Prosím o kontrolu logu velmi pomalý chod stolního PC

Zpráva

chiffre · #1 Příspěvek od **chiffre** » 03 úno 2012 11:30

Logfile of random's system information tool 1.09 (written by random/random)
Run by AAA at 2012-02-03 11:19:02
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 111 GB (44%) free of 255 GB
Total RAM: 2047 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:19:24, on 3.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\AVAST Software\Avast\AvastSvc.exe
D:\Program Files\COMODO\COMODO Internet Security\cfp.exe
D:\Program Files\AVAST Software\Avast\avastUI.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Google\Update\1.3.21.99\GoogleCrashHandler.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\CyberLink\Shared Files\RichVideo.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS\system32\LF2GRPOW.exe
D:\WINDOWS\System32\wbem\wmiapsrv.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\WINDOWS\system32\taskmgr.exe
D:\lukas veci\RSIT.exe
D:\Program Files\trend micro\AAA.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [COMODO Internet Security] "D:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [avast] "D:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1214440339-1220945662-725345543-1006\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O15 - Trusted IP range: http://192.168.1.20
O15 - ESC Trusted IP range: http://192.168.1.20
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - D:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O20 - AppInit_DLLs: D:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - D:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - D:\WINDOWS\System32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - D:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - Unknown owner - D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - D:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - D:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - D:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

--
End of file - 8207 bytes

======Scheduled tasks folder======

D:\WINDOWS\tasks\AppleSoftwareUpdate.job
D:\WINDOWS\tasks\AWC AutoSweep.job
D:\WINDOWS\tasks\AWC Update.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1220945662-725345543-1004Core.job
D:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1220945662-725345543-1004UA.job
D:\WINDOWS\tasks\SmartDefrag_Schedule.job
D:\WINDOWS\tasks\SmartDefrag_Startup.job

=========Mozilla firefox=========

ProfilePath - D:\Documents and Settings\AAA\Data aplikací\Mozilla\Firefox\Profiles\x1pzlxn6.default

prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "xmlfiller@software602.cz:3.1.7, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.5, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {20a82645-c095-46ed-80e3-08825760534b}:1.1, {2832ABCD-4444-1012-2D45-132D5447C445}:1.0.0, {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2009, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, jqs@sun.com:1.0, {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7550, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=D:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=D:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=D:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=D:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=d:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller 1.0.1.0
"Path"=D:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=D:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll

D:\Program Files\Mozilla Firefox\extensions\
xmlfiller@software602.cz
{972ce4c6-7e08-4474-a285-3208198ce6fd}

D:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIFillerPlugin.xpt
nsIQTScriptablePlugin.xpt

D:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npdeployJava1.dll
npfiller.dll
npPandoWebInst.dll
npPandoWebInst.xpt
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npyaxmpb.dll
QuickTimePlugin.class
ShockwavePlugin.class

D:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

D:\Documents and Settings\AAA\Data aplikací\Mozilla\Firefox\Profiles\x1pzlxn6.default\extensions\
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{20a82645-c095-46ed-80e3-08825760534b}
{2832ABCD-4444-1012-2D45-132D5447C445}
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - d:\program files\google\googletoolbar2.dll [2008-08-10 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - D:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-10-18 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - d:\program files\google\googletoolbar2.dll [2008-08-10 2403392]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"=D:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-04-10 1800464]
"avast"=D:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"NvCplDaemon"=D:\WINDOWS\system32\NvCpl.dll [2011-10-08 16744256]
"nwiz"=nwiz.exe /install []
"SoundMan"=D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Google Update"=D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-01 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
D:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-04-30 2329936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
D:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe -automount []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
D:\Program Files\Cyberlink\Shared Files\brs.exe [2009-01-20 75048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
D:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
D:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriverCD]
E:\Run.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
D:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
D:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
D:\Documents and Settings\AAA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-06-01 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
D:\Program Files\ICQ6.5\ICQ.exe silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
D:\Program Files\IObit\IObit Malware Fighter\IMF.exe /autostart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
D:\Program Files\Samsung\Kies\KiesHelper.exe [2012-01-04 937872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
D:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-01-04 21392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
D:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2012-01-04 3508624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Memeo AutoSync]
D:\Program Files\Memeo\AutoSync\MemeoLauncher2.exe --silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
D:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
D:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nod32kui]
D:\Program Files\Eset\nod32kui.exe /WAITSERVICE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
D:\Program Files\Nokia\Nokia PC Suite 7\PCSync2.exe /NoDialog []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
NvMCTray.dll,NvTaskbarInit -login []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
D:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2011-10-08 1632360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
D:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
D:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [2007-12-14 50472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
D:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [2008-10-17 91432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
D:\Program Files\RivaTuner v2.22\RivaTuner.exe /S []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
D:\WINDOWS\SOUNDMAN.EXE [2007-04-16 577536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
d:\program files\steam\steam.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
D:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
D:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe [2008-08-10 171448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateReminder]
D:\Program Files\Eset\UpdateReminder.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Anywhere Backup]
D:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^FIFA 09 Registration.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
D:\PROGRA~1\OPENOF~1.0\program\QUICKS~1.EXE [2006-06-27 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Registrace Need for Speed™ Undercover.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk]
D:\Documents and Settings\AAA\Local Settings\Temp\{CBFB6B1C-59D4-49F6-A36A-D79EF469299D}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Guage.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Real-Time Daemon.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Scheduler.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Yahoo! Widget Engine.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
D:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
D:\PROGRA~1\GamePark2\gpcl.exe [2011-07-29 409088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VIA RAID TOOL.lnk]
D:\PROGRA~1\VIA\RAID\RAID_T~1.EXE [2004-06-02 581632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" D:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - D:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\WINDOWS\system32\PnkBstrA.exe"="D:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\WINDOWS\system32\PnkBstrB.exe"="D:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="D:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\WINDOWS\system32\dpnsvr.exe"="D:\WINDOWS\system32\dpnsvr.exe:*:Disabled:Microsoft DirectPlay8 Server"
"D:\Program Files\ICQ6.5\ICQ.exe"="D:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe"="D:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2 - BETA\BFBC2BetaUpdater.exe:*:Enabled:Battlefield Bad Company 2 - BETA"
"D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="D:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"
"D:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"D:\Program Files\Skype\Plugin Manager\skypePM.exe"="D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Enabled:Assassin's Creed II"
"D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe:*:Enabled:Assassin's Creed II Update"
"D:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe"="D:\Program Files\Ubisoft\Assassin's Creed II\UPlayBrowser.exe:*:Enabled:Assassin's Creed II Uplay"
"D:\Program Files\TmNationsForever\TmForever.exe"="D:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"D:\Program Files\Google\Google Earth\client\googleearth.exe"="D:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"D:\Program Files\Call of Duty Modern Warfare 2\iw4mp.dat"="D:\Program Files\Call of Duty Modern Warfare 2\iw4mp.dat:*:Enabled:iw4mp"
"D:\Program Files\Java\jre6\bin\javaw.exe"="D:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\World_of_Tanks_closed_Beta\WorldOfTanks.exe"="D:\Program Files\World_of_Tanks_closed_Beta\WorldOfTanks.exe:*:Enabled:World of Tanks"
"D:\Program Files\Call of Duty Modern Warfare 2\iw4sp.exe"="D:\Program Files\Call of Duty Modern Warfare 2\iw4sp.exe:*:Enabled:iw4sp"
"D:\WINDOWS\system32\java.exe"="D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\Program Files\Xfire\Xfire.exe"="D:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"D:\Program Files\World of Warcraft\Launcher.exe"="D:\Program Files\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"D:\Program Files\World of Warcraft\Launcher.patch.exe"="D:\Program Files\World of Warcraft\Launcher.patch.exe:*:Enabled:Blizzard Launcher"
"D:\Program Files\World of Warcraft\BackgroundDownloader.exe"="D:\Program Files\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader"
"D:\Program Files\Google\Google Earth\plugin\geplugin.exe"="D:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"I:\,aaa\Dead Island\deadislandgame.exe"="I:\,aaa\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland"
"K:\,aaa\Dead Island\deadislandgame.exe"="K:\,aaa\Dead Island\deadislandgame.exe:*:Enabled:DeadIsland"
"D:\Program Files\VideoLAN\VLC\vlc.exe"="D:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"D:\Documents and Settings\AAA\Local Settings\Data aplikací\Akamai\netsession_win.exe"="D:\Documents and Settings\AAA\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface"
"D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe"="D:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\Program Files\Skype\Phone\Skype.exe"="D:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"D:\Program Files\Call of Duty- Modern Warfare 3\iw5mp_server.exe"="D:\Program Files\Call of Duty- Modern Warfare 3\iw5mp_server.exe:*:Enabled:iw5mp_server"
"D:\Program Files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe"="D:\Program Files\KONAMI\Pro Evolution Soccer 2012\pes2012.exe:*:Enabled:Pro Evolution Soccer 2012"
"D:\Program Files\Rome - Total War Complete\RomeTW.exe"="D:\Program Files\Rome - Total War Complete\RomeTW.exe:*:Enabled:Rome: Total War"
"D:\WINDOWS\system32\muzapp.exe"="D:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"D:\Documents and Settings\AAA\Plocha\patche\utorrent.exe"="D:\Documents and Settings\AAA\Plocha\patche\utorrent.exe:*:Enabled:µTorrent"
"D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"
"D:\Program Files\Call of Duty- Modern Warfare 3\iw5sp.exe"="D:\Program Files\Call of Duty- Modern Warfare 3\iw5sp.exe:*:Enabled:iw5sp"
"M:\FIFA 12\Game\fifa.exe"="M:\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12"
"D:\Program Files\FIFA 12\Game\fifa.exe"="D:\Program Files\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\Pando Networks\Media Booster\PMB.exe"="D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"D:\Program Files\Combat Arms\CombatArms.exe"="D:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe"
"D:\Program Files\Combat Arms\Engine.exe"="D:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=D:\WINDOWS\system32\l3codeca.acm
"vidc.VP60"=D:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=D:\WINDOWS\system32\vp6vfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.lhacm"=lhacm.acm
"VIDC.FPS1"=frapsvid.dll
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-02-03 11:19:03 ----D---- D:\Program Files\trend micro
2012-02-03 11:19:02 ----D---- D:\rsit
2012-02-02 13:27:35 ----HDC---- D:\WINDOWS\$NtUninstallKB952011$
2012-02-01 18:51:53 ----D---- D:\Program Files\HD Tune
2012-01-31 20:26:30 ----N---- D:\WINDOWS\system32\SET614.tmp
2012-01-31 20:25:43 ----D---- D:\Program Files\Realtek AC97
2012-01-31 20:08:36 ----A---- D:\WINDOWS\system32\RtNicProp32.dll
2012-01-31 20:08:36 ----A---- D:\WINDOWS\system32\drivers\Rtnicxp.sys
2012-01-31 19:50:19 ----A---- D:\WINDOWS\system32\drivers\DrvAgent32.sys
2012-01-31 17:59:42 ----D---- D:\Program Files\FIFA 12
2012-01-28 13:10:31 ----A---- D:\WINDOWS\system32\nvModes.dat
2012-01-27 23:11:32 ----SHD---- D:\Config.Msi
2012-01-22 19:23:15 ----D---- D:\WINDOWS\system32\System32
2012-01-22 17:10:40 ----D---- D:\Documents and Settings\All Users\Data aplikací\NVIDIA
2012-01-22 17:06:29 ----A---- D:\WINDOWS\system32\nvhdagenco3220102.dll
2012-01-22 17:05:16 ----A---- D:\WINDOWS\system32\nvgenco32.dll
2012-01-22 17:05:15 ----A---- D:\WINDOWS\system32\nvdispco32.dll
2012-01-22 13:35:13 ----A---- D:\WINDOWS\system32\SmartDefragBootTime.exe
2012-01-22 13:35:10 ----A---- D:\WINDOWS\system32\drivers\SmartDefragDriver.sys
2012-01-21 16:05:57 ----D---- D:\Program Files\FinalWire
2012-01-21 14:50:30 ----A---- D:\WINDOWS\system32\nvhdagenco322040.dll
2012-01-21 14:30:20 ----D---- D:\Documents and Settings\All Users\Data aplikací\IObit
2012-01-20 14:06:11 ----A---- D:\WINDOWS\ISO Creator Uninstall Log.txt
2012-01-12 10:51:19 ----A---- D:\WINDOWS\system32\drivers\SLIP.sys
2012-01-12 01:19:16 ----A---- D:\WINDOWS\system32\GPhotos.scr
2012-01-11 17:51:19 ----A---- D:\WINDOWS\system32\SET17.tmp
2012-01-11 17:45:31 ----A---- D:\WINDOWS\system32\drivers\NABTSFEC.sys
2012-01-11 17:45:25 ----A---- D:\WINDOWS\system32\drivers\CCDECODE.sys
2012-01-11 17:39:10 ----HDC---- D:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 17:38:19 ----HDC---- D:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 17:37:32 ----HDC---- D:\WINDOWS\$NtUninstallKB2603381$
2012-01-11 17:36:43 ----HDC---- D:\WINDOWS\$NtUninstallKB2585542$
2012-01-11 17:35:50 ----HDC---- D:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 17:35:04 ----HDC---- D:\WINDOWS\$NtUninstallKB2584146$
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrshu.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrshe.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsfr.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsfi.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsesm.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrses.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrseng.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsel.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsde.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrsda.dll
2012-01-11 17:33:05 ----A---- D:\WINDOWS\system32\nvrscs.dll
2012-01-11 17:33:04 ----A---- D:\WINDOWS\system32\nvrsar.dll
2012-01-11 17:32:32 ----A---- D:\WINDOWS\system32\easyupdatusapiu.dll
2012-01-11 17:25:28 ----A---- D:\WINDOWS\imsins.BAK
2012-01-11 17:25:15 ----HDC---- D:\WINDOWS\$NtUninstallKB2492386$
2012-01-11 17:22:51 ----A---- D:\WINDOWS\system32\vfwwdm32.dll

