Pomalý PC + sekání a pomalé rolování oken

[MaryAnn]

Zdravím, prosím o pomoc s PC, už si s ním nevím rady. Jedná se o notebook HP, používám jej zhruba 3 roky. Donedávna docela slušně šlapal, byl i dost rychlý. Pak se začal zpomalovat a nyní je to už k nevydržení. Při startu vše ok, ale jak spustím nějaký program či internet, okamžitě se začne dlouze načítat, pak běží velmi pomalu, na internetu se velmi dlouho načítá, při zminimalizování okna se okno dlouho roluje, pak se objeví prázdná obrazovka, která asi dvakrát poskočí a teprve pak se tam začnou objevovat ikony. Často mi spadne Firefox sám od sebe a často také celý PC zamrzne a vůbec nereaguje, když dám Správce úloh, ukáže se hláška, že Firefox "neodpovídá". Jak mám otevřené více než jedno okno internetu, začnou problémy ještě intenzivněji. Kromě toho se mi zdá PC nějak něčím přetížený, pořád "funí" a "vrčí". Jak při tom zaseknutí, tak i když s ním nepracuji, mám pocit, že sám pořád pracuje a je něčím zahlcen. Když na něm zkusím hrát svou staženou hru (ta je čistá) tak se to nedá hrát, neboť díky počítači "krokuje". Přitom Eset ani Anti Malvare nenašli zhola nic a sama jej čistím pravidelně Ccleanerem.

Prosím o radu co by to mohlo být a co s tím. Děkuji!

[Márty84]

Dobry den

Nejprve dejte log z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 a mrknem na to

[MaryAnn]

Děkuji, tady je:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Veronika at 2012-01-07 16:36:09
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 2 GB (3%) free of 68 GB
Total RAM: 502 MB (27% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:28, on 7.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Documents and Settings\Veronika\Dokumenty\Stažené soubory\RSIT(2).exe
C:\Program Files\trend micro\Veronika.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [DivX Download Manager] "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
O4 - HKLM\..\Run: [TkBellExe] "C:\program files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Rychlý začátek s aplikací HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/My%20Kingdom%20for%20the%20Princess/Images/stg_drm.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 8371162593
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/My%20Kingdom%20for%20the%20Princess/Images/armhelper.ocx
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

--
End of file - 9036 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Veronika.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default

prefs.js - "browser.startup.homepage" - "www.google.com"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video
"{6904342A-8307-11DF-A508-4AE2DFD72085}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa
"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0]
"Description"=DivX OVS Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.647]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.647]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=1.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]
"Description"=Zylom Games Player 1.00
"Path"=C:\Documents and Settings\All Users\Data aplikací\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nppl3260.xpt
nsIQTScriptablePlugin.xpt
nsIZylomPlugin.xpt
nsjsrealplayerplugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFFICE.DLL
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
npzylomgamesplayer.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
yahoo.xml

C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}

C:\Documents and Settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\searchplugins\
conduit.xml
inbox-hledn.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-23 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-05-25 386776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
DivX HiQ - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08 3123072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 342192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll [2011-11-30 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-24 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-24 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-09-12 3863136]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-12-14 342192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-22 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-22 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-22 118784]
"High Definition Audio Property Page Shortcut"=C:\WINDOWS\system32\CHDAudPropShortcut.exe [2006-06-02 61952]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-06-17 794713]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2006-07-19 102400]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"Cpqset"=C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2006-06-19 40960]
"RecGuard"=C:\Windows\SMINST\RecGuard.exe [2005-10-11 1187840]
"Reminder"=C:\Windows\CREATOR\Remind_XP.exe [2006-02-09 643072]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-12-09 1226608]
"DivX Download Manager"=C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe [2010-12-08 63360]
"TkBellExe"=C:\program files\real\realplayer\update\realsched.exe [2011-05-25 273544]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2011-07-05 421888]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2011-09-22 3080264]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-07-13 39408]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Rychlý začátek s aplikací HP Photosmart Premier.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-22 139264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2012-01-06 01:00:37 ----D---- C:\Program Files\Farm Mania 2
2012-01-03 20:22:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\iWin Games
2012-01-03 00:52:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Youdagames
2012-01-02 23:51:51 ----SHD---- C:\RECYCLER
2012-01-02 22:38:49 ----A---- C:\ComboFix.txt
2012-01-02 22:27:06 ----A---- C:\WINDOWS\MBR.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\zip.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\SWXCACLS.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\SWSC.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\SWREG.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\sed.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\PEV.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\NIRCMD.exe
2012-01-02 22:27:05 ----A---- C:\WINDOWS\grep.exe
2012-01-02 22:10:13 ----A---- C:\TDSSKiller.2.4.21.0_02.01.2012_22.10.13_log.txt
2011-12-30 15:58:32 ----D---- C:\Documents and Settings\Veronika\Data aplikací\Apple Computer
2011-12-30 00:38:04 ----D---- C:\Program Files\Zylom Games
2011-12-22 21:25:17 ----D---- C:\Documents and Settings\Veronika\Data aplikací\Thinstall
2011-12-19 01:07:44 ----D---- C:\Program Files\Chocolatier Decadence by Design
2011-12-14 20:36:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-14 20:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-14 20:36:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-14 20:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-14 20:35:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-14 20:35:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-14 20:35:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-08 23:25:49 ----D---- C:\Program Files\ESET
2011-12-08 23:25:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET

======List of files/folders modified in the last 1 month======

2012-01-07 16:36:15 ----D---- C:\WINDOWS\Prefetch
2012-01-07 16:36:14 ----D---- C:\Program Files\trend micro
2012-01-07 16:27:47 ----D---- C:\WINDOWS\Temp
2012-01-07 15:56:38 ----A---- C:\hpqp.ini
2012-01-07 15:56:37 ----D---- C:\WINDOWS
2012-01-07 15:56:35 ----A---- C:\XP_TV.ini
2012-01-06 01:01:39 ----RD---- C:\Program Files
2012-01-06 00:41:02 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2012-01-05 23:35:39 ----SD---- C:\WINDOWS\Tasks
2012-01-04 00:20:16 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-01-03 19:32:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Big Fish Games
2012-01-03 19:31:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\BigFishGamesCache
2012-01-03 19:10:32 ----D---- C:\WINDOWS\system32
2012-01-03 19:10:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-01-03 00:56:41 ----SHD---- C:\WINDOWS\Installer
2012-01-03 00:56:38 ----D---- C:\Program Files\Youdagames
2012-01-03 00:53:02 ----D---- C:\Documents and Settings\Veronika\Data aplikací\YoudaGames
2012-01-02 22:38:51 ----AD---- C:\Qoobox
2012-01-02 22:34:47 ----A---- C:\WINDOWS\system.ini
2012-01-02 22:29:37 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-02 22:10:22 ----D---- C:\WINDOWS\system32\drivers
2011-12-31 20:07:46 ----D---- C:\Program Files\Fish Tycoon
2011-12-31 15:19:12 ----D---- C:\Program Files\Mozilla Firefox
2011-12-30 16:38:46 ----D---- C:\WINDOWS\Microsoft.NET
2011-12-30 16:38:37 ----RSD---- C:\WINDOWS\assembly
2011-12-30 16:08:01 ----D---- C:\WINDOWS\WinSxS
2011-12-22 23:44:33 ----A---- C:\WINDOWS\NeroDigital.ini
2011-12-14 21:35:04 ----D---- C:\WINDOWS\Debug
2011-12-14 20:44:10 ----D---- C:\Program Files\Internet Explorer
2011-12-14 20:37:44 ----A---- C:\WINDOWS\system32\MRT.exe
2011-12-14 20:37:30 ----HD---- C:\WINDOWS\inf
2011-12-14 20:37:17 ----RSHD---- C:\WINDOWS\system32\dllcache
2011-12-14 20:36:57 ----D---- C:\WINDOWS\ie8updates
2011-12-14 20:36:45 ----HD---- C:\WINDOWS\$hf_mig$
2011-12-08 22:57:48 ----D---- C:\WINDOWS\AppPatch
2011-12-08 22:57:47 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2005-10-13 874240]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2005-09-19 7808]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2011-08-04 118104]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2011-08-04 61936]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2011-08-09 154136]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2011-08-04 147480]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-02-15 12672]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-04-28 429184]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2006-04-11 163328]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2011-08-09 39824]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2005-09-19 9344]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\CHDAud.sys [2006-06-02 572928]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-04-20 995712]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-04-20 208000]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-22 1166972]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-06-17 193120]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-04-20 727296]
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ; C:\WINDOWS\System32\Drivers\5U870CAP.sys [2006-06-06 61952]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
S3 catchme;catchme; \??\C:\DOCUME~1\Veronika\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 eabusb;eabusb; C:\WINDOWS\system32\DRIVERS\eabusb.sys [2005-09-19 5760]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-11-16 28928]
S3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-12-22 51840]
S3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-11-01 308992]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20100630.002\symidsco.sys []
S3 UIUSys;Conexant Setup API; C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS []
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel(R) PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2006-04-21 1429632]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S4 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Filtr Compaq sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;Filtr ALI sběrnice AGP; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;Ovladač filtru AMD portu AGP; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-18 13952]
S4 sisagp;Filtr SIS sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;Filtr VIA sběrnice AGP ; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-18 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2005-09-30 96341]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2011-09-22 974944]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-12 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-14 135664]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-12 126976]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-14 135664]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-02 182768]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMConnectCDS;Služba Windows Media Connect; C:\Program Files\Windows Media Connect 2\wmccds.exe [2005-10-06 855552]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Márty84]

