Prosím o preventivní prohlídku

Zpráva

Dulcimer · #31 Příspěvek od **Dulcimer** » 13 úno 2013 08:17

Tady je RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Simona Adamcová at 2013-02-13 08:17:12
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 10 GB (49%) free of 20 GB
Total RAM: 511 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:17:21, on 13.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VIA\RAID\vialogsv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Simona Adamcová\Plocha\Čištění PC\RSIT.exe
C:\Program Files\trend micro\Simona Adamcová.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Instalacky\ICQ\ICQ6.5\ICQ.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: crypt - crypts.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VRAID Log Service - Unknown owner - C:\Program Files\VIA\RAID\vialogsv.exe

--
End of file - 5530 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
C:\WINDOWS\tasks\MpIdleTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-08 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-08 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2000-01-01 577536]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-18 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AudioDeck]
C:\Program Files\VIA\VIAudioi\SBADeck\ADeck.exe [2006-11-02 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 (od PDC)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE /P33 EPSON Stylus Photo R1800 (od PDC) /O5 TS001 /M Stylus Photo R1800 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R1800 na ucto (od FANDANB2)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9LE.EXE /P46 EPSON Stylus Photo R1800 na ucto (od FANDANB2) /O5 TS006 /M Stylus Photo R1800 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo RX585 Series]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICLE.EXE /FU C:\WINDOWS\TEMP\E_S20D.tmp /EF HKCU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SlimDrivers]
C:\Program Files\SlimDrivers\SlimDrivers.exe [2013-01-31 29387072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-03-02 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt]
crypts.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Icqlite\ICQLite.exe"="C:\Program Files\Icqlite\ICQLite.exe:*:Enabled:ICQ Lite"
"D:\Instalacky\ICQ\ICQ6\ICQ.exe"="D:\Instalacky\ICQ\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"D:\Instalacky\ICQ\ICQ6.5\ICQ.exe"="D:\Instalacky\ICQ\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"VIDC.MPG4"=mpg4c32.dll
"VIDC.MP42"=mpg4c32.dll
"VIDC.DVSD"=pdvcodec.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll

======List of files/folders created in the last 1 month======

2013-02-13 08:15:16 ----D---- C:\WINDOWS\LastGood
2013-02-13 08:04:15 ----SHD---- C:\Config.Msi
2013-02-13 07:58:27 ----A---- C:\WINDOWS\system32\muweb.dll
2013-02-13 07:58:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2013-02-13 07:55:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2013-02-12 17:11:15 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\ACD Systems
2013-02-12 17:09:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\ACD Systems
2013-02-12 17:08:53 ----D---- C:\Program Files\Common Files\ACD Systems
2013-02-12 17:08:53 ----D---- C:\Program Files\ACD Systems
2013-02-12 17:05:59 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\WinRAR
2013-02-12 17:05:13 ----D---- C:\Program Files\WinRAR
2013-02-12 16:47:14 ----D---- C:\Program Files\Enigma Software Group
2013-02-12 16:46:28 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2013-02-12 16:24:43 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2013-02-12 16:20:18 ----D---- C:\Program Files\Microsoft Security Client
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2013-02-12 13:28:15 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2013-02-12 13:28:14 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2013-02-12 13:28:14 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2013-02-12 13:28:13 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2013-02-12 13:28:12 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2013-02-12 13:28:11 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2013-02-12 13:28:11 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2013-02-12 13:28:10 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2013-02-12 13:28:09 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2013-02-12 13:28:08 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2013-02-12 13:28:07 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2013-02-12 13:28:06 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2013-02-12 13:28:06 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2013-02-12 13:28:05 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2013-02-12 13:28:04 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2013-02-12 13:28:03 