======List of files/folders modified in the last 1 month======

2012-02-03 11:19:10 ----D---- D:\WINDOWS\Prefetch
2012-02-03 11:19:03 ----RD---- D:\Program Files
2012-02-03 11:08:20 ----D---- D:\Documents and Settings\AAA\Data aplikací\vlc
2012-02-03 10:52:45 ----RD---- D:\lukas veci
2012-02-03 10:49:39 ----D---- D:\WINDOWS\Temp
2012-02-03 10:35:34 ----D---- D:\WINDOWS
2012-02-02 22:23:00 ----A---- D:\WINDOWS\SchedLgU.Txt
2012-02-02 22:22:57 ----D---- D:\WINDOWS\system32\CatRoot2
2012-02-02 22:22:08 ----A---- D:\WINDOWS\NeroDigital.ini
2012-02-02 22:20:37 ----D---- D:\Documents and Settings\AAA\Data aplikací\dvdcss
2012-02-02 19:51:48 ----D---- D:\Documents and Settings\AAA\Data aplikací\Skype
2012-02-02 18:23:02 ----D---- D:\Documents and Settings\AAA\Data aplikací\OpenOffice.org2
2012-02-02 17:46:17 ----D---- D:\fotky
2012-02-02 17:39:28 ----D---- D:\Zalohy
2012-02-02 13:28:40 ----HD---- D:\WINDOWS\inf
2012-02-02 13:28:22 ----RSHDC---- D:\WINDOWS\system32\dllcache
2012-02-02 13:28:21 ----D---- D:\WINDOWS\system32
2012-02-02 13:25:39 ----D---- D:\Program Files\Google
2012-02-01 16:55:39 ----D---- D:\Program Files\Mozilla Firefox
2012-02-01 15:02:10 ----D---- D:\Program Files\Aplikace MB
2012-01-31 20:35:56 ----D---- D:\Program Files\World of Warcraft CATA
2012-01-31 20:27:49 ----D---- D:\WINDOWS\system32\drivers
2012-01-31 20:26:09 ----D---- D:\WINDOWS\system32\ReinstallBackups
2012-01-31 20:08:34 ----D---- D:\Program Files\Realtek
2012-01-31 20:08:14 ----HD---- D:\Program Files\InstallShield Installation Information
2012-01-31 14:23:58 ----SHD---- D:\WINDOWS\Installer
2012-01-29 14:56:29 ----D---- D:\Program Files\Call of Duty- Modern Warfare 3
2012-01-29 14:56:26 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2012-01-29 14:48:19 ----D---- D:\Program Files\Activision
2012-01-29 14:44:03 ----D---- D:\WINDOWS\Debug
2012-01-28 14:47:55 ----DC---- D:\WINDOWS\system32\DRVSTORE
2012-01-28 14:40:32 ----D---- D:\Program Files\Common Files
2012-01-28 14:30:37 ----D---- D:\Documents and Settings\AAA\Data aplikací\GameRanger
2012-01-28 13:56:35 ----RD---- D:\Program Files\Skype
2012-01-28 13:36:22 ----D---- D:\Games
2012-01-27 22:49:51 ----D---- D:\Documents and Settings\AAA\Data aplikací\IObit
2012-01-27 22:48:21 ----D---- D:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-01-27 22:21:24 ----A---- D:\WINDOWS\system32\PnkBstrB.exe
2012-01-27 11:12:12 ----SD---- D:\WINDOWS\Tasks
2012-01-22 20:38:42 ----D---- D:\WINDOWS\Microsoft.NET
2012-01-22 19:35:47 ----RSD---- D:\WINDOWS\assembly
2012-01-22 19:28:45 ----D---- D:\WINDOWS\WinSxS
2012-01-22 17:13:16 ----D---- D:\Program Files\NVIDIA Corporation
2012-01-22 17:11:05 ----D---- D:\WINDOWS\Help
2012-01-22 17:10:40 ----D---- D:\Documents and Settings
2012-01-22 13:34:38 ----D---- D:\Program Files\IObit
2012-01-21 14:59:08 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
2012-01-20 14:21:42 ----D---- D:\Documents and Settings\All Users\Data aplikací\KONAMI
2012-01-11 18:06:15 ----D---- D:\WINDOWS\pss
2012-01-11 17:50:21 ----A---- D:\WINDOWS\win.ini
2012-01-11 17:50:21 ----A---- D:\WINDOWS\system.ini
2012-01-11 17:46:37 ----D---- D:\WINDOWS\AppPatch
2012-01-11 17:40:33 ----A---- D:\WINDOWS\system32\MRT.exe
2012-01-11 17:40:01 ----D---- D:\WINDOWS\ie8updates
2012-01-11 17:39:27 ----HD---- D:\WINDOWS\$hf_mig$
2012-01-11 08:59:56 ----D---- D:\WINDOWS\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Inspect;COMODO Internet Security Firewall Driver; D:\WINDOWS\System32\DRIVERS\inspect.sys [2010-04-10 87104]
R0 SmartDefragDriver;SmartDefragDriver; D:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2010-11-26 14776]
R0 sptd;sptd; D:\WINDOWS\System32\Drivers\sptd.sys [2010-07-20 697328]
R0 viamraid;viamraid; D:\WINDOWS\System32\DRIVERS\viamraid.sys [2004-05-18 74112]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-15 76544]
R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; D:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; D:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; D:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-04-10 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; D:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-04-10 25160]
R1 intelppm;Řadič procesoru Intel; D:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 PQNTDrv;PQNTDrv; D:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 StarOpen;StarOpen; D:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2009/02/11 12:29:51]; \??\D:\Program Files\CyberLink\PowerDVD8\000.fcl []
R2 713xTVCard;SAA7134 TV Card; D:\WINDOWS\system32\DRIVERS\SAA713x.sys [2005-03-15 277504]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;aswMon2; D:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R2 atksgt;atksgt; D:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-01-20 278728]
R2 irda;Protokol IrDA; D:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 lirsgt;lirsgt; D:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-01-20 25416]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); D:\WINDOWS\system32\drivers\ALCXWDM.SYS [2008-09-24 4122368]
R3 GEARAspiWDM;GEARAspiWDM; D:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; D:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 nv;nv; D:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-10-08 12791488]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; D:\WINDOWS\system32\drivers\nvhda32.sys [2011-07-08 119656]
R3 pcouffin;VSO Software pcouffin; D:\WINDOWS\System32\Drivers\pcouffin.sys [2009-02-23 47360]
R3 Rasirda;WAN Miniport (IrDA); D:\WINDOWS\System32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; D:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2009-03-25 130432]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 CdaC15BA;CdaC15BA; \??\D:\WINDOWS\system32\drivers\CdaC15BA.SYS []
S3 aeki0q6l;aeki0q6l; D:\WINDOWS\system32\drivers\aeki0q6l.sys []
S3 akn2cp2l;akn2cp2l; D:\WINDOWS\system32\drivers\akn2cp2l.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; D:\WINDOWS\System32\Drivers\ssadadb.sys [2011-10-27 30312]
S3 ATE_PROCMON;ATE_PROCMON; \??\D:\Program Files\Anti Trojan Elite\ATEPMon.sys []
S3 CCDECODE;Dekodér Closed Caption; D:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); D:\WINDOWS\system32\DRIVERS\ssudbus.sys [2011-10-27 78136]
S3 dgderdrv;dgderdrv; D:\WINDOWS\System32\drivers\dgderdrv.sys [2011-11-29 20032]
S3 DrvAgent32;DrvAgent32; \??\D:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 EagleNT;EagleNT; \??\D:\WINDOWS\system32\drivers\EagleNT.sys []
S3 GarenaPEngine;GarenaPEngine; \??\D:\DOCUME~1\AAA\LOCALS~1\Temp\COU1DE8.tmp []
S3 hamachi;Hamachi Network Interface; D:\WINDOWS\system32\DRIVERS\hamachi.sys [2011-12-23 25280]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\System32\DRIVERS\HPZid412.sys [2003-04-07 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\System32\DRIVERS\HPZipr12.sys [2003-04-07 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\System32\DRIVERS\HPZius12.sys [2003-04-07 21456]
S3 MA-620;Mobile Action MA-660 USB Infrared Adapter; D:\WINDOWS\system32\DRIVERS\MA-620.sys [2003-03-25 27136]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver; D:\WINDOWS\system32\drivers\massfilter_hs.sys [2011-03-07 15896]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; D:\WINDOWS\system32\drivers\nmwcdnsu.sys []
S3 nmwcdnsuc;Nokia USB Flashing Generic; D:\WINDOWS\system32\drivers\nmwcdnsuc.sys []
S3 NPF;Netgroup Packet Filter; D:\WINDOWS\system32\drivers\npf.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; D:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PROCEXP151;PROCEXP151; \??\D:\WINDOWS\system32\Drivers\PROCEXP151.SYS []
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; D:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-12-31 69504]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
S3 SLIP;BDA Slip De-Framer; D:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); D:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); D:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; D:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); D:\WINDOWS\system32\DRIVERS\ssadserd.sys [2011-10-27 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); D:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2011-10-27 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); D:\WINDOWS\system32\DRIVERS\ssudserd.sys [2011-10-27 181432]
S3 upperdev;upperdev; D:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys []
S3 usb_rndisx;Adaptér USB RNDIS; D:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; D:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; D:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; D:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; D:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; D:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 XMLDIUSB;XML USB Device Interface; D:\WINDOWS\System32\Drivers\XMLDIUSB.sys [2008-01-16 33152]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; D:\WINDOWS\System32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; D:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 cmdAgent;COMODO Internet Security Helper Service; D:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-04-10 723632]
R2 Irmon;Sledování infračerveného přenosu; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; D:\Program Files\Java\jre6\bin\jqs.exe [2011-10-03 153376]
R2 NVSvc;NVIDIA Driver Helper Service; D:\WINDOWS\system32\nvsvc32.exe [2011-10-08 298304]
R2 nvUpdatusService;NVIDIA Update Service Daemon; D:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-08 2253120]
R2 PnkBstrA;PnkBstrA; D:\WINDOWS\system32\PnkBstrA.exe [2010-11-21 75136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); D:\Program Files\CyberLink\Shared Files\RichVideo.exe [2009-04-17 247152]
R2 StarWindServiceAE;StarWind AE Service; D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-21 136176]
S3 aspnet_state;Stavová služba ASP.NET; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; D:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe []
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; d:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); D:\Program Files\Google\Update\GoogleUpdate.exe [2010-11-21 136176]
S3 gusvc;Google Updater Service; D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-10 138168]
S3 IDriverT;InstallDriver Table Manager; D:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Služba Windows CardSpace; D:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; D:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; D:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\HPZipm12.exe [2003-04-07 65795]
S3 ServiceLayer;ServiceLayer; D:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; D:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; D:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