Musim to zkontrolovat, coz bude nejakou dobu trvat, tak mate cas

[MaryAnn]

Fajn, počkám. Děkuju

[Márty84]

A jeje, koukam, ze tam nekdo lecil na vlastni pest
ComboFix se pouziva jen na doporuceni radce, protoze spatne pouziti muze poslat system do vecnych lovist. Krom toho maze stopy, takze log z RSIT pak nema smysl.

Najdete tyto dva soubory a jejich obsah mi tady zkopirujte
C:\ComboFix.txt
C:\TDSSKiller.2.4.21.0_02.01.2012_22.10.13_log.txt

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe , ulozte nejlepe na plochu a spustte.
Do leveho okna zkopirujte tento skript

Kód: Vybrat vše

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Program Files\ConduitEngine
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\Norton Security Scan for Veronika.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"=-
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"SunJavaUpdateSched"=-
"DivXUpdate"=-
"TkBellExe"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-

:services
gupdate
gupdatem
gusvc

:commands
[RESETHOSTS]
[EMPTYTEMP]
[EMPTYFLASH]

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery bude zde C:\_OTM\MovedFiles\

[MaryAnn]

No, to víte, už jsem byla zoufalá a nevěděla co s tím, tak jsem zkoušela všehcny dostupné prostředky...

Zde kopíruji jak jste si přál, logy.

Combofix:

ComboFix 11-12-27.01 - Veronika 02.01.2012 22:31:54.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.502.229 [GMT 1:00]
Spuštěný z: c:\documents and settings\Veronika\Plocha\12.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-02 do 2012-01-02 )))))))))))))))))))))))))))))))
.
.
2012-01-01 17:26 . 2012-01-02 21:11 -------- d-----r- c:\program files\Farm Mania 2
2011-12-31 14:10 . 2011-12-31 14:10 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-31 14:10 . 2011-12-31 14:10 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-31 14:10 . 2011-12-31 14:10 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-31 14:10 . 2011-12-31 14:10 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-30 14:58 . 2011-12-30 14:58 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Apple Computer
2011-12-29 23:38 . 2011-12-29 23:40 -------- d-----w- c:\program files\Zylom Games
2011-12-22 20:25 . 2011-12-22 20:25 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Thinstall
2011-12-19 00:07 . 2011-12-19 00:07 -------- d-----w- c:\program files\Chocolatier Decadence by Design
2011-12-08 22:25 . 2011-12-08 22:25 -------- d-----w- c:\program files\ESET
2011-12-08 22:25 . 2011-12-08 22:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-26 12:34 . 2011-08-06 11:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40 . 2004-08-18 21:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:13 . 2004-08-18 21:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2004-08-18 21:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2004-08-18 21:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-18 21:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-18 21:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-18 21:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2004-08-18 21:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2004-08-18 21:00 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-18 21:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-18 21:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-12-31 14:10 . 2011-05-09 10:20 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-12-08_22.01.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-02 19:48 . 2012-01-02 19:48 16384 c:\windows\Temp\Perflib_Perfdata_138.dat
- 2010-07-05 23:24 . 2011-07-08 13:49 46080 c:\windows\system32\tzchange.exe
+ 2010-07-05 23:24 . 2011-11-08 13:46 46080 c:\windows\system32\tzchange.exe
+ 2006-05-10 11:41 . 2011-12-30 15:08 72802 c:\windows\system32\perfc009.dat
+ 2006-05-10 11:41 . 2011-12-30 15:08 84500 c:\windows\system32\perfc005.dat
+ 2005-07-03 10:16 . 2011-11-04 19:13 66560 c:\windows\system32\mshtmled.dll
- 2005-07-03 10:16 . 2011-08-22 23:41 66560 c:\windows\system32\mshtmled.dll
+ 2009-03-08 02:31 . 2011-11-04 19:13 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 02:31 . 2011-08-22 23:41 55296 c:\windows\system32\msfeedsbs.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 25600 c:\windows\system32\jsproxy.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 25600 c:\windows\system32\jsproxy.dll
+ 2011-08-04 08:20 . 2011-08-04 08:20 61936 c:\windows\system32\drivers\epfwtdi.sys
+ 2011-08-09 08:37 . 2011-08-09 08:37 39824 c:\windows\system32\drivers\epfwndis.sys
+ 2010-07-05 23:25 . 2011-11-04 19:13 12800 c:\windows\system32\dllcache\xpshims.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 12800 c:\windows\system32\dllcache\xpshims.dll
- 2009-03-08 02:31 . 2011-08-22 23:41 66560 c:\windows\system32\dllcache\mshtmled.dll
+ 2009-03-08 02:31 . 2011-11-04 19:13 66560 c:\windows\system32\dllcache\mshtmled.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2010-07-05 23:25 . 2011-11-04 19:13 55296 c:\windows\system32\dllcache\msfeedsbs.dll
+ 2009-03-08 02:34 . 2011-11-04 19:13 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 02:34 . 2011-08-22 23:41 43520 c:\windows\system32\dllcache\licmgr10.dll
- 2009-03-08 02:33 . 2011-08-22 23:41 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-03-08 02:33 . 2011-11-04 19:13 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-12-14 07:10 . 2011-04-26 11:07 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-12-14 07:10 . 2011-10-28 05:32 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2011-12-25 02:49 . 2011-12-25 02:49 31504 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2011-07-08 12:00 . 2011-07-08 12:00 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-25 10:07 . 2011-12-25 10:07 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2011-07-07 10:03 . 2011-07-07 10:03 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2011-07-07 11:09 . 2011-07-07 11:09 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2011-07-07 11:09 . 2011-07-07 11:09 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2011-12-08 22:28 . 2011-12-08 22:28 10134 c:\windows\Installer\{FB80FA7C-A20D-43EA-A0C3-1E43F210D1A8}\callmsi.exe
+ 2011-12-14 19:37 . 2011-08-22 23:41 12800 c:\windows\ie8updates\KB2618444-IE8\xpshims.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 66560 c:\windows\ie8updates\KB2618444-IE8\mshtmled.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 55296 c:\windows\ie8updates\KB2618444-IE8\msfeedsbs.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 43520 c:\windows\ie8updates\KB2618444-IE8\licmgr10.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 25600 c:\windows\ie8updates\KB2618444-IE8\jsproxy.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c980644f\System.Drawing.Design.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_4f6fecd1\CustomMarshalers.dll
+ 2011-12-30 15:27 . 2011-12-30 15:27 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\750de53f30e516eb2c62de9bab7954e9\System.Web.DynamicData.Design.ni.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2011-12-30 15:03 . 2011-12-30 15:03 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-11 22:12 . 2011-10-11 22:12 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-11 22:17 . 2011-10-11 22:17 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2011-10-11 22:16 . 2011-10-11 22:16 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 105984 c:\windows\system32\url.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 105984 c:\windows\system32\url.dll
+ 2006-05-10 11:41 . 2011-12-30 15:08 445118 c:\windows\system32\perfh009.dat
+ 2006-05-10 11:41 . 2011-12-30 15:08 442100 c:\windows\system32\perfh005.dat
+ 2004-08-18 21:00 . 2011-11-04 19:13 206848 c:\windows\system32\occache.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 206848 c:\windows\system32\occache.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 611840 c:\windows\system32\mstime.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 611840 c:\windows\system32\mstime.dll
- 2009-03-08 02:32 . 2011-08-22 23:41 602112 c:\windows\system32\msfeeds.dll
+ 2009-03-08 02:32 . 2011-11-04 19:13 602112 c:\windows\system32\msfeeds.dll
+ 2011-12-26 12:34 . 2011-12-26 12:34 247968 c:\windows\system32\Macromed\Flash\FlashUtil11e_Plugin.exe
- 2005-07-03 10:16 . 2011-08-22 23:41 184320 c:\windows\system32\iepeers.dll
+ 2005-07-03 10:16 . 2011-11-04 19:13 184320 c:\windows\system32\iepeers.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 387584 c:\windows\system32\iedkcs32.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 387584 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 21:00 . 2011-11-04 11:24 174080 c:\windows\system32\ie4uinit.exe
- 2004-08-18 21:00 . 2011-08-22 11:56 174080 c:\windows\system32\ie4uinit.exe
- 2006-05-10 11:37 . 2011-10-11 22:52 259840 c:\windows\system32\FNTCACHE.DAT
+ 2006-05-10 11:37 . 2011-12-14 19:44 259840 c:\windows\system32\FNTCACHE.DAT
+ 2011-08-04 08:20 . 2011-08-04 08:20 147480 c:\windows\system32\drivers\epfw.sys
+ 2011-08-04 08:20 . 2011-08-04 08:20 118104 c:\windows\system32\drivers\ehdrv.sys
+ 2011-08-09 13:24 . 2011-08-09 13:24 154136 c:\windows\system32\drivers\eamon.sys
+ 2009-03-08 02:34 . 2011-11-04 19:13 916992 c:\windows\system32\dllcache\wininet.dll
+ 2009-03-08 02:34 . 2011-11-04 19:13 105984 c:\windows\system32\dllcache\url.dll
- 2009-03-08 02:34 . 2011-08-22 23:41 105984 c:\windows\system32\dllcache\url.dll
+ 2009-03-08 02:34 . 2011-11-04 19:13 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 02:34 . 2011-08-22 23:41 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 02:32 . 2011-08-22 23:41 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 02:32 . 2011-11-04 19:13 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-07-05 23:25 . 2011-11-04 19:13 602112 c:\windows\system32\dllcache\msfeeds.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 602112 c:\windows\system32\dllcache\msfeeds.dll
+ 2010-07-05 23:25 . 2011-11-04 19:13 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 247808 c:\windows\system32\dllcache\ieproxy.dll