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2013-02-12 13:28:02 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2013-02-12 13:28:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2013-02-12 13:28:00 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2013-02-12 13:27:59 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2013-02-12 13:27:58 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2013-02-12 13:27:57 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2013-02-12 13:27:56 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2013-02-12 13:27:52 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2013-02-12 13:27:52 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2013-02-12 13:27:50 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2013-02-12 13:25:50 ----D---- C:\WINDOWS\Logs
2013-02-12 12:41:01 ----D---- C:\WINDOWS\Prefetch
2013-02-12 12:07:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2013-02-12 12:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2013-02-12 12:06:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2013-02-12 12:06:21 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2013-02-12 12:06:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2013-02-12 12:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2013-02-12 12:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2013-02-12 12:04:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2013-02-12 12:03:59 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2013-02-12 12:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2013-02-12 12:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2013-02-12 12:02:43 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2013-02-12 12:02:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2013-02-12 12:01:44 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2013-02-12 12:01:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2013-02-12 12:00:41 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2013-02-12 12:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2013-02-12 11:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2013-02-12 11:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2013-02-12 11:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2013-02-12 11:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2013-02-12 11:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2013-02-12 11:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2013-02-12 11:57:28 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2013-02-12 11:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2013-02-12 11:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2013-02-12 11:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2013-02-12 11:55:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2013-02-12 11:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2013-02-12 11:54:51 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2013-02-12 11:54:28 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2013-02-12 11:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2013-02-12 11:53:14 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2013-02-12 11:52:49 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2013-02-12 11:52:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2013-02-12 11:52:04 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2013-02-12 11:51:42 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2013-02-12 11:51:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2013-02-12 11:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$
2013-02-12 11:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2013-02-12 11:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2013-02-12 11:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2013-02-12 11:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2013-02-12 11:49:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2013-02-12 11:48:51 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2013-02-12 11:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2013-02-12 11:48:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2013-02-12 11:47:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2013-02-12 11:46:36 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2013-02-12 11:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2013-02-12 11:44:56 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2013-02-12 11:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2013-02-12 11:43:08 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2013-02-12 11:42:30 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2013-02-12 11:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2013-02-12 11:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2013-02-12 11:39:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2013-02-12 11:38:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2013-02-12 11:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2013-02-12 11:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2013-02-12 11:37:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2013-02-12 11:36:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2013-02-12 11:36:03 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2013-02-12 11:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2013-02-12 11:35:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2013-02-12 11:34:50 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2013-02-12 11:34:28 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2013-02-12 11:34:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2013-02-12 11:28:46 ----D---- C:\WINDOWS\l2schemas
2013-02-12 11:28:45 ----D---- C:\WINDOWS\system32\cs
2013-02-12 11:28:45 ----D---- C:\WINDOWS\system32\bits
2013-02-12 11:16:40 ----D---- C:\WINDOWS\network diagnostic
2013-02-12 11:10:49 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2013-02-12 10:39:31 ----D---- C:\WINDOWS\system32\XPSViewer
2013-02-12 10:39:23 ----D---- C:\Program Files\MSBuild
2013-02-12 10:39:19 ----D---- C:\WINDOWS\system32\en-US
2013-02-12 10:39:02 ----D---- C:\Program Files\Reference Assemblies
2013-02-12 10:37:54 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2013-02-12 10:37:54 ----N---- C:\WINDOWS\system32\prntvpt.dll
2013-02-12 10:37:53 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2013-02-12 10:28:20 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2013-02-12 10:28:13 ----D---- C:\Program Files\MSXML 6.0
2013-02-12 10:20:14 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2013-02-12 09:59:03 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2013-02-12 09:58:37 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2013-02-12 09:58:10 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2013-02-12 09:57:47 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2013-02-12 09:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2013-02-12 09:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2013-02-12 09:55:54 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2013-02-12 09:55:36 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2013-02-12 09:55:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2013-02-12 09:54:47 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2013-02-12 09:54:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2013-02-12 09:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2013-02-12 09:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2013-02-12 09:53:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2013-02-12 09:52:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2013-02-12 09:52:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2013-02-12 09:51:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2013-02-12 09:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2013-02-12 09:50:56 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2013-02-12 09:50:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2013-02-12 09:49:28 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2013-02-12 09:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2013-02-12 09:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2013-02-12 09:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2013-02-12 09:47:39 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2013-02-12 09:46:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2013-02-12 09:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2013-02-12 09:45:43 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2013-02-12 09:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2013-02-12 09:44:54 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2013-02-12 09:44:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2013-02-12 09:43:44 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2013-02-12 09:43:00 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2013-02-12 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2013-02-12 09:42:03 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2013-02-12 09:41:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2013-02-12 09:41:15 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2013-02-12 09:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2013-02-12 09:40:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2013-02-12 09:39:46 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2013-02-12 09:39:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$
2013-02-12 09:38:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2013-02-12 09:37:44 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2013-02-12 09:25:52 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2013-02-12 09:25:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2013-02-12 09:23:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2013-02-12 09:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2013-02-12 09:20:20 ----D---- C:\WINDOWS\ServicePackFiles