#2 Příspěvek od **Mc_Murphy** » 03 úno 2012 14:47

Zdravím.

Inu, zdá se, že tam máš havěť.

Jako první si dáme RogueKiller.

Stáhni RogueKiller - http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe

Ukonči všechny programy!
Pokud používáš Win Vista či Win 7, klikni na RogueKiller pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Potom klikni na [Scan] a počkej, až proběhne.
Klikni na [Report] - otevře se log, ten mi sem vlož.

chiffre · #3 Příspěvek od **chiffre** » 03 úno 2012 15:05

Tady to je :

RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: AAA [Admin rights]
Mode: Scan -- Date : 02/03/2012 15:03:15

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{9F539BC3-9D84-4393-9391-72E949663D45} : NameServer (10.0.18.254,195.146.100.99) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-00YGA0 +++++
--- User ---
[MBR] da4e95abc26ec7f7b26abff6d4e60463
[BSP] 0dc2c21bb2d7d843bcb4edc7bc3a3edd : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

#4 Příspěvek od **Mc_Murphy** » 03 úno 2012 18:22

Takže provedeme opravy:

Ukonči všechny programy!
Spusť RogueKiller. Pokud používáš Win Vista či Win 7, klikni na jeho ikonu pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Počkej, než program dokončí Prescan.
Zvol možnost [Scan] a počkej, až proběhne.
V záložce Registry nech všechny nálezy označeny.
Klikni na [Delete] a následně na [Report] - otevře se log, ten mi sem vlož.
Poté ještě klikni na [HostFix] a následně znovu na [Report] - otevře se další log, ten mi sem také vlož.

chiffre · #5 Příspěvek od **chiffre** » 03 úno 2012 18:47

RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: AAA [Admin rights]
Mode: Remove -- Date : 02/03/2012 18:43:16

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤
[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{9F539BC3-9D84-4393-9391-72E949663D45} : NameServer (10.0.18.254,195.146.100.99) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 http://www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 http://www.123topsearch.com
[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD3200AAKS-00YGA0 +++++
--- User ---
[MBR] da4e95abc26ec7f7b26abff6d4e60463
[BSP] 0dc2c21bb2d7d843bcb4edc7bc3a3edd : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 49999 Mo
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 102398310 | Size: 255243 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt

RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: AAA [Admin rights]
Mode: HOSTSFix -- Date : 02/03/2012 18:44:39

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.123topsearch.com
[...]

¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost

Finished : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt

#6 Příspěvek od **Mc_Murphy** » 03 úno 2012 19:34

Tak ještě jednou spusť RogueKiller podle předchozích postupů a vyber:

Klikni na [DNSFix] a potom na [Report] - otevře se log, ten mi sem vlož.

Jinak probíhá zatím vše v pořádku.

chiffre · #7 Příspěvek od **chiffre** » 03 úno 2012 19:48

RogueKiller V7.0.2 [01/30/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: AAA [Admin rights]
Mode: DNSFix -- Date : 02/03/2012 19:45:13

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Registry Entries: 1 ¤¤¤
[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{9F539BC3-9D84-4393-9391-72E949663D45} : NameServer (10.0.18.254,195.146.100.99) -> REPLACED ()

Finished : << RKreport[5].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt ; RKreport[5].txt

#8 Příspěvek od **Mc_Murphy** » 03 úno 2012 20:34

Výborně, další věc vyčištěna, pustíme sem ještě něco silného.

PROSÍM, ČTI NÁVOD DŮKLADNĚ - TATO UTILITA MÁ VELKOU SCHOPNOST MAZAT A JE NUTNÉ JI APLIKOVAT JEN NA DOPORUČENÍ, JINAK TI MŮŽE JÍT SYSTÉM DO KYTEK

Stáhni a ulož na Plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypni všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary apod.
Vypni všechny běžící aplikace - ICQ, Skype, browsery, prostě všechny programy, ať běží pouze ComboFix.
Pokud máš Win XP, spusť pod účtem Správce/Administrator.
Pokud máš Win Vista či Win 7, klikni na ComboFix pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Ihned po startu se zobrazí stránka s licenčním ujednáním - pokračuj kliknutím na [Ano].
Pokud Ti ComboFix nabídne instalaci Konzoly pro zotavení, tak souhlas.
Dále postupuj dle pokynů. Během scanu nech PC naprosto v klidu - nespouštěj žádné aplikace a neklikej do zobrazujícího se okna!
Scan by měl trvat cca 10 min, ale pokud bude PC hodne zaneseno, může se čas samozřejmě prodloužit.
Po dokončení scanu a případném restartu ComboFix zobrazí log, který případně najdeš v C:\ComboFix.txt. Jeho obsah mi sem vlož.
Detailní postup včetně obrázků najdeš zde: http://www.bleepingcomputer.com/combofi ... t-combofix