- 2009-03-08 02:31 . 2011-08-22 23:41 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2009-03-08 02:31 . 2011-11-04 19:13 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-07-05 23:25 . 2011-11-04 19:13 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 743424 c:\windows\system32\dllcache\iedvtool.dll
- 2009-03-08 12:09 . 2011-08-22 23:41 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 12:09 . 2011-11-04 19:13 387584 c:\windows\system32\dllcache\iedkcs32.dll
- 2009-03-08 02:32 . 2011-08-22 11:56 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2009-03-08 02:32 . 2011-11-04 11:24 174080 c:\windows\system32\dllcache\ie4uinit.exe
+ 2011-02-09 13:53 . 2011-10-18 11:13 186880 c:\windows\system32\dllcache\encdec.dll
- 2011-02-09 13:53 . 2011-02-09 13:53 186880 c:\windows\system32\dllcache\encdec.dll
+ 2011-12-25 02:49 . 2011-12-25 02:49 436496 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2011-12-24 21:55 . 2011-12-24 21:55 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2011-07-07 10:04 . 2011-07-07 10:04 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2011-07-07 10:01 . 2011-07-07 10:01 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2011-07-07 11:09 . 2011-07-07 11:09 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-24 22:49 . 2011-12-24 22:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2011-12-25 04:40 . 2011-12-25 04:40 819200 c:\windows\Installer\1482f0.msp
+ 2011-12-08 22:28 . 2011-12-08 22:28 105624 c:\windows\Installer\{FB80FA7C-A20D-43EA-A0C3-1E43F210D1A8}\egui.exe
+ 2011-12-14 19:36 . 2011-08-22 23:41 916480 c:\windows\ie8updates\KB2618444-IE8\wininet.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 105984 c:\windows\ie8updates\KB2618444-IE8\url.dll
+ 2011-12-14 19:37 . 2010-07-05 13:13 391032 c:\windows\ie8updates\KB2618444-IE8\spuninst\updspapi.dll
+ 2011-12-14 19:37 . 2010-07-05 13:13 233848 c:\windows\ie8updates\KB2618444-IE8\spuninst\spuninst.exe
+ 2011-12-14 19:36 . 2011-08-22 23:41 206848 c:\windows\ie8updates\KB2618444-IE8\occache.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 611840 c:\windows\ie8updates\KB2618444-IE8\mstime.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 602112 c:\windows\ie8updates\KB2618444-IE8\msfeeds.dll
+ 2011-12-14 19:37 . 2011-08-22 23:41 247808 c:\windows\ie8updates\KB2618444-IE8\ieproxy.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 184320 c:\windows\ie8updates\KB2618444-IE8\iepeers.dll
+ 2011-12-14 19:37 . 2011-08-22 23:41 743424 c:\windows\ie8updates\KB2618444-IE8\iedvtool.dll
+ 2011-12-14 19:37 . 2011-08-22 23:41 387584 c:\windows\ie8updates\KB2618444-IE8\iedkcs32.dll
+ 2011-12-14 19:37 . 2011-08-22 11:56 174080 c:\windows\ie8updates\KB2618444-IE8\ie4uinit.exe
+ 2011-10-11 22:13 . 2011-10-11 22:13 835584 c:\windows\assembly\temp\IRZ7FNV3BJ\System.Drawing.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_64480e68\System.Drawing.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_303b985d\System.Drawing.Design.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_aed2793d\CustomMarshalers.dll
+ 2011-12-30 15:24 . 2011-12-30 15:24 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\0bda7bdfaf440d5dd4bc6a1dea7ffa39\System.Web.Routing.ni.dll
+ 2011-12-30 15:30 . 2011-12-30 15:30 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6e29f9faa74a48b83a13a3413b826295\System.Web.Extensions.Design.ni.dll
+ 2011-12-30 15:28 . 2011-12-30 15:28 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\be8965fe859bc53dff61579bf626858b\System.Web.Entity.ni.dll
+ 2011-12-30 15:28 . 2011-12-30 15:28 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\8441b3eb247e0344fede848337ee911c\System.Web.Entity.Design.ni.dll
+ 2011-12-30 15:27 . 2011-12-30 15:27 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\09c6a41f187ba483486cdb92dad714a1\System.Web.DynamicData.ni.dll
+ 2011-12-30 15:23 . 2011-12-30 15:23 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\5efb726d424b9712632eff749411fa89\System.Web.Abstractions.ni.dll
+ 2011-12-30 15:21 . 2011-12-30 15:21 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\f374e8e7849a72d1470b4a6a0771a137\System.Data.Entity.Design.ni.dll
+ 2011-12-30 15:20 . 2011-12-30 15:20 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\439732479756e0f6df88d29e50a402bf\ServiceModelReg.ni.exe
+ 2011-12-30 15:18 . 2011-12-30 15:18 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bfcea15c95909860c4f4ac19bd7a2d6c\AspNetMMCExt.ni.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 425984 c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 110592 c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 659456 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 372736 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 110592 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 749568 c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 655360 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 348160 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 507904 c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 261632 c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 113664 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 258048 c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 486400 c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
- 2004-08-18 21:00 . 2011-08-22 23:41 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 1212416 c:\windows\system32\urlmon.dll
+ 2004-08-18 21:00 . 2011-11-04 19:13 5978112 c:\windows\system32\mshtml.dll
+ 2011-08-06 11:57 . 2011-12-26 12:34 8527008 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2009-03-08 02:32 . 2011-08-22 23:41 2000384 c:\windows\system32\iertutil.dll
+ 2009-03-08 02:32 . 2011-11-04 19:13 2000384 c:\windows\system32\iertutil.dll
+ 2010-05-02 08:09 . 2011-11-23 14:40 1859584 c:\windows\system32\dllcache\win32k.sys
- 2009-03-08 02:34 . 2011-08-22 23:41 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2009-03-08 02:34 . 2011-11-04 19:13 1212416 c:\windows\system32\dllcache\urlmon.dll
+ 2010-07-16 12:00 . 2011-11-01 16:07 1288192 c:\windows\system32\dllcache\ole32.dll
+ 2010-07-05 23:17 . 2011-10-26 10:50 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2194944 c:\windows\system32\dllcache\ntoskrnl.exe
+ 2010-07-05 23:17 . 2011-10-26 10:49 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2029056 c:\windows\system32\dllcache\ntkrpamp.exe
+ 2009-02-10 17:09 . 2011-10-26 10:50 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2009-02-10 17:09 . 2010-12-09 15:14 2071552 c:\windows\system32\dllcache\ntkrnlpa.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2010-07-05 23:17 . 2011-10-26 10:49 2150912 c:\windows\system32\dllcache\ntkrnlmp.exe
+ 2009-03-08 02:41 . 2011-11-04 19:13 5978112 c:\windows\system32\dllcache\mshtml.dll
+ 2010-07-05 23:25 . 2011-11-04 19:13 2000384 c:\windows\system32\dllcache\iertutil.dll
- 2010-07-05 23:25 . 2011-08-22 23:41 2000384 c:\windows\system32\dllcache\iertutil.dll
+ 2011-12-25 02:50 . 2011-12-25 02:50 5246976 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Web.dll
+ 2011-12-25 10:07 . 2011-12-25 10:07 2064384 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Windows.Forms.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1269760 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2011-12-24 21:54 . 2011-12-24 21:54 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
- 2011-07-07 10:02 . 2011-07-07 10:02 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-24 21:53 . 2011-12-24 21:53 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2011-12-25 10:06 . 2011-12-25 10:06 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
- 2011-07-08 11:59 . 2011-07-08 11:59 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2011-12-08 22:28 . 2011-12-08 22:28 1043968 c:\windows\Installer\25e64a.msi
+ 2011-12-26 08:59 . 2011-12-26 08:59 4368896 c:\windows\Installer\148314.msp
+ 2011-12-14 19:36 . 2011-08-22 23:41 1212416 c:\windows\ie8updates\KB2618444-IE8\urlmon.dll
+ 2011-12-14 19:36 . 2011-10-03 08:31 5971456 c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
+ 2011-12-14 19:36 . 2011-08-22 23:41 2000384 c:\windows\ie8updates\KB2618444-IE8\iertutil.dll
+ 2010-07-05 23:17 . 2011-10-26 10:50 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2194944 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2010-07-05 23:17 . 2011-10-26 10:49 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2029056 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-10 17:09 . 2010-12-09 15:14 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-10 17:09 . 2011-10-26 10:50 2071552 c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2010-07-05 23:17 . 2010-12-09 15:14 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2010-07-05 23:17 . 2011-10-26 10:49 2150912 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2006-05-10 11:41 . 2006-05-10 11:41 2052096 c:\windows\assembly\temp\X7FNV3BJRZ\System.Windows.Forms.dll
