840)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
Celkový čas: 2011-10-29 09:17:40
ComboFix-quarantined-files.txt 2011-10-29 07:17
.
Před spuštěním: 5 281 255 424
Po spuštění: 5 272 104 960
.
- - End Of File - - 5665ACCD26EA747746ADB7D20ABD6DAF
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#5 Příspěvek od Rudy »

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\000001_.tmp
c:\windows\TEMP\drv1.tmp

Driver::
NTProcDrv

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

Firefox::
FF - ProfilePath - c:\documents and settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default
FF - Ext: LoudMo Contextual Ad Assistant: {37b1d48c-6e0a-dfe8-8a74-05116b74c806} - d:\program files\Mozilla Firefox\extensions\{37b1d48c-6e0a-dfe8-8a74-05116b74c806}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: ResultUrl: {C8431CD2-C25A-45F3-BEA9-A9103C31409A} - d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: MyAshampoo Community Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - %profile%\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
FF - Ext: kikin plugin: {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#6 Příspěvek od [ACze]miky »

ComboFix 11-10-29.01 - matmik 29.10.2011 14:27:12.14.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3070.2002 [GMT 2:00]
Spuštěný z: c:\documents and settings\matmik\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\matmik\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
file zipped: c:\windows\000001_.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\000001_.tmp
d:\program files\Mozilla Firefox\extensions\{37b1d48c-6e0a-dfe8-8a74-05116b74c806}
d:\program files\Mozilla Firefox\extensions\{37b1d48c-6e0a-dfe8-8a74-05116b74c806}\chrome.manifest
d:\program files\Mozilla Firefox\extensions\{37b1d48c-6e0a-dfe8-8a74-05116b74c806}\install.rdf
d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}
d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\defaults\preferences\prefs.js
d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\chrome.manifest
d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\chrome\resulturl.jar
d:\program files\Mozilla Firefox\extensions\{C8431CD2-C25A-45F3-BEA9-A9103C31409A}\install.rdf
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NTPROCDRV
-------\Service_NTProcDrv
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-09-28 do 2011-10-29 )))))))))))))))))))))))))))))))
.
.
2011-10-28 16:29 . 2011-10-28 16:29 -------- d-----w- C:\rsit
2011-10-20 12:06 . 2011-10-20 12:07 -------- d-----w- c:\windows\ServicePackFiles
2011-10-13 18:30 . 2011-10-13 18:30 -------- d-----w- c:\documents and settings\matmik\Data aplikací\Skinux
2011-10-13 18:25 . 2011-10-13 18:25 -------- d-----w- c:\program files\The Skins Factory
2011-09-30 12:51 . 2011-09-30 13:00 -------- d-----w- c:\documents and settings\matmik\Data aplikací\AVI ReComp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-14 16:11 . 2009-03-15 16:08 138264 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-10-14 16:10 . 2010-05-04 14:56 234768 -c--a-w- c:\windows\system32\PnkBstrB.xtr
2011-10-14 16:10 . 2009-03-15 16:08 234768 -c--a-w- c:\windows\system32\PnkBstrB.exe
2011-10-12 16:48 . 2009-03-15 16:08 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-10-11 16:32 . 2008-10-19 15:06 21840 -c--atw- c:\windows\system32\SIntfNT.dll
2011-10-11 16:32 . 2008-10-19 15:06 17212 -c--atw- c:\windows\system32\SIntf32.dll
2011-10-11 16:32 . 2008-10-19 15:06 12067 -c--atw- c:\windows\system32\SIntf16.dll
2011-09-26 09:41 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 09:41 . 2001-10-25 14:00 22528 ----a-w- c:\windows\system32\oleaccrc.dll
2011-09-26 09:41 . 2001-10-25 14:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-12 13:16 . 2010-05-03 13:47 22328 -c--a-w- c:\documents and settings\matmik\Data aplikací\PnkBstrK.sys
2011-09-09 09:12 . 2004-08-17 13:49 602112 ----a-w- c:\windows\system32\crypt32.dll
2011-09-06 20:45 . 2011-07-01 15:40 41184 ----a-w- c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-07-01 15:40 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-07-01 15:40 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2011-07-01 15:40 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-07-01 15:40 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-07-01 15:40 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-07-01 15:40 110552 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-09-06 20:36 . 2011-07-01 15:40 104536 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-09-06 20:36 . 2011-07-01 15:40 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-09-06 20:33 . 2011-07-01 15:40 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-09-06 14:10 . 2004-08-17 13:44 1858944 ----a-w- c:\windows\system32\win32k.sys
2011-09-05 14:15 . 2011-09-05 14:15 232512 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-09-05 13:56 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2011-09-05 13:56 . 2004-08-17 13:49 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-09-05 13:56 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-09-05 13:55 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2011-08-17 13:49 . 2004-08-03 21:14 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2010-01-26 21:11 . 2011-09-20 10:47 444283 ----a-w- c:\program files\Common Files\WinPcapNmap.exe
2011-07-30 15:26 87552 --sh--w- c:\windows\system32\h4x0r.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-10-29_07.14.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-29 12:37 . 2011-10-29 12:37 16384 c:\windows\temp\Perflib_Perfdata_570.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"avast"="d:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
avast! Free Antivirus.lnk - c:\program files\Alwil Software\Avast5\AvastUI.exe [N/A]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 13:13 49152 ----a-w- c:\progra~1\COMMON~1\Stardock\MCPStub.dll
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ImageMixer 3 SE Camera Monitor for SD.lnk]
backup=c:\windows\pss\ImageMixer 3 SE Camera Monitor for SD.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^BluetoothPCDialer.lnk]
backup=c:\windows\pss\BluetoothPCDialer.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.3.lnk]
path=c:\documents and settings\matmik\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.3.lnk
backup=c:\windows\pss\OpenOffice.org 2.3.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^matmik^Nabídka Start^Programy^Po spuštění^Xfire.lnk]
backup=c:\windows\pss\Xfire.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2010-05-04 15:05 311296 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- d:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desura]