chiffre · #9 Příspěvek od **chiffre** » 03 úno 2012 21:48

ComboFix 12-02-03.02 - AAA 03.02.2012 20:54:25.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1412 [GMT 1:00]
Spuštěný z: d:\documents and settings\AAA\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\AAA\aptmp.exe
d:\documents and settings\AAA\WINDOWS
D:\Install.exe
d:\program files\OpenOffice.org 2.0\program\stlport_vc7145.dll
d:\program files\OpenOffice.org 2.0\program\uwinapi.dll
D:\Thumbs.db
d:\windows\alcrmv.exe
d:\windows\jestertb.dll
d:\windows\system32\drivers\etc\hosts.ics
d:\windows\system32\ijl11.dll
d:\windows\system32\muzapp.exe
d:\windows\system32\SET1149.tmp
d:\windows\system32\SET1155.tmp
d:\windows\system32\SET17.tmp
d:\windows\system32\SET614.tmp
d:\windows\system32\system32
d:\windows\system32\system32\3DAudio.ax
d:\windows\system32\system32\avrt.dll
d:\windows\system32\system32\cis-2.4.dll
d:\windows\system32\system32\issacapi_bs-2.3.dll
d:\windows\system32\system32\issacapi_pe-2.3.dll
d:\windows\system32\system32\issacapi_se-2.3.dll
d:\windows\system32\system32\MACXMLProto.dll
d:\windows\system32\system32\MaDRM.dll
d:\windows\system32\system32\MaJGUILib.dll
d:\windows\system32\system32\MAMACExtract.dll
d:\windows\system32\system32\MASetupCleaner.exe
d:\windows\system32\system32\MaXMLProto.dll
d:\windows\system32\system32\mfplat.dll
d:\windows\system32\system32\MK_Lyric.dll
d:\windows\system32\system32\MSCLib.dll
d:\windows\system32\system32\MSFLib.dll
d:\windows\system32\system32\MSLUR71.dll
d:\windows\system32\system32\msvcp60.dll
d:\windows\system32\system32\MTTELECHIP.dll
d:\windows\system32\system32\MTXSYNCICON.dll
d:\windows\system32\system32\muzaf1.dll
d:\windows\system32\system32\muzapp.dll
d:\windows\system32\system32\muzapp.exe
d:\windows\system32\system32\muzdecode.ax
d:\windows\system32\system32\muzeffect.ax
d:\windows\system32\system32\muzmp4sp.ax
d:\windows\system32\system32\muzmpgsp.ax
d:\windows\system32\system32\muzoggsp.ax
d:\windows\system32\system32\muzwmts.dll
d:\windows\system32\system32\psapi.dll
d:\windows\system32\tmp1052.tmp
d:\windows\system32\tmp1053.tmp
d:\windows\system32\tmp325.tmp
d:\windows\system32\tmp326.tmp
d:\windows\system32\vbpng1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-03 do 2012-02-03 )))))))))))))))))))))))))))))))
.
.
2012-02-03 15:52 . 2012-02-03 15:52 -------- d-----w- d:\program files\KONAMI
2012-02-03 10:19 . 2012-02-03 10:19 -------- d-----w- d:\program files\trend micro
2012-02-03 10:19 . 2012-02-03 10:19 -------- d-----w- D:\rsit
2012-02-01 17:51 . 2012-02-01 17:51 -------- d-----w- d:\program files\HD Tune
2012-01-31 19:25 . 2012-01-31 19:26 -------- d-----w- d:\program files\Realtek AC97
2012-01-31 19:24 . 2006-02-07 14:40 204800 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-01-31 19:24 . 2006-02-07 14:45 757760 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-01-31 19:24 . 2006-02-07 14:40 69715 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-01-31 19:24 . 2006-02-07 14:40 274432 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-01-31 19:24 . 2005-11-13 22:19 5632 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-01-31 19:24 . 2012-01-31 19:24 200836 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-01-31 19:24 . 2012-01-31 19:24 331908 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-01-31 19:08 . 2009-03-25 13:29 130432 ----a-w- d:\windows\system32\drivers\Rtnicxp.sys
2012-01-31 19:08 . 2009-03-03 19:18 73728 ----a-w- d:\windows\system32\RtNicProp32.dll
2012-01-31 18:50 . 2012-01-31 19:50 -------- d-----w- d:\documents and settings\AAA\Local Settings\Data aplikací\eSupport.com
2012-01-31 18:50 . 2012-01-31 18:50 23456 ----a-w- d:\windows\system32\drivers\DrvAgent32.sys
2012-01-29 13:14 . 2012-01-29 13:14 -------- d-----w- d:\documents and settings\AAA\Local Settings\Data aplikací\mpress
2012-01-22 16:10 . 2012-01-22 16:10 -------- d-----w- d:\documents and settings\UpdatusUser
2012-01-22 16:10 . 2012-01-22 16:10 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA
2012-01-22 16:06 . 2011-07-07 23:21 876136 ----a-w- d:\windows\system32\nvhdagenco3220102.dll
2012-01-22 16:05 . 2011-10-08 04:50 877376 ----a-w- d:\windows\system32\nvgenco32.dll
2012-01-22 16:05 . 2011-10-08 04:50 919872 ----a-w- d:\windows\system32\nvdispco32.dll
2012-01-22 12:35 . 2011-12-16 16:21 29016 ----a-w- d:\windows\system32\SmartDefragBootTime.exe
2012-01-22 12:35 . 2010-11-26 17:02 14776 ----a-w- d:\windows\system32\drivers\SmartDefragDriver.sys
2012-01-21 15:05 . 2012-01-21 15:05 -------- d-----w- d:\program files\FinalWire
2012-01-21 13:50 . 2011-05-25 06:09 865896 ----a-w- d:\windows\system32\nvhdagenco322040.dll
2012-01-21 13:30 . 2012-01-21 13:30 -------- d-----w- d:\documents and settings\All Users\Data aplikací\IObit
2012-01-12 09:51 . 2008-04-13 18:46 11136 -c--a-w- d:\windows\system32\dllcache\slip.sys
2012-01-12 09:51 . 2008-04-13 18:46 11136 ----a-w- d:\windows\system32\drivers\SLIP.sys
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- d:\windows\system32\GPhotos.scr
2012-01-11 16:45 . 2008-04-13 18:46 85248 ----a-w- d:\windows\system32\drivers\NABTSFEC.sys
2012-01-11 16:45 . 2008-04-13 18:46 17024 -c--a-w- d:\windows\system32\dllcache\ccdecode.sys
2012-01-11 16:45 . 2008-04-13 18:46 17024 ----a-w- d:\windows\system32\drivers\CCDECODE.sys
2012-01-11 16:33 . 2011-05-21 05:01 331776 ----a-w- d:\windows\system32\nvrshe.dll
2012-01-11 16:33 . 2011-05-21 05:01 286720 ----a-w- d:\windows\system32\nvrsfr.dll
2012-01-11 16:33 . 2011-05-21 05:01 282624 ----a-w- d:\windows\system32\nvrses.dll
2012-01-11 16:33 . 2011-05-21 05:01 282624 ----a-w- d:\windows\system32\nvrsel.dll
2012-01-11 16:33 . 2011-05-21 05:01 278528 ----a-w- d:\windows\system32\nvrsde.dll
2012-01-11 16:33 . 2011-05-21 05:01 274432 ----a-w- d:\windows\system32\nvrsesm.dll
2012-01-11 16:33 . 2011-05-21 05:01 262144 ----a-w- d:\windows\system32\nvrshu.dll
2012-01-11 16:33 . 2011-05-21 05:01 253952 ----a-w- d:\windows\system32\nvrsda.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrsfi.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrseng.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrscs.dll
2012-01-11 16:33 . 2011-05-21 05:01 335872 ----a-w- d:\windows\system32\nvrsar.dll
2012-01-11 16:32 . 2011-10-08 04:50 602432 ----a-w- d:\windows\system32\easyupdatusapiu.dll
2012-01-11 16:22 . 2008-04-14 03:22 54272 -c--a-w- d:\windows\system32\dllcache\vfwwdm32.dll
2012-01-11 16:22 . 2008-04-14 03:22 54272 ----a-w- d:\windows\system32\vfwwdm32.dll
2012-01-11 16:22 . 2008-04-14 03:22 91648 ----a-w- d:\windows\system32\kswdmcap.ax
2012-01-11 16:22 . 2008-04-14 03:22 43008 ----a-w- d:\windows\system32\ksxbar.ax
2012-01-11 16:22 . 2008-04-14 03:22 61952 ----a-w- d:\windows\system32\kstvtune.ax
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 21:21 . 2008-08-17 07:51 138160 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2012-01-27 21:21 . 2009-03-13 17:18 271200 ----a-w- d:\windows\system32\PnkBstrB.xtr
2012-01-27 21:21 . 2008-08-17 07:51 271200 ----a-w- d:\windows\system32\PnkBstrB.exe
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-08 18:31 . 2008-08-17 07:51 271200 ----a-w- d:\windows\system32\PnkBstrB.ex0
2011-12-23 18:26 . 2011-01-17 15:25 25280 ----a-w- d:\windows\system32\drivers\hamachi.sys
2011-11-29 15:39 . 2011-12-25 14:15 4659712 ----a-w- d:\windows\system32\Redemption.dll
2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- d:\windows\MAMCityDownload.ocx
2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- d:\windows\MASetupCaller.dll
2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- d:\windows\MusiccityDownload.exe
2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- d:\windows\system32\cis-2.4.dll
2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- d:\windows\system32\issacapi_bs-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- d:\windows\system32\issacapi_pe-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\MTXSYNCICON.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\MK_Lyric.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\issacapi_se-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- d:\windows\system32\muzdecode.ax
2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- d:\windows\system32\muzapp.dll
2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- d:\windows\system32\MaJGUILib.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- d:\windows\system32\MaXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- d:\windows\system32\MACXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- d:\windows\system32\MTTELECHIP.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- d:\windows\system32\MAMACExtract.dll
2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- d:\windows\system32\MSLUR71.dll
2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- d:\windows\system32\muzoggsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- d:\windows\system32\MSCLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- d:\windows\system32\MASetupCleaner.exe
2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- d:\windows\system32\muzwmts.dll
2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- d:\windows\system32\MSFLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- d:\windows\system32\3DAudio.ax
2011-11-29 15:38 . 2011-11-29 15:38 14336 ----a-w- d:\windows\system32\avrt.dll
2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- d:\windows\system32\muzaf1.dll
2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- d:\windows\system32\muzmpgsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- d:\windows\system32\muzeffect.ax
2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- d:\windows\system32\MaDRM.dll
2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- d:\windows\system32\muzmp4sp.ax
2011-11-29 15:38 . 2011-12-25 14:14 319456 ----a-w- d:\windows\system32\DIFxAPI.dll
2011-11-29 15:38 . 2011-12-25 14:14 20032 ----a-w- d:\windows\system32\drivers\dgderdrv.sys
2011-11-29 15:38 . 2011-12-25 14:14 821824 ----a-w- d:\windows\system32\dgderapi.dll
2011-11-28 18:01 . 2011-12-22 10:22 41184 ----a-w- d:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-22 10:22 199816 ----a-w- d:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-12-22 10:26 435032 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-22 10:27 314456 ----a-w- d:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-12-22 10:26 34392 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-22 10:26 52952 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-22 10:26 111320 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-12-22 10:26 105176 ----a-w- d:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-12-22 10:27 20568 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-12-22 10:26 30808 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2002-09-20 17:05 293376 ----a-w- d:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2002-09-20 16:41 1859584 ----a-w- d:\windows\system32\win32k.sys
2011-11-20 06:12 . 2002-09-20 17:05 60416 ----a-w- d:\windows\system32\packager.exe
2011-11-16 14:21 . 2008-08-10 11:36 354816 ----a-w- d:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2002-09-20 17:04 152064 ----a-w- d:\windows\system32\schannel.dll
2006-09-28 14:55 . 2006-09-28 14:55 74520 ----a-w- d:\program files\DSETUP.dll
2006-09-28 14:55 . 2006-09-28 14:55 484632 ----a-w- d:\program files\DXSETUP.exe
2006-09-28 14:55 . 2006-09-28 14:55 2248984 ----a-w- d:\program files\dsetup32.dll
2012-01-11 08:06 . 2011-12-14 18:33 121816 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-10 1800464]
"avast"="d:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^FIFA 09 Registration.lnk]
backup=d:\windows\pss\FIFA 09 Registration.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
path=d:\documents and settings\AAA\Nabídka Start\Programy\Po spuštění\OpenOffice.org 2.0.lnk
backup=d:\windows\pss\OpenOffice.org 2.0.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Registrace Need for Speed™ Undercover.lnk]