+ 2011-10-11 22:12 . 2011-10-11 22:12 1966080 c:\windows\assembly\temp\R08GOW4CKS\System.dll
+ 2011-10-11 22:13 . 2011-10-11 22:13 3391488 c:\windows\assembly\temp\NW4CKS08GO\mscorlib.dll
+ 2011-10-11 22:13 . 2011-10-11 22:13 2088960 c:\windows\assembly\temp\LV3BJRZ7FN\System.Xml.dll
+ 2011-10-11 22:13 . 2011-10-11 22:13 3018752 c:\windows\assembly\temp\KU2AIQY6EM\System.Windows.Forms.dll
+ 2011-10-11 22:12 . 2011-10-11 22:12 1232896 c:\windows\assembly\temp\6GOW4CKS08\System.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_a25dc34e\System.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_640c16b6\System.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_f50436cb\System.Xml.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3536802d\System.Xml.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 3035136 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_f6a3fc40\System.Windows.Forms.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 7917568 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_efaebfe9\System.Windows.Forms.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_505e1251\System.Drawing.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_7a5aa624\System.Design.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_094d6960\System.Design.dll
+ 2011-12-30 15:05 . 2011-12-30 15:05 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_d4d76cb1\mscorlib.dll
+ 2011-12-30 15:04 . 2011-12-30 15:04 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9ebdffa2\mscorlib.dll
+ 2011-12-30 15:38 . 2011-12-30 15:38 1356288 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\05c29118462056cf810df0b6aa660d05\System.WorkflowServices.ni.dll
+ 2011-12-30 15:38 . 2011-12-30 15:38 1908224 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\26b3258c559dc0ab6bdce481ffd458b3\System.Workflow.Runtime.ni.dll
+ 2011-12-30 15:37 . 2011-12-30 15:37 4514304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\1642d1b72cd84caf24cbe7c5e8fd8368\System.Workflow.ComponentModel.ni.dll
+ 2011-12-30 15:36 . 2011-12-30 15:36 2992640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\32ce12c3c2049f2df94c44c94b052e16\System.Workflow.Activities.ni.dll
+ 2011-12-30 15:33 . 2011-12-30 15:33 1840640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\f63ae1310e004777e880f28377bcddd2\System.Web.Services.ni.dll
+ 2011-12-30 15:31 . 2011-12-30 15:31 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\c99b02434e71ca9898bebbc08d63e885\System.Web.Mobile.ni.dll
+ 2011-12-30 15:27 . 2011-12-30 15:27 2405888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\c8f78b9e94857fdf6c2a378dd1629ee0\System.Web.Extensions.ni.dll
+ 2011-12-30 15:21 . 2011-12-30 15:21 1706496 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\ae749b024162e9ac79110c633b5ce6be\System.ServiceModel.Web.ni.dll
+ 2011-12-30 15:18 . 2011-12-30 15:18 1070080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\23eb4618c9d171be9fb551a13a475a32\System.IdentityModel.ni.dll
+ 2011-12-30 15:21 . 2011-12-30 15:21 1328128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\f35064c125799df650c1a959d8fa450b\System.Data.Services.ni.dll
+ 2011-12-30 15:21 . 2011-12-30 15:21 1712128 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\a86c12788293105a0d9fda1bc90c90bc\Microsoft.VisualBasic.ni.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 3182592 c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 2048000 c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 5025792 c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
- 2010-10-02 10:54 . 2010-10-02 10:54 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
+ 2011-12-30 15:01 . 2011-12-30 15:01 1277952 c:\windows\assembly\GAC_MSIL\System.Web.Extensions\3.5.0.0__31bf3856ad364e35\System.Web.Extensions.dll
- 2011-10-11 22:16 . 2011-10-11 22:16 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 5062656 c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2011-12-30 15:07 . 2011-12-30 15:07 5246976 c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 2933248 c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2011-12-30 15:08 . 2011-12-30 15:08 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-11 22:17 . 2011-10-11 22:17 4550656 c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2011-10-11 22:12 . 2011-10-11 22:12 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-12-30 15:03 . 2011-12-30 15:03 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2011-12-30 15:03 . 2011-12-30 15:03 2064384 c:\windows\assembly\GAC\System.Windows.Forms\1.0.5000.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2011-12-30 15:03 . 2011-12-30 15:03 1269760 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-07-05 23:38 . 2011-12-14 19:37 52988224 c:\windows\system32\MRT.exe
+ 2009-03-08 02:39 . 2011-11-05 13:13 11081728 c:\windows\system32\ieframe.dll
- 2009-03-08 02:39 . 2011-08-23 15:41 11081728 c:\windows\system32\ieframe.dll
+ 2010-07-05 23:25 . 2011-11-05 13:13 11081728 c:\windows\system32\dllcache\ieframe.dll
- 2010-07-05 23:25 . 2011-08-23 15:41 11081728 c:\windows\system32\dllcache\ieframe.dll
+ 2011-12-26 16:02 . 2011-12-26 16:02 12482048 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp
+ 2011-12-26 08:02 . 2011-12-26 08:02 19677184 c:\windows\Installer\14830a.msp
+ 2011-12-14 19:36 . 2011-08-23 15:41 11081728 c:\windows\ie8updates\KB2618444-IE8\ieframe.dll
+ 2011-12-30 15:23 . 2011-12-30 15:23 11817472 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\62e34cfb5a8b233667c7c5a47a32ad93\System.Web.ni.dll
+ 2011-12-30 15:20 . 2011-12-30 15:20 17403904 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll
+ 2011-12-30 15:10 . 2011-12-30 15:10 10683392 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\9e15d80ffb037e9171fa4bd2e0233497\System.Design.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-09-12 14:02 3863136 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-09-12 3863136]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-13 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-22 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-22 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-22 118784]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-12-09 1226608]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-05-25 273544]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 3080264]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [4.8.2011 9:20 118104]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [22.9.2011 12:03 974944]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14.7.2010 15:03 135664]
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [6.6.2006 21:39 61952]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [14.7.2010 15:03 135664]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - klmd25
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-14 14:03]
.
2012-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-14 14:03]
.
2011-11-25 c:\windows\Tasks\Norton Security Scan for Veronika.job
- c:\progra~1\NORTON~2\Engine\351~1.6\Nss.exe [2011-08-06 22:47]
.
2012-01-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-01-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: windowsupdate.com\download
FF - ProfilePath - c:\documents and settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
FF - user.js: network.proxy.http_port - 0
FF - user.js: network.proxy.ssl -
FF - user.js: network.proxy.ssl_port - 0
FF - user.js: network.proxy.ftp -
FF - user.js: network.proxy.ftp_port - 0
FF - user.js: network.proxy.gopher -
FF - user.js: network.proxy.gopher_port - 0
FF - user.js: network.proxy.socks_version - 5
FF - user.js: network.proxy.socks -
FF - user.js: network.proxy.socks_port - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-02 22:34
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Z??????`?@?????L?@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
device: opened successfully
user: error reading MBR
kernel: MBR read successfully
user != kernel MBR !!!
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3134737558-3822295182-1303552718-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e3,d2,61,80,f0,92,6c,73,4c,4d,74,45,0b,28,72,f4,a7,59,e4,f9,bc,84,4b,
d7,b0,1f,60,68,bb,6f,5e,56,fa,51,6f,f0,6d,01,c8,56,9a,c9,84,04,cb,a1,45,66,\
"??"=hex:7e,da,23,e0,d0,bc,31,d1,e4,05,06,84,75,95,ce,04
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1740)
c:\windows\system32\webcheck.dll
.
Celkový čas: 2012-01-02 22:38:46
ComboFix-quarantined-files.txt 2012-01-02 21:38
ComboFix2.txt 2011-12-08 22:05
ComboFix3.txt 2011-06-05 18:26
ComboFix4.txt 2011-03-27 20:54
ComboFix5.txt 2012-01-02 21:27
.
Před spuštěním: 3 377 430 528
Po spuštění: 3 367 682 048
.
- - End Of File - - 92C26E8D875BC604ACACECA49301FEE7