2013-02-12 09:20:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2013-02-12 09:19:16 ----D---- C:\WINDOWS\ie8updates
2013-02-12 08:59:37 ----N---- C:\WINDOWS\system32\browserchoice.exe
2013-02-12 08:58:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2013-02-12 08:57:37 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2013-02-12 08:56:32 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2013-02-11 15:56:14 ----SHD---- C:\RECYCLER
2013-02-11 13:48:54 ----SD---- C:\ComboFix
2013-02-11 11:01:29 ----A---- C:\WINDOWS\zip.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWSC.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\SWREG.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\sed.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\PEV.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\NIRCMD.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\MBR.exe
2013-02-11 11:01:29 ----A---- C:\WINDOWS\grep.exe
2013-02-11 11:01:21 ----D---- C:\Qoobox
2013-02-11 11:01:11 ----D---- C:\WINDOWS\erdnt
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNHMCA.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100U.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100L.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100I.dll
2013-02-11 10:54:33 ----A---- C:\WINDOWS\system32\CNC6100C.dll
2013-02-11 10:42:58 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2013-02-11 10:42:20 ----A---- C:\WINDOWS\system32\CNMLMAG.DLL
2013-02-11 10:41:53 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2013-02-11 10:41:11 ----A---- C:\WINDOWS\system32\CNC6100O.dll
2013-02-11 10:41:06 ----A---- C:\WINDOWS\system32\CNMIUAG.DLL
2013-02-11 10:40:21 ----HD---- C:\Program Files\CanonBJ
2013-02-11 10:11:40 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2013-02-09 11:40:52 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2013-02-09 10:04:37 ----D---- C:\_OTM
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\vusetup.dll
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfntr.sys
2013-02-08 23:46:38 ----A---- C:\WINDOWS\system32\drivers\vulfnth.sys
2013-02-08 23:44:59 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Sierra Wireless
2013-02-08 23:42:53 ----D---- C:\WINDOWS\pss
2013-02-08 23:30:53 ----A---- C:\WINDOWS\system32\drivers\videX32.sys
2013-02-08 23:28:46 ----D---- C:\Program Files\Realtek AC97
2013-02-08 23:26:32 ----D---- C:\Program Files\Belkin
2013-02-08 23:13:10 ----D---- C:\Program Files\Common Files\Skype
2013-02-08 22:50:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Sun
2013-02-08 22:50:33 ----D---- C:\Program Files\trend micro
2013-02-08 22:50:22 ----D---- C:\rsit
2013-02-08 22:49:58 ----A---- C:\WINDOWS\system32\deployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2013-02-08 22:49:57 ----A---- C:\WINDOWS\system32\javaws.exe
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-08 22:49:44 ----A---- C:\WINDOWS\system32\javaw.exe
2013-02-08 22:49:43 ----A---- C:\WINDOWS\system32\java.exe
2013-02-08 22:43:37 ----D---- C:\Program Files\FileHippo.com
2013-02-08 22:39:09 ----RSD---- C:\WINDOWS\assembly
2013-02-08 22:38:18 ----D---- C:\WINDOWS\Microsoft.NET
2013-02-08 22:33:35 ----D---- C:\Program Files\SlimDrivers
2013-02-08 18:51:32 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Opera
2013-02-08 18:51:08 ----D---- C:\Program Files\Opera
2013-02-08 17:39:07 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys

======List of files/folders modified in the last 1 month======

2013-02-13 08:15:59 ----HD---- C:\WINDOWS\inf
2013-02-13 08:15:58 ----HD---- C:\WINDOWS\$hf_mig$
2013-02-13 08:15:58 ----D---- C:\WINDOWS
2013-02-13 08:15:05 ----D---- C:\WINDOWS\Temp
2013-02-13 08:11:20 ----RSHDC---- C:\WINDOWS\system32\dllcache
2013-02-13 08:11:11 ----D---- C:\WINDOWS\system32\CatRoot2
2013-02-13 08:10:58 ----D---- C:\WINDOWS\system32
2013-02-13 08:10:19 ----D---- C:\WINDOWS\security
2013-02-13 08:10:17 ----A---- C:\WINDOWS\SchedLgU.Txt
2013-02-13 08:09:51 ----D---- C:\Program Files\Common Files
2013-02-13 08:04:49 ----SHD---- C:\WINDOWS\Installer
2013-02-13 08:04:47 ----SD---- C:\WINDOWS\Tasks
2013-02-13 08:00:40 ----D---- C:\WINDOWS\system32\drivers
2013-02-13 07:57:53 ----D---- C:\WINDOWS\Help
2013-02-12 17:25:46 ----A---- C:\WINDOWS\wincmd.ini
2013-02-12 17:09:50 ----D---- C:\WINDOWS\WinSxS
2013-02-12 17:08:53 ----RD---- C:\Program Files
2013-02-12 16:47:29 ----SD---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Microsoft
2013-02-12 16:43:32 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Skype
2013-02-12 16:41:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2013-02-12 16:21:01 ----D---- C:\WINDOWS\Debug
2013-02-12 16:20:27 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2013-02-12 13:28:16 ----D---- C:\WINDOWS\system32\DirectX