backup=d:\windows\pss\Registrace Need for Speed™ Undercover.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk]
backup=d:\windows\pss\RollerCoaster Tycoon 3 Registration.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Guage.lnk]
backup=d:\windows\pss\Samsung Auto Backup Guage.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Real-Time Daemon.lnk]
path=d:\documents and settings\AAA\Nabídka Start\Programy\Po spuštění\Samsung Auto Backup Real-Time Daemon.lnk
backup=d:\windows\pss\Samsung Auto Backup Real-Time Daemon.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Scheduler.lnk]
backup=d:\windows\pss\Samsung Auto Backup Scheduler.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
backup=d:\windows\pss\Stardock ObjectDock.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Yahoo! Widget Engine.lnk]
backup=d:\windows\pss\Yahoo! Widget Engine.lnkStartup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
backup=d:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
path=d:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
backup=d:\windows\pss\GamePark klient 2.lnkCommon Startup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
backup=d:\windows\pss\hp psc 1000 series.lnkCommon Startup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
backup=d:\windows\pss\hpoddt01.exe.lnkCommon Startup
.
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VIA RAID TOOL.lnk]
backup=d:\windows\pss\VIA RAID TOOL.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
d:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 20:16 39792 ----a-w- d:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2009-04-30 19:22 2329936 ----a-w- d:\program files\IObit\Advanced SystemCare 3\AWC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2009-01-20 18:56 75048 ----a-w- d:\program files\CyberLink\Shared Files\brs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03 152872 ----a-w- d:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-01 13:03 136176 ----atw- d:\documents and settings\AAA\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
2012-01-04 06:07 937872 ----a-w- d:\program files\Samsung\Kies\KiesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-01-04 06:07 21392 ----a-w- d:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-01-04 06:07 3508624 ----a-w- d:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 03:22 1695232 ----a-w- d:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57 153136 ----a-w- d:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2011-10-08 04:50 203072 ----a-w- d:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2011-10-08 04:50 1632360 ----a-w- d:\program files\NVIDIA Corporation\nView\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
2007-12-14 10:36 50472 ----a-w- d:\program files\CyberLink\PowerDVD8\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
2008-10-17 09:44 91432 ----a-w- d:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 14:28 577536 ----a-w- d:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-06-09 12:06 254696 ----a-w- d:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-08-10 11:30 171448 ----a-w- d:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"d:\\WINDOWS\\system32\\dpnsvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"d:\\Documents and Settings\\All Users\\Data aplikací\\NexonUS\\NGM\\NGM.exe"=
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=
"d:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"d:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"d:\\WINDOWS\\system32\\java.exe"=
"d:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Documents and Settings\\AAA\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
"d:\\Program Files\\Call of Duty- Modern Warfare 3\\iw5mp_server.exe"=
"d:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=
"d:\\Program Files\\Call of Duty- Modern Warfare 3\\iw5sp.exe"=
"d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2012\\pes2012.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57700:TCP"= 57700:TCP:Pando Media Booster
"57700:UDP"= 57700:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 SmartDefragDriver;SmartDefragDriver;d:\windows\system32\drivers\SmartDefragDriver.sys [22.1.2012 13:35 14776]
R0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [16.8.2008 8:22 697328]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [22.12.2011 11:26 435032]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [22.12.2011 11:27 314456]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [11.10.2009 15:47 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [11.10.2009 15:47 25160]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2009/02/11 12:29];d:\program files\CyberLink\PowerDVD8\000.fcl [20.1.2009 19:56 87536]
R2 713xTVCard;SAA7134 TV Card;d:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 277504]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [22.12.2011 11:27 20568]
R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [22.1.2012 17:10 2253120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [11.10.2010 13:29 119656]
R3 pcouffin;VSO Software pcouffin;d:\windows\system32\drivers\pcouffin.sys [23.2.2009 19:27 47360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S2 gupdate;Služba Google Update (gupdate);d:\program files\Google\Update\GoogleUpdate.exe [21.11.2010 20:53 136176]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;d:\windows\system32\drivers\ssadadb.sys [25.12.2011 15:22 30312]
S3 ATE_PROCMON;ATE_PROCMON;\??\d:\program files\Anti Trojan Elite\ATEPMon.sys --> d:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe --> d:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);d:\windows\system32\drivers\ssudbus.sys [25.12.2011 15:23 78136]
S3 dgderdrv;dgderdrv;d:\windows\system32\drivers\dgderdrv.sys [25.12.2011 15:14 20032]
S3 DrvAgent32;DrvAgent32;d:\windows\system32\drivers\DrvAgent32.sys [31.1.2012 19:50 23456]
S3 GarenaPEngine;GarenaPEngine;\??\d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp --> d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp [?]
S3 gupdatem;Služba Google Update (gupdatem);d:\program files\Google\Update\GoogleUpdate.exe [21.11.2010 20:53 136176]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;d:\windows\system32\drivers\massfilter_hs.sys [10.8.2011 8:49 15896]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;d:\windows\system32\drivers\nmwcdnsu.sys --> d:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;d:\windows\system32\drivers\nmwcdnsuc.sys --> d:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 PROCEXP151;PROCEXP151;\??\d:\windows\system32\Drivers\PROCEXP151.SYS --> d:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);d:\windows\system32\drivers\ssadbus.sys [25.12.2011 15:22 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);d:\windows\system32\drivers\ssadmdfl.sys [25.12.2011 15:22 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;d:\windows\system32\drivers\ssadmdm.sys [25.12.2011 15:22 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);d:\windows\system32\drivers\ssadserd.sys [25.12.2011 15:22 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);d:\windows\system32\drivers\ssudmdm.sys [25.12.2011 15:24 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);d:\windows\system32\drivers\ssudserd.sys [25.12.2011 15:24 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S3 XMLDIUSB;XML USB Device Interface;d:\windows\system32\drivers\XMLDIUSB.sys [29.12.2008 13:03 33152]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-09 d:\windows\Tasks\AppleSoftwareUpdate.job
- d:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 15:57]
.
2012-02-03 d:\windows\Tasks\AWC AutoSweep.job
- d:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2009-05-13 13:35]
.
2011-11-01 d:\windows\Tasks\AWC Update.job
- d:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2009-05-13 08:15]
.
2012-02-03 d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 19:53]
.
2012-02-03 d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2010-11-21 19:53]
.
2012-01-30 d:\windows\Tasks\SmartDefrag_Schedule.job
- d:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-01-22 13:26]
.
2012-02-03 d:\windows\Tasks\SmartDefrag_Startup.job
- d:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-01-22 13:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.123.254 81.19.33.2
FF - ProfilePath - d:\documents and settings\AAA\Data aplikací\Mozilla\Firefox\Profiles\x1pzlxn6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM-Run-nwiz - nwiz.exe
MSConfigStartUp-AlcoholAutomount - d:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
MSConfigStartUp-DAEMON Tools Lite - d:\program files\DAEMON Tools Lite\daemon.exe
MSConfigStartUp-DriverCD - E:\Run.exe
MSConfigStartUp-EA Core - d:\program files\Electronic Arts\EADM\Core.exe
MSConfigStartUp-Google Desktop Search - d:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-ICQ - d:\program files\ICQ6.5\ICQ.exe
MSConfigStartUp-IObit Malware Fighter - d:\program files\IObit\IObit Malware Fighter\IMF.exe
MSConfigStartUp-Memeo AutoSync - d:\program files\Memeo\AutoSync\MemeoLauncher2.exe
MSConfigStartUp-nod32kui - d:\program files\Eset\nod32kui.exe
MSConfigStartUp-Nokia - d:\program files\Nokia\Nokia PC Suite 7\PCSync2.exe
MSConfigStartUp-PC Suite Tray - d:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
MSConfigStartUp-RivaTunerStartupDaemon - d:\program files\RivaTuner v2.22\RivaTuner.exe
MSConfigStartUp-Steam - d:\program files\steam\steam.exe
MSConfigStartUp-UpdateReminder - d:\program files\Eset\UpdateReminder.exe
MSConfigStartUp-WD Anywhere Backup - d:\program files\WD\WD Anywhere Backup\MemeoLauncher2.exe
AddRemove-%Product_Name% 4.9F - j:\faktura\uninststall\uninstall.exe
AddRemove-01_Simmental - d:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - d:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - d:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - d:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - d:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - d:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - d:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - d:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - d:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - d:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - d:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - d:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - d:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - d:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - d:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - d:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - d:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - d:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - d:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-03 21:29
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1214440339-1220945662-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:eb,47,d8,8d,1c,81,d6,a5,29,34,8f,a1,4f,03,e7,01,91,fa,91,7d,43,
c7,81,49,3e,f0,32,2f,8a,13,12,63,70,e8,21,0f,c5,1c,cc,6e,91,88,61,3b,88,a8,\
"rkeysecu"=hex:63,2e,88,3b,11,2c,b1,94,cc,f0,cf,3e,fe,05,cd,c8
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(1532)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\COMODO\COMODO Internet Security\cmdagent.exe
d:\program files\AVAST Software\Avast\AvastSvc.exe
d:\program files\Google\Update\1.3.21.99\GoogleCrashHandler.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\nvsvc32.exe
d:\windows\system32\PnkBstrA.exe
d:\program files\CyberLink\Shared Files\RichVideo.exe
d:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
d:\windows\system32\LF2GRPOW.exe
d:\windows\System32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-02-03 21:46:48 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-03 20:46
.
Před spuštěním: Volných bajtů: 118 250 905 600
Po spuštění: Volných bajtů: 118 903 599 104
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect
.
- - End Of File - - D4CCFF5A18E945D058F6D47EDFF44FB1