Dále Killer:


2012/01/02 22:10:13.0312 3144 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2012/01/02 22:10:14.0187 3144 ================================================================================
2012/01/02 22:10:14.0187 3144 SystemInfo:
2012/01/02 22:10:14.0187 3144
2012/01/02 22:10:14.0187 3144 OS Version: 5.1.2600 ServicePack: 3.0
2012/01/02 22:10:14.0187 3144 Product type: Workstation
2012/01/02 22:10:14.0187 3144 ComputerName: PC193051483824
2012/01/02 22:10:14.0187 3144 UserName: Veronika
2012/01/02 22:10:14.0187 3144 Windows directory: C:\WINDOWS
2012/01/02 22:10:14.0187 3144 System windows directory: C:\WINDOWS
2012/01/02 22:10:14.0187 3144 Processor architecture: Intel x86
2012/01/02 22:10:14.0187 3144 Number of processors: 1
2012/01/02 22:10:14.0187 3144 Page size: 0x1000
2012/01/02 22:10:14.0187 3144 Boot type: Normal boot
2012/01/02 22:10:14.0187 3144 ================================================================================
2012/01/02 22:10:23.0765 3144 Initialize success
2012/01/02 22:10:28.0484 4056 ================================================================================
2012/01/02 22:10:28.0484 4056 Scan started
2012/01/02 22:10:28.0484 4056 Mode: Manual;
2012/01/02 22:10:28.0484 4056 ================================================================================
2012/01/02 22:10:30.0031 4056 5U870CAP_VID_1262&PID_25FD (d2142fee659d97b2b05820f21594bfe2) C:\WINDOWS\system32\Drivers\5U870CAP.sys
2012/01/02 22:10:30.0296 4056 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2012/01/02 22:10:30.0500 4056 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2012/01/02 22:10:30.0625 4056 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2012/01/02 22:10:30.0703 4056 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2012/01/02 22:10:30.0843 4056 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2012/01/02 22:10:30.0968 4056 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
2012/01/02 22:10:31.0125 4056 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2012/01/02 22:10:31.0250 4056 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2012/01/02 22:10:31.0343 4056 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2012/01/02 22:10:31.0531 4056 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2012/01/02 22:10:31.0593 4056 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2012/01/02 22:10:31.0750 4056 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2012/01/02 22:10:31.0875 4056 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2012/01/02 22:10:31.0968 4056 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2012/01/02 22:10:32.0046 4056 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2012/01/02 22:10:32.0140 4056 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
2012/01/02 22:10:32.0250 4056 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2012/01/02 22:10:32.0328 4056 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2012/01/02 22:10:32.0453 4056 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2012/01/02 22:10:32.0562 4056 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2012/01/02 22:10:32.0671 4056 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2012/01/02 22:10:32.0890 4056 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2012/01/02 22:10:33.0062 4056 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2012/01/02 22:10:33.0250 4056 BCM43XX (114234fafec7060392195170e1c4d45e) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
2012/01/02 22:10:33.0343 4056 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2012/01/02 22:10:33.0453 4056 BTWUSB (4272bab9291d26da5ac913bc79c3ce85) C:\WINDOWS\system32\Drivers\btwusb.sys
2012/01/02 22:10:33.0796 4056 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2012/01/02 22:10:33.0859 4056 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2012/01/02 22:10:33.0968 4056 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2012/01/02 22:10:34.0125 4056 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2012/01/02 22:10:34.0234 4056 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2012/01/02 22:10:34.0343 4056 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2012/01/02 22:10:34.0468 4056 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2012/01/02 22:10:34.0640 4056 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2012/01/02 22:10:34.0765 4056 CmdIde (964d0f042aca51d5644779eb9d9ee40f) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2012/01/02 22:10:34.0812 4056 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2012/01/02 22:10:34.0921 4056 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2012/01/02 22:10:35.0046 4056 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2012/01/02 22:10:35.0218 4056 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2012/01/02 22:10:35.0343 4056 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2012/01/02 22:10:35.0453 4056 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\WINDOWS\system32\drivers\dmboot.sys
2012/01/02 22:10:35.0687 4056 dmio (fff1720af51171f32f1ead5cf71f2810) C:\WINDOWS\system32\drivers\dmio.sys
2012/01/02 22:10:35.0843 4056 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2012/01/02 22:10:35.0968 4056 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2012/01/02 22:10:36.0062 4056 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2012/01/02 22:10:36.0125 4056 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2012/01/02 22:10:36.0250 4056 E100B (83403675cab29e7a4b885b11e7c855d8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2012/01/02 22:10:36.0484 4056 eabfiltr (b5cb3084046146fd2587d8c9b219feb4) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys
2012/01/02 22:10:36.0593 4056 eabusb (231f4547ae1e4b3e60eca66c3a96d218) C:\WINDOWS\system32\DRIVERS\eabusb.sys
2012/01/02 22:10:36.0750 4056 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys
2012/01/02 22:10:36.0890 4056 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2012/01/02 22:10:36.0953 4056 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\WINDOWS\system32\DRIVERS\epfw.sys
2012/01/02 22:10:37.0031 4056 Epfwndis (75d3bcd3e0eded0ab0f96d9a10ff01c9) C:\WINDOWS\system32\DRIVERS\Epfwndis.sys
2012/01/02 22:10:37.0156 4056 epfwtdi (dc64f26f35e32c9472bbf8acd84060d3) C:\WINDOWS\system32\DRIVERS\epfwtdi.sys
2012/01/02 22:10:37.0296 4056 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2012/01/02 22:10:37.0468 4056 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2012/01/02 22:10:37.0515 4056 Fips (ac366695a0796560aa37215ad5762aaf) C:\WINDOWS\system32\drivers\Fips.sys
2012/01/02 22:10:37.0671 4056 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2012/01/02 22:10:37.0734 4056 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2012/01/02 22:10:37.0843 4056 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2012/01/02 22:10:37.0906 4056 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2012/01/02 22:10:38.0031 4056 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2012/01/02 22:10:38.0234 4056 HBtnKey (4d4d97671c63c3af869b3518e6054204) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
2012/01/02 22:10:38.0406 4056 HdAudAddService (2a6e9a118da2dd0439551a7eb3a8f65e) C:\WINDOWS\system32\drivers\CHDAud.sys
2012/01/02 22:10:38.0500 4056 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2012/01/02 22:10:38.0656 4056 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2012/01/02 22:10:38.0906 4056 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2012/01/02 22:10:39.0078 4056 HSFHWAZL (448c0fd272fe1b80046f4767db21eb8d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
2012/01/02 22:10:39.0218 4056 HSF_DPV (2715a27de9c17bdbaf6d6c79989a7b12) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
2012/01/02 22:10:39.0437 4056 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2012/01/02 22:10:39.0640 4056 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2012/01/02 22:10:39.0781 4056 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2012/01/02 22:10:39.0890 4056 i8042prt (c528e27945367191e7bae364930b6932) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2012/01/02 22:10:40.0109 4056 ialm (0f0194c4b635c10c3f785e4fee52d641) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2012/01/02 22:10:40.0328 4056 iaStor (309c4d86d989fb1fcf64bd30dc81c51b) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2012/01/02 22:10:40.0500 4056 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2012/01/02 22:10:40.0593 4056 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2012/01/02 22:10:40.0703 4056 IntelIde (57d928e548b38502abba7a77a6eb7312) C:\WINDOWS\system32\DRIVERS\intelide.sys
2012/01/02 22:10:40.0781 4056 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2012/01/02 22:10:40.0953 4056 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2012/01/02 22:10:41.0109 4056 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2012/01/02 22:10:41.0343 4056 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2012/01/02 22:10:41.0406 4056 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2012/01/02 22:10:41.0484 4056 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2012/01/02 22:10:41.0656 4056 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2012/01/02 22:10:41.0921 4056 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2012/01/02 22:10:42.0000 4056 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2012/01/02 22:10:42.0093 4056 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2012/01/02 22:10:42.0234 4056 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2012/01/02 22:10:42.0390 4056 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2012/01/02 22:10:42.0578 4056 mdmxsdk (74f4372af97a587ecec527ec34955712) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2012/01/02 22:10:42.0718 4056 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2012/01/02 22:10:42.0843 4056 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\WINDOWS\system32\drivers\Modem.sys
2012/01/02 22:10:43.0031 4056 Mouclass (4cb582831dbde63ce43b45d771218374) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2012/01/02 22:10:43.0203 4056 mouhid (bb269eba740737ab749b214d568b6812) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2012/01/02 22:10:43.0296 4056 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2012/01/02 22:10:43.0437 4056 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2012/01/02 22:10:43.0593 4056 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2012/01/02 22:10:43.0828 4056 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2012/01/02 22:10:43.0968 4056 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2012/01/02 22:10:44.0062 4056 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2012/01/02 22:10:44.0140 4056 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2012/01/02 22:10:44.0281 4056 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2012/01/02 22:10:44.0437 4056 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2012/01/02 22:10:44.0671 4056 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2012/01/02 22:10:44.0812 4056 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2012/01/02 22:10:44.0921 4056 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2012/01/02 22:10:45.0140 4056 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2012/01/02 22:10:45.0203 4056 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2012/01/02 22:10:45.0359 4056 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2012/01/02 22:10:45.0437 4056 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2012/01/02 22:10:45.0609 4056 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2012/01/02 22:10:45.0687 4056 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2012/01/02 22:10:45.0828 4056 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2012/01/02 22:10:45.0906 4056 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2012/01/02 22:10:46.0078 4056 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
2012/01/02 22:10:46.0171 4056 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2012/01/02 22:10:46.0312 4056 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2012/01/02 22:10:46.0562 4056 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2012/01/02 22:10:46.0656 4056 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2012/01/02 22:10:46.0781 4056 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2012/01/02 22:10:46.0953 4056 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
2012/01/02 22:10:47.0031 4056 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\WINDOWS\system32\drivers\Parport.sys
2012/01/02 22:10:47.0171 4056 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2012/01/02 22:10:47.0265 4056 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\WINDOWS\system32\drivers\ParVdm.sys
2012/01/02 22:10:47.0312 4056 PCI (6ce351d149cb4befc702951e471e1730) C:\WINDOWS\system32\DRIVERS\pci.sys
2012/01/02 22:10:47.0421 4056 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\WINDOWS\system32\DRIVERS\pciide.sys
2012/01/02 22:10:47.0468 4056 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
2012/01/02 22:10:47.0625 4056 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2012/01/02 22:10:47.0640 4056 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2012/01/02 22:10:47.0781 4056 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2012/01/02 22:10:50.0281 4056 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2012/01/02 22:10:50.0468 4056 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2012/01/02 22:10:50.0546 4056 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2012/01/02 22:10:50.0593 4056 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2012/01/02 22:10:50.0687 4056 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2012/01/02 22:10:50.0750 4056 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2012/01/02 22:10:50.0953 4056 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2012/01/02 22:10:51.0093 4056 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2012/01/02 22:10:51.0234 4056 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2012/01/02 22:10:51.0359 4056 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2012/01/02 22:10:51.0437 4056 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2012/01/02 22:10:51.0671 4056 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2012/01/02 22:10:51.0765 4056 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2012/01/02 22:10:51.0859 4056 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2012/01/02 22:10:51.0937 4056 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2012/01/02 22:10:52.0046 4056 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2012/01/02 22:10:52.0093 4056 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2012/01/02 22:10:52.0343 4056 rimmptsk (7a6648b61661b1421ffab762e391e33f) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
2012/01/02 22:10:52.0421 4056 rimsptsk (d0a35b7670aa3558eaab483f64446496) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
2012/01/02 22:10:52.0562 4056 rismxdp (3ac17802740c3a4764dc9750e92e6233) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
2012/01/02 22:10:52.0718 4056 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2012/01/02 22:10:52.0843 4056 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
2012/01/02 22:10:53.0031 4056 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2012/01/02 22:10:53.0109 4056 Serial (b842729337c9b921615c40d3c1a1af96) C:\WINDOWS\system32\drivers\Serial.sys
2012/01/02 22:10:53.0171 4056 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2012/01/02 22:10:53.0375 4056 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2012/01/02 22:10:53.0593 4056 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2012/01/02 22:10:53.0750 4056 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2012/01/02 22:10:53.0828 4056 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2012/01/02 22:10:53.0890 4056 sr (94610c8653635e4459316a0050d55ce7) C:\WINDOWS\system32\DRIVERS\sr.sys
2012/01/02 22:10:54.0015 4056 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2012/01/02 22:10:54.0062 4056 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2012/01/02 22:10:54.0093 4056 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2012/01/02 22:10:54.0203 4056 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2012/01/02 22:10:54.0281 4056 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2012/01/02 22:10:54.0437 4056 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2012/01/02 22:10:54.0703 4056 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2012/01/02 22:10:54.0765 4056 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2012/01/02 22:10:54.0984 4056 SynTP (369d0626687a968182a9db40fe8a0905) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2012/01/02 22:10:55.0093 4056 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2012/01/02 22:10:55.0281 4056 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2012/01/02 22:10:55.0359 4056 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2012/01/02 22:10:55.0437 4056 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2012/01/02 22:10:55.0500 4056 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2012/01/02 22:10:55.0687 4056 TosIde (fd4fd7d6fda5c019ed86025d7be1510f) C:\WINDOWS\system32\DRIVERS\toside.sys
2012/01/02 22:10:55.0765 4056 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2012/01/02 22:10:55.0828 4056 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2012/01/02 22:10:55.0953 4056 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2012/01/02 22:10:56.0078 4056 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2012/01/02 22:10:56.0109 4056 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2012/01/02 22:10:56.0187 4056 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2012/01/02 22:10:56.0265 4056 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2012/01/02 22:10:56.0312 4056 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2012/01/02 22:10:56.0468 4056 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2012/01/02 22:10:56.0656 4056 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2012/01/02 22:10:56.0765 4056 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2012/01/02 22:10:56.0828 4056 VolSnap (28a4b296b47782173c346e376cb374d1) C:\WINDOWS\system32\drivers\VolSnap.sys
2012/01/02 22:10:57.0031 4056 w39n51 (c79918a5bd269035f3a34d157401b9df) C:\WINDOWS\system32\DRIVERS\w39n51.sys
2012/01/02 22:10:57.0171 4056 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2012/01/02 22:10:57.0390 4056 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2012/01/02 22:10:57.0593 4056 winachsf (7fe372b1ab60736cc67e8eb6f1fb1f5b) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2012/01/02 22:10:57.0796 4056 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
2012/01/02 22:10:57.0968 4056 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
2012/01/02 22:10:58.0062 4056 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2012/01/02 22:10:58.0171 4056 ================================================================================
2012/01/02 22:10:58.0171 4056 Scan finished
2012/01/02 22:10:58.0171 4056 ================================================================================
2012/01/02 22:11:01.0343 1756 Deinitialize success