2011-06-11 12:10 2482496 ----a-w- d:\program files\Desura\desura.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-02-12 13:50 20480 ----a-w- c:\windows\FixCamera.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Game Fire]
2011-03-08 11:26 46592 ----a-w- c:\program files\Smart PC Utilities\Game Fire\GFTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-06-29 14:17 98304 -c--a-w- c:\windows\system32\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2010-12-30 13:17 19972712 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp325]
2006-10-10 13:11 827392 ----a-w- c:\windows\vsnp325.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2011-07-28 15:14 98304 ----a-w- d:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-04-16 05:00 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp325]
2006-10-10 14:49 270336 ----a-w- c:\windows\tsnp325.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Documents and Settings\\matmik\\Plocha\\bittorrent.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"d:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\uTorrent\\uTorrent.exe"=
"d:\\Program Files\\Team JPN\\SpiderMan Web of Shadows\\image\\pc\\Spider-Man Web of Shadows.exe"=
"d:\\Program Files\\ICQ7.2\\ICQ.exe"=
"d:\\Program Files\\ICQ7.2\\aolload.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\zero gear\\Server\\ZeroGearServer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\Valve\\csstrike\\hl.exe"=
"d:\\Program Files\\Electronic Arts\\Battlefield Bad Company 2\\BFBC2Updater.exe"=
"d:\\Program Files\\Xfire\\xfire.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator dedicated server\\AvP_CLI.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"d:\\Program Files\\LucasArts\\KotF Jedi Academy Expansion Pack\\GameData\\jamp.exe"=
"d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"d:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\EoC-S-EDed.exe"=
"d:\\Documents and Settings\\matmik\\Dokumenty\\Downloads\\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\\Assassins.Creed.Brotherhood.[ENG].RiP.JoeKkerr\\ACBSP.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"d:\\Program Files\\Electronic Arts\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"d:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"d:\\Program Files\\EA GAMES\\BFP4f.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\zero gear\\ZeroGear.bat"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of juarez - bound in blood sp demo\\CoJBiBDemo_x86.exe"=
"d:\\Program Files\\Activision\\Call of Duty - Black Ops\\BlackOps.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4sp.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"d:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\Program Files\\Fox\\Aliens vs. Predator 2\\lithtech.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_Launcher.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP_DX11.exe"=
"d:\\Program Files\\Steam\\steamapps\\common\\aliens vs predator\\AvP.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [28.5.2008 10:13 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [28.5.2008 10:13 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [1.7.2011 17:40 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [1.7.2011 17:40 320856]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [5.9.2011 16:15 232512]
R1 HWiNFO32;HWiNFO32 Kernel Driver;d:\program files\HWiNFO32\HWiNFO32.SYS [2.5.2010 10:12 19064]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1.7.2011 17:40 20568]
R2 HdThemeEnabler;Hyperdesk Theme Enabler;c:\program files\The Skins Factory\Hyperdesk\Common\HDThemeEnabler.exe [21.7.2008 12:50 106496]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [27.1.2010 4:09 50704]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [13.3.2009 11:51 47360]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 17:27 135664]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.5.2010 10:27 1691480]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\matmik\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\matmik\LOCALS~1\Temp\CFcatchme.sys [?]
S3 Desura Install Service;Desura Install Service;c:\program files\Common Files\Desura\desura_service.exe [11.6.2011 14:10 130368]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [25.3.2010 17:27 135664]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys [20.1.2011 19:27 10251904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Obsah adresáře 'Naplánované úlohy'
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 15:27]
.
2011-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-25 15:27]
.
2011-10-14 c:\windows\Tasks\UpdateCheck.job
- c:\program files\Smart PC Utilities\Game Fire\UpdateCheck.exe [2011-03-08 13:40]
.
2011-10-29 c:\windows\Tasks\WGASetup.job
- c:\windows\system32\KB905474\wgasetup.exe [2010-09-14 20:18]
.
.
------- Doplňkový sken -------
.
uLocal Page = hxxp://www.google.com/
mLocal Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} -
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\matmik\Data aplikací\Mozilla\Firefox\Profiles\iciim6xk.default\
FF - prefs.js: browser.startup.homepage - google.cz
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Babylon: ffxtlbr@babylon.com - %profile%\extensions\ffxtlbr@babylon.com
FF - Ext: GamePlayLabs Plugin: plugin@gameplaylabs.com - %profile%\extensions\plugin@gameplaylabs.com
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: HyperCamToolbar: {75656794-AB59-4712-BFBC-5D816D56F3BC} - %profile%\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
FF - Ext: MyAshampoo Community Toolbar: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - %profile%\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
FF - Ext: kikin plugin: {AA994882-F391-4d2e-806F-8908DA4814ED} - %profile%\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: avast! WebRep: wrc@avast.com - d:\program files\AVAST Software\Avast\WebRep\FF
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-29 14:50
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
hpqSRMon = c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(848)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
- - - - - - - > 'explorer.exe'(4068)
c:\progra~1\COMMON~1\Stardock\MCPCore.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
d:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
d:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\UAService7.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\progra~1\COMMON~1\Stardock\SDMCP.exe
c:\windows\system32\WgaTray.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-10-29 14:53:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-10-29 12:53
ComboFix2.txt 2011-10-29 07:17
.
Před spuštěním: 5 279 391 744
Po spuštění: 5 193 408 512
.
- - End Of File - - FC5280A86ECDA59B2748FB4D1DCF2C4B
Nahr nˇ probŘhlo ŁspŘçnŘ
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#7 Příspěvek od Rudy »