#10 Příspěvek od **Mc_Murphy** » 04 úno 2012 10:25

Pokud jsi tak ještě neučinil, přesuň ComboFix na Plochu.

Otevři si Poznámkový blok (Start >> Spustit... (nebo Win+R) >> do okénka napiš notepad >> [Enter]).
Zkopíruj do něj tento script:

Kód: Vybrat vše

KillAll::

Folder::
d:\documents and settings\All Users\Data aplikací\IObit
D:\Program Files\Pando Networks

File::
d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
D:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.dll
D:\Program Files\Mozilla Firefox\plugins\npPandoWebInst.xpt
d:\windows\Tasks\AppleSoftwareUpdate.job
d:\windows\Tasks\AWC AutoSweep.job
d:\windows\Tasks\AWC Update.job
d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
d:\windows\Tasks\SmartDefrag_Schedule.job
d:\windows\Tasks\SmartDefrag_Startup.job

DDS::
uSearchAssistant = hxxp://www.google.com/ie

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=-
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^FIFA 09 Registration.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^OpenOffice.org 2.0.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Registrace Need for Speed™ Undercover.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^RollerCoaster Tycoon 3 Registration.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Guage.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Real-Time Daemon.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Samsung Auto Backup Scheduler.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Stardock ObjectDock.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^AAA^Nabídka Start^Programy^Po spuštění^Yahoo! Widget Engine.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Gamma Loader.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hp psc 1000 series.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^hpoddt01.exe.lnk]
[-HKLM\~\startupfolder\D:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^VIA RAID TOOL.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTV]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVD8LanguageShortcut]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl8]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=-
"d:\\WINDOWS\\system32\\PnkBstrA.exe"=-
"d:\\WINDOWS\\system32\\PnkBstrB.exe"=-
"d:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=-
"d:\\WINDOWS\\system32\\dpnsvr.exe"=-
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=-
"d:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=-
"d:\\Documents and Settings\\All Users\\Data aplikací\\NexonUS\\NGM\\NGM.exe"=-
"d:\\Program Files\\TmNationsForever\\TmForever.exe"=-
"d:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=-
"d:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=-
"d:\\WINDOWS\\system32\\java.exe"=-
"d:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=-
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=-
"d:\\Documents and Settings\\AAA\\Local Settings\\Data aplikací\\Akamai\\netsession_win.exe"=-
"d:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=-
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=-
"d:\\Program Files\\Call of Duty- Modern Warfare 3\\iw5mp_server.exe"=-
"d:\\Program Files\\NVIDIA Corporation\\NVIDIA Updatus\\daemonu.exe"=-
"d:\\Program Files\\Call of Duty- Modern Warfare 3\\iw5sp.exe"=-
"d:\\Program Files\\KONAMI\\Pro Evolution Soccer 2012\\pes2012.exe"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57700:TCP"=-
"57700:UDP"=-

RegNull::
[HKEY_USERS\S-1-5-21-1214440339-1220945662-725345543-1004\Software\SecuROM\License information*]

Driver::
gupdate
gupdatem

ClearJavaCache::

Reboot::

Ulož vytvořený TXT jako CFScript.txt
Přetáhni vytvořený CFScript.txt nad ComboFix a pusť (viz obrázek).
Po aplikaci scriptu (a případném restartu PC) na Tebe vyskočí log. Jeho obsah mi sem vlož.