[MaryAnn]

A poslední z OTM:


All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\002488_.tmp moved successfully.
C:\WINDOWS\SE4DB90C8.tmp moved successfully.
C:\Program Files\ConduitEngine folder moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\Norton Security Scan for Veronika.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job moved successfully.
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3134737558-3822295182-1303552718-1006.job moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\TkBellExe deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\swg deleted successfully.
========== SERVICES/DRIVERS ==========
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Veronika
->Temp folder emptied: 4251059 bytes
->Temporary Internet Files folder emptied: 43713 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 73373417 bytes
->Google Chrome cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 59515 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 34978586 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 35104888 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 163445 bytes

Total Files Cleaned = 141,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Veronika
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.19.0 log created on 01072012_182707


Děkuji za rady

[vyosek]

Zdravim a pekny vecer preji

Kolega me poprosil o zaskok na log z ComboFixu

ComboFix co mate na plose - je prejmenovany na 12.exe smazte

Stahnete si novy ComboFix odtud http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Stahnete si Konzolu pro zotaveni odsud http://www.viry.cz/forum/download/file.php?id=5068 a ulozte ji primo na disk c:\ tak aby nebyla v zadne slozce - rozbalte jej tez primo na disk tak aby i rozbaleny soubor byl primo na disku c:\ takze cesta k nemu bude c:\rc.exe - musi to tak byt - odkazuje na nej CFScript

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  File::
  c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
  
  Registry::
  [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
  
  DDS::
  uInternet Settings,ProxyOverride = plimus.com;www.plimus.com;regnow.com;www.regnow.com
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  Trusted Zone: microsoft.com\*.update
  Trusted Zone: microsoft.com\update
  Trusted Zone: microsoft.com\windowsupdate
  Trusted Zone: windowsupdate.com\download
  
  SecCenter::
  FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
  {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
  
  Firefox::
  FF - ProfilePath - c:\documents and settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\
  F - prefs.js: network.proxy.gopher -
  FF - prefs.js: network.proxy.gopher_port - 0
  FF - prefs.js: network.proxy.type - 0
  FF - user.js: network.proxy.type - 0
  FF - user.js: network.proxy.http -
  FF - user.js: network.proxy.http_port - 0
  FF - user.js: network.proxy.ssl -
  FF - user.js: network.proxy.ssl_port - 0
  FF - user.js: network.proxy.ftp -
  FF - user.js: network.proxy.ftp_port - 0
  FF - user.js: network.proxy.gopher -
  FF - user.js: network.proxy.gopher_port - 0
  FF - user.js: network.proxy.socks_version - 5
  FF - user.js: network.proxy.socks -
  FF - user.js: network.proxy.socks_port - 0
  
  RecoveryConsole::
  c:\rc.exe
  
  ClearJavaCache::
  
  AtJob::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[MaryAnn]

Přeji hezký den a děkuji za rady

Vkládám log:

ComboFix 12-01-06.03 - Veronika 07.01.2012 19:23:37.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.502.261 [GMT 1:00]
Spuštěný z: c:\documents and settings\Veronika\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Veronika\Plocha\CFScript.txt
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 18:12 . 2011-11-20 10:06 4631272 ----a-w- C:\rc.exe
2012-01-07 17:27 . 2012-01-07 17:27 -------- d-----w- C:\_OTM
2012-01-06 00:00 . 2012-01-06 22:43 -------- d-----w- c:\program files\Farm Mania 2
2012-01-03 19:22 . 2012-01-03 19:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iWin Games
2012-01-02 23:52 . 2012-01-02 23:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Youdagames
2011-12-31 14:10 . 2011-12-31 14:10 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-31 14:10 . 2011-12-31 14:10 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-31 14:10 . 2011-12-31 14:10 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-31 14:10 . 2011-12-31 14:10 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-30 14:58 . 2011-12-30 14:58 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Apple Computer
2011-12-29 23:38 . 2011-12-29 23:40 -------- d-----w- c:\program files\Zylom Games
2011-12-22 20:25 . 2011-12-22 20:25 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Thinstall
2011-12-19 00:07 . 2011-12-19 00:07 -------- d-----w- c:\program files\Chocolatier Decadence by Design
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-26 12:34 . 2011-08-06 11:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40 . 2004-08-18 21:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:13 . 2004-08-18 21:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2004-08-18 21:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2004-08-18 21:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-18 21:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-18 21:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-18 21:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2004-08-18 21:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2004-08-18 21:00 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-18 21:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-18 21:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-12-31 14:10 . 2011-05-09 10:20 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-01-02_21.34.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-07 18:33 . 2012-01-07 18:33 16384 c:\windows\temp\Perflib_Perfdata_7a8.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 72802 c:\windows\system32\perfc009.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 72802 c:\windows\system32\perfc009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 84500 c:\windows\system32\perfc005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 84500 c:\windows\system32\perfc005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 445118 c:\windows\system32\perfh009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 445118 c:\windows\system32\perfh009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 442100 c:\windows\system32\perfh005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 442100 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-22 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-22 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-22 118784]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [6.6.2006 21:39 61952]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\
FF - prefs.js: browser.startup.homepage - http://www.google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-conduitEngine - c:\progra~1\CONDUI~1\ConduitEngineUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-07 19:36
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Z??????`?@?????L?@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3134737558-3822295182-1303552718-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e3,d2,61,80,f0,92,6c,73,4c,4d,74,45,0b,28,72,f4,a7,59,e4,f9,bc,84,4b,
d7,b0,1f,60,68,bb,6f,5e,56,fa,51,6f,f0,6d,01,c8,56,9a,c9,84,04,cb,a1,45,66,\
"??"=hex:7e,da,23,e0,d0,bc,31,d1,e4,05,06,84,75,95,ce,04
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2256)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 19:40:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 18:40
ComboFix2.txt 2011-12-08 22:05
ComboFix3.txt 2011-06-05 18:26
ComboFix4.txt 2011-03-27 20:54
ComboFix5.txt 2012-01-02 21:27
.
Před spuštěním: 2 455 035 904
Po spuštění: 2 434 908 160
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 7665461C96AC4C9984E4AD785501CD15

[vyosek]

Jeste jeden skript pro CF - aplikovani je stejne jako minule

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-
"DivX Download Manager"=-

RegNull::
[HKEY_USERS\S-1-5-21-3134737558-3822295182-1303552718-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

Reboot::

[MaryAnn]

Uděláno, tady je log:


ComboFix 12-01-06.03 - Veronika 07.01.2012 20:07:56.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.502.248 [GMT 1:00]
Spuštěný z: c:\documents and settings\Veronika\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Veronika\Plocha\CFScript.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-07 do 2012-01-07 )))))))))))))))))))))))))))))))
.
.
2012-01-07 18:12 . 2011-11-20 10:06 4631272 ----a-w- C:\rc.exe
2012-01-07 17:27 . 2012-01-07 17:27 -------- d-----w- C:\_OTM
2012-01-06 00:00 . 2012-01-06 22:43 -------- d-----w- c:\program files\Farm Mania 2
2012-01-03 19:22 . 2012-01-03 19:23 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iWin Games
2012-01-02 23:52 . 2012-01-02 23:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Youdagames
2011-12-31 14:10 . 2011-12-31 14:10 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
2011-12-31 14:10 . 2011-12-31 14:10 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
2011-12-31 14:10 . 2011-12-31 14:10 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
2011-12-31 14:10 . 2011-12-31 14:10 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
2011-12-30 14:58 . 2011-12-30 14:58 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Apple Computer
2011-12-29 23:38 . 2011-12-29 23:40 -------- d-----w- c:\program files\Zylom Games
2011-12-22 20:25 . 2011-12-22 20:25 -------- d-----w- c:\documents and settings\Veronika\Data aplikací\Thinstall
2011-12-19 00:07 . 2011-12-19 00:07 -------- d-----w- c:\program files\Chocolatier Decadence by Design
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-26 12:34 . 2011-08-06 11:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 14:40 . 2004-08-18 21:00 1859584 ----a-w- c:\windows\system32\win32k.sys
2011-11-04 19:13 . 2004-08-18 21:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-11-04 19:13 . 2004-08-18 21:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-11-04 19:13 . 2004-08-18 21:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-04 11:23 . 2004-08-18 21:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-01 16:07 . 2004-08-18 21:00 1288192 ----a-w- c:\windows\system32\ole32.dll
2011-10-28 05:32 . 2004-08-18 21:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-26 10:49 . 2004-08-18 21:00 2150912 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-26 10:49 . 2004-08-18 21:00 2029056 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-18 11:13 . 2004-08-18 21:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-10 14:22 . 2004-08-18 21:00 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-12-31 14:10 . 2011-05-09 10:20 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-01-02_21.34.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-07 19:17 . 2012-01-07 19:17 16384 c:\windows\temp\Perflib_Perfdata_7ac.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 72802 c:\windows\system32\perfc009.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 72802 c:\windows\system32\perfc009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 84500 c:\windows\system32\perfc005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 84500 c:\windows\system32\perfc005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 445118 c:\windows\system32\perfh009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 445118 c:\windows\system32\perfh009.dat
- 2006-05-10 11:41 . 2011-12-30 15:08 442100 c:\windows\system32\perfh005.dat
+ 2006-05-10 11:41 . 2012-01-07 17:27 442100 c:\windows\system32\perfh005.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-22 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-22 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-22 118784]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" [2006-06-02 61952]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-19 102400]
"Cpqset"="c:\program files\Hewlett-Packard\Default Settings\cpqset.exe" [2006-06-19 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"Reminder"="c:\windows\CREATOR\Remind_XP.exe" [2006-02-09 643072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]
Rychlý začátek s aplikací HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
.
S3 5U870CAP_VID_1262&PID_25FD;HP Pavilion Webcam ;c:\windows\system32\drivers\5U870CAP.sys [6.6.2006 21:39 61952]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://google.com/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\documents and settings\Veronika\Data aplikací\Mozilla\Firefox\Profiles\2s5bko68.default\
FF - prefs.js: browser.startup.homepage - www.google.com
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-07 20:28
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\Hewlett-Packard\Default Settings\cpqset.exe????????????L?@? ????Z??????`?@?????L?@
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2296)
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
.
**************************************************************************
.
Celkový čas: 2012-01-07 20:32:55 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-07 19:32
ComboFix2.txt 2012-01-07 18:40
ComboFix3.txt 2011-12-08 22:05
ComboFix4.txt 2011-06-05 18:26
ComboFix5.txt 2012-01-07 19:06
.
Před spuštěním: 2 441 625 600
Po spuštění: 2 421 075 968
.
- - End Of File - - 3121153128A8EBA7AD2FE8737EA4BEFE

[vyosek]

Log z CF mame cisty

Odinstalujte Combofix

• Prejmenujte ComboFix na Uninstall
• Spustte jej
• Tohle smaze Combofix a jeho slozky

Z me strany tedy vse, dalsi pokracovani je na kolegovi

Napiste jak se chova PC

[Márty84]

Dekuji kolegovi Vyoskovi za zaskok

Vidim, ze jste tu dnes byla, ale nenapsala jste, jak je na tom pocitac, takze nevim, zda muzeme zacit uklizet, nebo budeme patrat dale Jak to tedy vypada?

[MaryAnn]

Dobrý večer, děkuji, zapomněla jsem...zkoušela jsem to, vypadá již lépe, ale upřímně řečeno se pořád ještě dost "seká" a okna skáčou dál....