Smazáno, log již vypadá čistý. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#8 Příspěvek od [ACze]miky »

Ano pc už se nevypíná, furt mě ale štve ta přihlašovací obrazovka :)). Asi už sem s tím otravný. :D Mám tam tuto tabulku http://helpict.org/Dept%20Web%20Site/Ye ... _logon.jpg ale chtěl bych tuto http://www.guidebookgallery.org/pics/gu ... nxppro.png V uživatelských účtech mám zaškrtlou úvodní obrazovku i rychlé přepínání, ale stejně to nefunguje.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#9 Příspěvek od Rudy »

Klikněte pravým myšítkem na tray>vlastnosti>nabídka start a zaškrtněte "Nabídka start".
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#10 Příspěvek od [ACze]miky »

Omlouvám se ale nerozumím tomu tray :). Pochopil jsem to jako lišta a jestli tomu tak je, tak nabídka start je zaškrtnutá.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#11 Příspěvek od Rudy »

Ano. Tray je lišta. Jsou tam volby Nabídka start a Klasická nabídka start. Tu, kterou potřebujete je ta první.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#12 Příspěvek od [ACze]miky »

Rudy píše:Ano. Tray je lišta. Jsou tam volby Nabídka start a Klasická nabídka start. Tu, kterou potřebujete je ta první.
Jak jsem psal, zaškrtlé to mám :). Nevím ale, jestli by to nějak ovlivnilo přihlašovací obrazovku.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#13 Příspěvek od Rudy »

Podle mne je klasická právě ta, kterou teď máte. Nabídka start je ta kterou chcete.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
[ACze]miky
Návštěvník
Návštěvník
Příspěvky: 206
Registrován: 01 pro 2010 16:41

Re: kontrola logu

#14 Příspěvek od [ACze]miky »

Jak říkám, nabídku start mám zaškrtnutou. :))
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119508
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: kontrola logu

#15 Příspěvek od Rudy »

Zde je návod přímo od MS: http://www.adminxp.cz/windowsxp/index.php?aid=12 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“