Může se stát, že po aplikaci scriptu nenaběhnou Windows. V tom případě restartuj PC, hned při náběhu mačkej klávesu F8 a zvol Poslední známou konfiguraci.

chiffre · #11 Příspěvek od **chiffre** » 04 úno 2012 11:27

ComboFix 12-02-03.02 - AAA 04.02.2012 10:42:24.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1464 [GMT 1:00]
Spuštěný z: d:\documents and settings\AAA\Plocha\ComboFix.exe
Použité ovládací přepínače :: d:\documents and settings\AAA\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
FILE ::
"d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp"
"d:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll"
"d:\program files\Mozilla Firefox\plugins\npPandoWebInst.xpt"
"d:\windows\Tasks\AppleSoftwareUpdate.job"
"d:\windows\Tasks\AWC AutoSweep.job"
"d:\windows\Tasks\AWC Update.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"d:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"d:\windows\Tasks\SmartDefrag_Schedule.job"
"d:\windows\Tasks\SmartDefrag_Startup.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
d:\program files\Mozilla Firefox\plugins\npPandoWebInst.xpt
d:\windows\Tasks\AppleSoftwareUpdate.job
d:\windows\Tasks\AWC AutoSweep.job
d:\windows\Tasks\GoogleUpdateTaskMachineCore.job
d:\windows\Tasks\GoogleUpdateTaskMachineUA.job
d:\windows\Tasks\SmartDefrag_Schedule.job
d:\windows\Tasks\SmartDefrag_Startup.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Legacy_GUPDATEM
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-04 do 2012-02-04 )))))))))))))))))))))))))))))))
.
.
2012-02-03 15:52 . 2012-02-03 15:52 -------- d-----w- d:\program files\KONAMI
2012-02-03 10:19 . 2012-02-03 10:19 -------- d-----w- d:\program files\trend micro
2012-02-03 10:19 . 2012-02-03 10:19 -------- d-----w- D:\rsit
2012-02-01 17:51 . 2012-02-01 17:51 -------- d-----w- d:\program files\HD Tune
2012-01-31 19:25 . 2012-01-31 19:26 -------- d-----w- d:\program files\Realtek AC97
2012-01-31 19:24 . 2006-02-07 14:40 204800 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-01-31 19:24 . 2006-02-07 14:45 757760 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-01-31 19:24 . 2006-02-07 14:40 69715 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-01-31 19:24 . 2006-02-07 14:40 274432 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-01-31 19:24 . 2005-11-13 22:19 5632 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-01-31 19:24 . 2012-01-31 19:24 200836 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-01-31 19:24 . 2012-01-31 19:24 331908 ----a-w- d:\program files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-01-31 19:08 . 2009-03-25 13:29 130432 ----a-w- d:\windows\system32\drivers\Rtnicxp.sys
2012-01-31 19:08 . 2009-03-03 19:18 73728 ----a-w- d:\windows\system32\RtNicProp32.dll
2012-01-31 18:50 . 2012-01-31 19:50 -------- d-----w- d:\documents and settings\AAA\Local Settings\Data aplikací\eSupport.com
2012-01-31 18:50 . 2012-01-31 18:50 23456 ----a-w- d:\windows\system32\drivers\DrvAgent32.sys
2012-01-29 13:14 . 2012-01-29 13:14 -------- d-----w- d:\documents and settings\AAA\Local Settings\Data aplikací\mpress
2012-01-22 16:10 . 2012-01-22 16:10 -------- d-----w- d:\documents and settings\UpdatusUser
2012-01-22 16:10 . 2012-01-22 16:10 -------- d-----w- d:\documents and settings\All Users\Data aplikací\NVIDIA
2012-01-22 16:06 . 2011-07-07 23:21 876136 ----a-w- d:\windows\system32\nvhdagenco3220102.dll
2012-01-22 16:05 . 2011-10-08 04:50 877376 ----a-w- d:\windows\system32\nvgenco32.dll
2012-01-22 16:05 . 2011-10-08 04:50 919872 ----a-w- d:\windows\system32\nvdispco32.dll
2012-01-22 12:35 . 2011-12-16 16:21 29016 ----a-w- d:\windows\system32\SmartDefragBootTime.exe
2012-01-22 12:35 . 2010-11-26 17:02 14776 ----a-w- d:\windows\system32\drivers\SmartDefragDriver.sys
2012-01-21 15:05 . 2012-01-21 15:05 -------- d-----w- d:\program files\FinalWire
2012-01-21 13:50 . 2011-05-25 06:09 865896 ----a-w- d:\windows\system32\nvhdagenco322040.dll
2012-01-21 13:30 . 2012-01-21 13:30 -------- d-----w- d:\documents and settings\All Users\Data aplikací\IObit
2012-01-12 09:51 . 2008-04-13 18:46 11136 -c--a-w- d:\windows\system32\dllcache\slip.sys
2012-01-12 09:51 . 2008-04-13 18:46 11136 ----a-w- d:\windows\system32\drivers\SLIP.sys
2012-01-12 00:19 . 2012-01-12 00:19 4448256 ----a-w- d:\windows\system32\GPhotos.scr
2012-01-11 16:45 . 2008-04-13 18:46 85248 ----a-w- d:\windows\system32\drivers\NABTSFEC.sys
2012-01-11 16:45 . 2008-04-13 18:46 17024 -c--a-w- d:\windows\system32\dllcache\ccdecode.sys
2012-01-11 16:45 . 2008-04-13 18:46 17024 ----a-w- d:\windows\system32\drivers\CCDECODE.sys
2012-01-11 16:33 . 2011-05-21 05:01 331776 ----a-w- d:\windows\system32\nvrshe.dll
2012-01-11 16:33 . 2011-05-21 05:01 286720 ----a-w- d:\windows\system32\nvrsfr.dll
2012-01-11 16:33 . 2011-05-21 05:01 282624 ----a-w- d:\windows\system32\nvrses.dll
2012-01-11 16:33 . 2011-05-21 05:01 282624 ----a-w- d:\windows\system32\nvrsel.dll
2012-01-11 16:33 . 2011-05-21 05:01 278528 ----a-w- d:\windows\system32\nvrsde.dll
2012-01-11 16:33 . 2011-05-21 05:01 274432 ----a-w- d:\windows\system32\nvrsesm.dll
2012-01-11 16:33 . 2011-05-21 05:01 262144 ----a-w- d:\windows\system32\nvrshu.dll
2012-01-11 16:33 . 2011-05-21 05:01 253952 ----a-w- d:\windows\system32\nvrsda.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrsfi.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrseng.dll
2012-01-11 16:33 . 2011-05-21 05:01 249856 ----a-w- d:\windows\system32\nvrscs.dll
2012-01-11 16:33 . 2011-05-21 05:01 335872 ----a-w- d:\windows\system32\nvrsar.dll
2012-01-11 16:32 . 2011-10-08 04:50 602432 ----a-w- d:\windows\system32\easyupdatusapiu.dll
2012-01-11 16:22 . 2008-04-14 03:22 54272 -c--a-w- d:\windows\system32\dllcache\vfwwdm32.dll
2012-01-11 16:22 . 2008-04-14 03:22 54272 ----a-w- d:\windows\system32\vfwwdm32.dll
2012-01-11 16:22 . 2008-04-14 03:22 91648 ----a-w- d:\windows\system32\kswdmcap.ax
2012-01-11 16:22 . 2008-04-14 03:22 43008 ----a-w- d:\windows\system32\ksxbar.ax
2012-01-11 16:22 . 2008-04-14 03:22 61952 ----a-w- d:\windows\system32\kstvtune.ax
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-27 21:21 . 2008-08-17 07:51 138160 ----a-w- d:\windows\system32\drivers\PnkBstrK.sys
2012-01-27 21:21 . 2009-03-13 17:18 271200 ----a-w- d:\windows\system32\PnkBstrB.xtr
2012-01-27 21:21 . 2008-08-17 07:51 271200 ----a-w- d:\windows\system32\PnkBstrB.exe
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-11 16:57 . 2010-10-11 12:39 664 ----a-w- d:\documents and settings\AAA\Local Settings\Data aplikací\d3d9caps.tmp
2012-01-08 18:31 . 2008-08-17 07:51 271200 ----a-w- d:\windows\system32\PnkBstrB.ex0
2011-12-23 18:26 . 2011-01-17 15:25 25280 ----a-w- d:\windows\system32\drivers\hamachi.sys
2011-11-29 15:39 . 2011-12-25 14:15 4659712 ----a-w- d:\windows\system32\Redemption.dll
2011-11-29 15:38 . 2011-11-29 15:38 90112 ----a-w- d:\windows\MAMCityDownload.ocx
2011-11-29 15:38 . 2011-11-29 15:38 325552 ----a-w- d:\windows\MASetupCaller.dll
2011-11-29 15:38 . 2011-11-29 15:38 30568 ----a-w- d:\windows\MusiccityDownload.exe
2011-11-29 15:38 . 2011-11-29 15:38 974848 ----a-w- d:\windows\system32\cis-2.4.dll
2011-11-29 15:38 . 2011-11-29 15:38 81920 ----a-w- d:\windows\system32\issacapi_bs-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 65536 ----a-w- d:\windows\system32\issacapi_pe-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\MTXSYNCICON.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\MK_Lyric.dll
2011-11-29 15:38 . 2011-11-29 15:38 57344 ----a-w- d:\windows\system32\issacapi_se-2.3.dll
2011-11-29 15:38 . 2011-11-29 15:38 569344 ----a-w- d:\windows\system32\muzdecode.ax
2011-11-29 15:38 . 2011-11-29 15:38 491520 ----a-w- d:\windows\system32\muzapp.dll
2011-11-29 15:38 . 2011-11-29 15:38 49152 ----a-w- d:\windows\system32\MaJGUILib.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- d:\windows\system32\MaXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 45056 ----a-w- d:\windows\system32\MACXMLProto.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- d:\windows\system32\MTTELECHIP.dll
2011-11-29 15:38 . 2011-11-29 15:38 40960 ----a-w- d:\windows\system32\MAMACExtract.dll
2011-11-29 15:38 . 2011-11-29 15:38 352256 ----a-w- d:\windows\system32\MSLUR71.dll
2011-11-29 15:38 . 2011-11-29 15:38 258048 ----a-w- d:\windows\system32\muzoggsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 245760 ----a-w- d:\windows\system32\MSCLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 24576 ----a-w- d:\windows\system32\MASetupCleaner.exe
2011-11-29 15:38 . 2011-11-29 15:38 200704 ----a-w- d:\windows\system32\muzwmts.dll
2011-11-29 15:38 . 2011-11-29 15:38 155648 ----a-w- d:\windows\system32\MSFLib.dll
2011-11-29 15:38 . 2011-11-29 15:38 143360 ----a-w- d:\windows\system32\3DAudio.ax
2011-11-29 15:38 . 2011-11-29 15:38 14336 ----a-w- d:\windows\system32\avrt.dll
2011-11-29 15:38 . 2011-11-29 15:38 135168 ----a-w- d:\windows\system32\muzaf1.dll
2011-11-29 15:38 . 2011-11-29 15:38 131072 ----a-w- d:\windows\system32\muzmpgsp.ax
2011-11-29 15:38 . 2011-11-29 15:38 122880 ----a-w- d:\windows\system32\muzeffect.ax
2011-11-29 15:38 . 2011-11-29 15:38 118784 ----a-w- d:\windows\system32\MaDRM.dll
2011-11-29 15:38 . 2011-11-29 15:38 110592 ----a-w- d:\windows\system32\muzmp4sp.ax
2011-11-29 15:38 . 2011-12-25 14:14 319456 ----a-w- d:\windows\system32\DIFxAPI.dll
2011-11-29 15:38 . 2011-12-25 14:14 20032 ----a-w- d:\windows\system32\drivers\dgderdrv.sys
2011-11-29 15:38 . 2011-12-25 14:14 821824 ----a-w- d:\windows\system32\dgderapi.dll
2011-11-28 18:01 . 2011-12-22 10:22 41184 ----a-w- d:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-22 10:22 199816 ----a-w- d:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-12-22 10:26 435032 ----a-w- d:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-22 10:27 314456 ----a-w- d:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-12-22 10:26 34392 ----a-w- d:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-22 10:26 52952 ----a-w- d:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-22 10:26 111320 ----a-w- d:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-12-22 10:26 105176 ----a-w- d:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-12-22 10:27 20568 ----a-w- d:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-12-22 10:26 30808 ----a-w- d:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2002-09-20 17:05 293376 ----a-w- d:\windows\system32\winsrv.dll
2011-11-23 14:40 . 2002-09-20 16:41 1859584 ----a-w- d:\windows\system32\win32k.sys
2011-11-20 06:12 . 2002-09-20 17:05 60416 ----a-w- d:\windows\system32\packager.exe
2011-11-16 14:21 . 2008-08-10 11:36 354816 ----a-w- d:\windows\system32\winhttp.dll
2011-11-16 14:21 . 2002-09-20 17:04 152064 ----a-w- d:\windows\system32\schannel.dll
2006-09-28 14:55 . 2006-09-28 14:55 74520 ----a-w- d:\program files\DSETUP.dll
2006-09-28 14:55 . 2006-09-28 14:55 484632 ----a-w- d:\program files\DXSETUP.exe
2006-09-28 14:55 . 2006-09-28 14:55 2248984 ----a-w- d:\program files\dsetup32.dll
2012-01-11 08:06 . 2011-12-14 18:33 121816 ----a-w- d:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-03_20.30.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-04 10:10 . 2012-02-04 10:10 16384 d:\windows\Temp\Perflib_Perfdata_68c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- d:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="d:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-10 1800464]
"avast"="d:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"NvCplDaemon"="d:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=d:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 SmartDefragDriver;SmartDefragDriver;d:\windows\system32\drivers\SmartDefragDriver.sys [22.1.2012 13:35 14776]
R0 sptd;sptd;d:\windows\system32\drivers\sptd.sys [16.8.2008 8:22 697328]
R1 aswSnx;aswSnx;d:\windows\system32\drivers\aswSnx.sys [22.12.2011 11:26 435032]
R1 aswSP;aswSP;d:\windows\system32\drivers\aswSP.sys [22.12.2011 11:27 314456]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;d:\windows\system32\drivers\cmdguard.sys [11.10.2009 15:47 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;d:\windows\system32\drivers\cmdhlp.sys [11.10.2009 15:47 25160]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};Power Control [2009/02/11 12:29];d:\program files\CyberLink\PowerDVD8\000.fcl [20.1.2009 19:56 87536]
R2 713xTVCard;SAA7134 TV Card;d:\windows\system32\drivers\SAA713x.sys [15.3.2005 12:00 277504]
R2 aswFsBlk;aswFsBlk;d:\windows\system32\drivers\aswFsBlk.sys [22.12.2011 11:27 20568]
R2 nvUpdatusService;NVIDIA Update Service Daemon;d:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [22.1.2012 17:10 2253120]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;d:\windows\system32\drivers\nvhda32.sys [11.10.2010 13:29 119656]
R3 pcouffin;VSO Software pcouffin;d:\windows\system32\drivers\pcouffin.sys [23.2.2009 19:27 47360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;d:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 12:16 130384]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;d:\windows\system32\drivers\ssadadb.sys [25.12.2011 15:22 30312]
S3 ATE_PROCMON;ATE_PROCMON;\??\d:\program files\Anti Trojan Elite\ATEPMon.sys --> d:\program files\Anti Trojan Elite\ATEPMon.sys [?]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;d:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe --> d:\program files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);d:\windows\system32\drivers\ssudbus.sys [25.12.2011 15:23 78136]
S3 dgderdrv;dgderdrv;d:\windows\system32\drivers\dgderdrv.sys [25.12.2011 15:14 20032]
S3 DrvAgent32;DrvAgent32;d:\windows\system32\drivers\DrvAgent32.sys [31.1.2012 19:50 23456]
S3 GarenaPEngine;GarenaPEngine;\??\d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp --> d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp [?]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;d:\windows\system32\drivers\massfilter_hs.sys [10.8.2011 8:49 15896]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;d:\windows\system32\drivers\nmwcdnsu.sys --> d:\windows\system32\drivers\nmwcdnsu.sys [?]
S3 nmwcdnsuc;Nokia USB Flashing Generic;d:\windows\system32\drivers\nmwcdnsuc.sys --> d:\windows\system32\drivers\nmwcdnsuc.sys [?]
S3 PROCEXP151;PROCEXP151;\??\d:\windows\system32\Drivers\PROCEXP151.SYS --> d:\windows\system32\Drivers\PROCEXP151.SYS [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);d:\windows\system32\drivers\ssadbus.sys [25.12.2011 15:22 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);d:\windows\system32\drivers\ssadmdfl.sys [25.12.2011 15:22 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;d:\windows\system32\drivers\ssadmdm.sys [25.12.2011 15:22 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);d:\windows\system32\drivers\ssadserd.sys [25.12.2011 15:22 114280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);d:\windows\system32\drivers\ssudmdm.sys [25.12.2011 15:24 181432]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);d:\windows\system32\drivers\ssudserd.sys [25.12.2011 15:24 181432]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;d:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 12:16 753504]
S3 XMLDIUSB;XML USB Device Interface;d:\windows\system32\drivers\XMLDIUSB.sys [29.12.2008 13:03 33152]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - d:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.0.123.254 81.19.33.2
FF - ProfilePath - d:\documents and settings\AAA\Data aplikací\Mozilla\Firefox\Profiles\x1pzlxn6.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-%Product_Name% 4.9F - j:\faktura\uninststall\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-04 11:11
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\d:\docume~1\AAA\LOCALS~1\Temp\COU1DE8.tmp"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\d:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(2060)
d:\windows\system32\webcheck.dll
d:\windows\system32\WPDShServiceObj.dll
d:\windows\system32\PortableDeviceTypes.dll
d:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
d:\program files\COMODO\COMODO Internet Security\cmdagent.exe
d:\program files\AVAST Software\Avast\AvastSvc.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\windows\system32\nvsvc32.exe
d:\windows\system32\PnkBstrA.exe
d:\program files\CyberLink\Shared Files\RichVideo.exe
d:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
d:\windows\System32\wbem\wmiapsrv.exe
d:\program files\COMODO\COMODO Internet Security\cfpupdat.exe
.
**************************************************************************
.
Celkový čas: 2012-02-04 11:24:53 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-04 10:24
ComboFix2.txt 2012-02-03 20:46
.
Před spuštěním: Volných bajtů: 118 922 178 560
Po spuštění: Volných bajtů: 119 019 745 280
.
- - End Of File - - A8C5C82C8BDDFB40DD7566F14CAC1EF8

#12 Příspěvek od **Mc_Murphy** » 04 úno 2012 11:50

Jak je na tom počítač?

chiffre · #13 Příspěvek od **chiffre** » 04 úno 2012 13:45

Počítač na tom je už mnohem lépe .

#14 Příspěvek od **Mc_Murphy** » 04 úno 2012 15:15

Super.

Dáme si ještě jeden scan, tentokrát s OTL.

Stáhni OTL z tohoto odkazu a ulož jej na Plochu.

Pokud používáš Win Vista či Win7, klikni na OTL pravým myšítkem a dej Run As Administrator či Spustit jako správce.
Pokud používáš 64bitový OS, zkontroluj, zda-li je zaškrtnutý čtvereček Pro 64 bitové OS. Pokud ne, zaškrtni jej.
Zaškrtni okénko Pro všechny uživatele.
Zaškrtni okénko Kontrola na havěť "LOP".
Zaškrtni okénko Kontrola na havěť "Purity".
Stáři souborů změň z 30 dnů na 7 dnů!!
Do spodního okénka Vlastní skenování/opravy vlož tento script (pouze zelená písmenka v bílém poli!):

Kód: Vybrat vše

CREATERESTOREPOINT
netsvc
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
%userprofile%\Plocha\*.*
%userprofile%\Desktop\*.*
%ALLUSERSPROFILE%\Plocha\*.*
%ALLUSERSPROFILE%\Desktop\*.*
*crack* /s
*keygen* /s
*loader* /s
*RemoveWAT* /s
*minodlogin* /s
*tnod* /s
*TemDono* /s
*AutoKMS* /s
*KMSEmulator* /s
*activator* /s
*serial* /s
*w7lxe* /s
*AutoRearm* /s
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

Klikni na tlačítko [Prohledat].
Po dokončení skenu se objeví logy OTL.txt a Extras.txt, oba mi sem vlož.
Logy se nevejdou do jednoho, rozděl je tedy prosím do více příspěvků.

chiffre · #15 Příspěvek od **chiffre** » 04 úno 2012 17:59

OTL Extras logfile created on: 4.2.2012 17:02:24 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Documents and Settings\AAA\Plocha
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,29 Gb Available Physical Memory | 64,42% Memory free
4,86 Gb Paging File | 4,25 Gb Available in Paging File | 87,51% Paging File free
Paging file location(s): D:\pagefile.sys 3080 4104 [binary data]

%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files
Drive C: | 48,83 Gb Total Space | 33,65 Gb Free Space | 68,91% Space Free | Partition Type: NTFS
Drive D: | 249,26 Gb Total Space | 103,71 Gb Free Space | 41,61% Space Free | Partition Type: NTFS

Computer Name: ALES | User Name: AAA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1214440339-1220945662-725345543-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"57700:TCP" = 57700:TCP:*:Enabled:Pando Media Booster
"57700:UDP" = 57700:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Disabled:@xpsp2res.dll,-22009

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"D:\Program Files\Pando Networks\Media Booster\PMB.exe" = D:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"D:\Program Files\Combat Arms\CombatArms.exe" = D:\Program Files\Combat Arms\CombatArms.exe:*Enabled:CombatArms.exe
"D:\Program Files\Combat Arms\Engine.exe" = D:\Program Files\Combat Arms\Engine.exe:*Enabled:Engine.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Program Files\FIFA 12\Game\fifa.exe" = D:\Program Files\FIFA 12\Game\fifa.exe:*:Enabled:FIFA 12 -- (Electronic Arts)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"%Product_Name% 4.9F " = Fakturky 4.9F
"%Product_Name% 5.3.1 " = Fakturky 5.3.1
"{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}" = Microsoft Games for Windows - LIVE Redistributable
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{129DDEC1-A6A3-3D60-AABE-76E6E5334922}" = Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.6.0.198
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 29
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}" = Microsoft Games for Windows - LIVE
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1" = GamePark klient 2.0.9.0
"{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}" = GetDataBack for NTFS
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DB8BFC7-9595-49CC-BF0D-A17D3A83929A}" = OpenOffice.org 2.0
"{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PartitionMagic
"{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}" = Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DCC43B-33C9-3389-BD0D-33EB37973657}" = Microsoft .NET Framework 3.5 Language Pack - csy
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.4.8.123
"{7D65E5D3-A191-4208-875A-43F149F9C36F}" = FirebirdClient 2.1.0
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{821D6F49-1B20-4809-8C73-286CFC52B1B1}" = Samsung Auto Backup
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"{91C0B95B-B83A-4828-A775-BBE2DD421029}" = Nero 7 Essentials
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AC76BA86-7AD7-1029-7B44-A81200000003}" = Adobe Reader 8 - Czech
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 285.58
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 135.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C13E90B0-4E1C-11DB-6784-0152EAA218BE}" = Call of Duty(R) 2 Patch 1.3
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2D77DC2-8299-11D1-8949-444553540000}_is1" = ZTE Handset USB Driver 5.2066.1.8B01
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D848D140-41C3-4A53-86D8-E866A100B4CD}" = PC Connectivity Solution
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DBECFA83-42DC-4585-A970-A764AB01A956}" = Call Of Duty(R) 2
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"{E5C8C4ED-A76A-49F3-BDB8-56DEEE92F19B}" = 602XML Filler
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 7.00.0.1)
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced RAR Repair v1.2" = Advanced RAR Repair v1.2
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.00
"avast" = avast! Free Antivirus
"C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Balíček ovladače systému Windows - Nokia Modem (05/22/2008 3.8)
"CCleaner" = CCleaner (remove only)
"Combat Wings_is1" = Combat Wings (1.0)
"COMODO Internet Security" = COMODO Internet Security
"DriverAgent.exe" = DriverAgent by eSupport.com
"DVD Shrink_is1" = DVD Shrink 3.2
"EAX Unified" = EAX Unified
"ffdshow_is1" = ffdshow [rev 1928] [2008-04-10]
"FIFA 11 PC | FIFA CONFIG addon FIXED" = FIFA 11 PC | FIFA CONFIG addon FIXED
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"FS6_is1" = FORM studio 2009
"Game Booster_is1" = Game Booster 3
"GameParkClient_is1" = GamePark
"HD Tune_is1" = HD Tune 2.55
"ie8" = Windows Internet Explorer 8
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platforma Ovladače zařízení
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}" = PowerQuest PartitionMagic 8.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty(R) 4 - Modern Warfare(TM)
"JDownloader" = JDownloader
"Microsoft .NET Framework 3.5 Language Pack - csy" = Microsoft .NET Framework 3.5 Language Pack - CSY
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"MobiMB Mobile Media Browser" = MobiMB Mobile Media Browser
"Mozilla Firefox 9.0.1 (x86 cs)" = Mozilla Firefox 9.0.1 (x86 cs)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"OpenAL" = OpenAL
"PC Translator" = PC Translator
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"Quick Memory Editor_is1" = Quick Memory Editor 5.5
"Recuva" = Recuva
"Revo Uninstaller" = Revo Uninstaller 1.71
"Sideload Wonder Machine1.2" = Sideload Wonder Machine
"Smart Defrag 2_is1" = Smart Defrag 2
"SystemRequirementsLab" = System Requirements Lab
"TmNationsForever_is1" = TmNationsForever
"TS Diktáty (doporučená instalace)" = TS Diktáty (doporučená instalace)
"VLC media player" = VLC media player 1.0.5
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"World of Warcraft" = World of Warcraft
"Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
"ZonerPhotoStudio10_CZ_is1" = Zoner Photo Studio 10

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1214440339-1220945662-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS" = FIFA 12 REAL PERFORMANCE OPTIMIZER V. 1.0 BY DOCTOR+ PRODUCTIONS
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 31.1.2012 14:14:03 | Computer Name = ALES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 31.1.2012 14:14:06 | Computer Name = ALES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 31.1.2012 14:14:06 | Computer Name = ALES | Source = PerfNet | ID = 2006
Description = Nelze číst data o výkonu fronty ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu fronty serveru. Vrácený chybový kód je v datech DWORD
0, IOSB.Status je DWORD 1 a IOSB.Information je DWORD 2.

Error - 3.2.2012 12:41:03 | Computer Name = ALES | Source = Application Error | ID = 1000
Description = Chybující aplikace pes2012.exe, verze 1.2.0.0, chybující modul pes2012.exe,
verze 1.2.0.0, adresa chyby 0x0038b3c4.

Error - 4.2.2012 6:10:07 | Computer Name = ALES | Source = PerfNet | ID = 2005
Description = Nelze číst data o výkonu ze služby serveru. V tomto vzorku nebudou
vrácena žádná data o výkonu serveru. Vrácený chybový kód je v datech DWORD 0, IOSB.Status
je DWORD 1 a IOSB.Information je DWORD 2.

Error - 4.2.2012 7:06:43 | Computer Name = ALES | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 4.2.2012 7:48:05 | Computer Name = ALES | Source = PerfNet | ID = 2004
Description = Nelze otevřít službu serveru. Data o výkonu serveru nejsou k dispozici.
Vrácený chybový kód je v datech DWORD 0.

Error - 4.2.2012 8:17:09 | Computer Name = ALES | Source = Application Error | ID = 1000
Description = Chybující aplikace config addon.exe, verze 1.0.0.0, chybující modul
shell32.dll, verze 6.0.2900.6072, adresa chyby 0x0002ccef.

Error - 4.2.2012 8:18:23 | Computer Name = ALES | Source = Application Error | ID = 1000
Description = Chybující aplikace drwtsn32.exe, verze 5.1.2600.0, chybující modul
dbghelp.dll, verze 5.1.2600.5512, adresa chyby 0x0001295d.

Error - 4.2.2012 8:32:41 | Computer Name = ALES | Source = .NET Runtime | ID = 1026
Description = Aplikace: i68Regenerator.exe Verze Framework: v4.0.30319 Popis: Proces
byl ukončen z důvodu neošetřené výjimky. Informace o výjimce: System.InvalidOperationException
Zásobník:

na System.Collections.ArrayList+ArrayListEnumeratorSimple.MoveNext() na System.Windows.Forms.Application.ExitInternal()

na System.Windows.Forms.Application.Exit(System.ComponentModel.CancelEventArgs)

na System.Windows.Forms.Application.Exit() na i68Labor12.i68FifaForm.ExitApplication()

na System.Threading.ThreadHelper.ThreadStart_Context(System.Object) na System.Threading.ExecutionContext.runTryCode(System.Object)

na System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode,
CleanupCode, System.Object) na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext,
System.Threading.ContextCallback, System.Object) na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,
System.Threading.ContextCallback, System.Object, Boolean) na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext,
System.Threading.ContextCallback, System.Object) na System.Threading.ThreadHelper.ThreadStart()

[ System Events ]
Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba Adaptér výkonu služby WMI byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba COMODO Internet Security Helper Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba Java Quick Starter byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba StarWind AE Service byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba Služba brány aplikačního rozhraní byla neočekávaně ukončena.
Tento stav nastal již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento
stav nastal již 1krát.

Error - 4.2.2012 5:41:45 | Computer Name = ALES | Source = Service Control Manager | ID = 7034
Description = Služba Zařazování tisku byla neočekávaně ukončena. Tento stav nastal
již 1krát.

Error - 4.2.2012 6:10:41 | Computer Name = ALES | Source = Service Control Manager | ID = 7000
Description = Služba CdaC15BA neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 4.2.2012 7:06:54 | Computer Name = ALES | Source = Service Control Manager | ID = 7000
Description = Služba CdaC15BA neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 4.2.2012 7:58:26 | Computer Name = ALES | Source = Service Control Manager | ID = 7000
Description = Služba CdaC15BA neuspěla při spuštění v důsledku následující chyby:
%%2

< End of report >

VIRY.CZ

Prosím o kontrolu logu velmi pomalý chod stolního PC

Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC

Re: Prosím o kontrolu logu velmi pomalý chod stolního PC