2013-02-12 12:43:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2013-02-12 12:39:53 ----D---- C:\WINDOWS\system32\Setup
2013-02-12 12:39:53 ----D---- C:\WINDOWS\AppPatch
2013-02-12 12:39:52 ----RSD---- C:\WINDOWS\Fonts
2013-02-12 12:39:52 ----D---- C:\WINDOWS\system32\wbem
2013-02-12 12:08:01 ----D---- C:\WINDOWS\system32\CatRoot
2013-02-12 12:04:08 ----D---- C:\Program Files\Outlook Express
2013-02-12 12:01:07 ----D---- C:\Program Files\Movie Maker
2013-02-12 11:35:14 ----D---- C:\Program Files\Messenger
2013-02-12 11:29:25 ----D---- C:\WINDOWS\ehome
2013-02-12 11:29:22 ----D---- C:\WINDOWS\system32\inetsrv
2013-02-12 11:29:21 ----D---- C:\WINDOWS\ime
2013-02-12 11:28:51 ----D---- C:\WINDOWS\system32\cs-CZ
2013-02-12 11:28:50 ----D---- C:\WINDOWS\system32\usmt
2013-02-12 11:28:48 ----D---- C:\Program Files\Internet Explorer
2013-02-12 11:28:45 ----D---- C:\WINDOWS\PeerNet
2013-02-12 11:19:57 ----D---- C:\WINDOWS\system32\Restore
2013-02-12 11:19:57 ----D---- C:\WINDOWS\system32\npp
2013-02-12 11:19:54 ----D---- C:\WINDOWS\msagent
2013-02-12 11:19:52 ----D---- C:\WINDOWS\srchasst
2013-02-12 11:19:50 ----D---- C:\Program Files\NetMeeting
2013-02-12 11:19:48 ----D---- C:\WINDOWS\system32\Com
2013-02-12 11:19:43 ----D---- C:\Program Files\Windows Media Player
2013-02-12 11:19:42 ----D---- C:\Program Files\Windows NT
2013-02-12 11:19:30 ----D---- C:\Program Files\Common Files\System
2013-02-12 11:19:03 ----D---- C:\WINDOWS\system32\oobe
2013-02-12 11:19:00 ----D---- C:\WINDOWS\system
2013-02-12 11:14:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2013-02-12 10:38:29 ----D---- C:\WINDOWS\system32\spool
2013-02-12 10:31:45 ----D---- C:\WINDOWS\system32\mui
2013-02-12 09:24:34 ----HD---- C:\Program Files\InstallShield Installation Information
2013-02-12 09:17:56 ----D---- C:\WINDOWS\twain_32
2013-02-12 08:50:30 ----D---- C:\WINDOWS\SoftwareDistribution
2013-02-11 15:39:57 ----SHD---- C:\System Volume Information
2013-02-11 10:54:34 ----D---- C:\WINDOWS\Media
2013-02-11 10:30:52 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-02-11 10:29:42 ----D---- C:\Program Files\Common Files\DESIGNER
2013-02-11 10:29:17 ----A---- C:\WINDOWS\win.ini
2013-02-09 11:39:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2013-02-09 10:06:05 ----D---- C:\WINDOWS\NewSoft
2013-02-09 10:06:04 ----SHD---- C:\WINDOWS\CSC
2013-02-08 23:49:21 ----D---- C:\WINDOWS\system32\LogFiles
2013-02-08 23:41:03 ----D---- C:\Program Files\Common Files\Panasonic
2013-02-08 23:34:36 ----D---- C:\Program Files\VIA
2013-02-08 23:13:10 ----RD---- C:\Program Files\Skype
2013-02-08 22:50:35 ----D---- C:\Program Files\Common Files\Java
2013-02-08 22:49:08 ----D---- C:\Program Files\Java
2013-02-08 22:40:32 ----D---- C:\Program Files\CCleaner
2013-02-08 22:32:42 ----D---- C:\Documents and Settings\Simona Adamcová\Data aplikací\Adobe
2013-02-08 22:31:26 ----D---- C:\Program Files\Common Files\Adobe
2013-02-08 22:31:03 ----D---- C:\Program Files\Adobe
2013-02-08 22:27:09 ----A---- C:\WINDOWS\compedia.ini
2013-02-08 22:21:21 ----AC---- C:\WINDOWS\disney.ini
2013-02-08 22:05:41 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 gagp30kx;Filtr Microsoft Generic AGPv3.0 pro procesorovou platformu K8; C:\WINDOWS\system32\DRIVERS\gagp30kx.sys [2008-04-13 46464]
R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]
R0 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2000-01-01 117248]
R0 videX32;videX32; C:\WINDOWS\system32\DRIVERS\videX32.sys [2000-01-01 12952]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.10.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-04-11 21275]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2000-01-01 4122368]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-03-02 1972224]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-10-24 6784]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2008-09-16 26888]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vulfnths;VIA USB Host Controller Lower Filter; C:\WINDOWS\System32\Drivers\vulfnth.sys [2000-01-01 6912]
R3 vulfntrs;VIA USB Roothub Lower Filter; C:\WINDOWS\System32\Drivers\vulfntr.sys [2000-01-01 11264]
S3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS\system32\drivers\cmuda.sys [2005-12-15 1368000]
S3 RT61;Ralink RT61 Wireless Driver; C:\WINDOWS\system32\DRIVERS\RT61.sys [2006-05-04 380928]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 SWUMX20;Sierra Wireless USB MUX Driver (UMTS20); C:\WINDOWS\system32\DRIVERS\swumx20.sys []
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VIAudio;Vinyl AC'97 Audio Controller (WDM); C:\WINDOWS\system32\drivers\vinyl97.sys [2006-10-09 203648]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-03-02 446464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-02-08 170912]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]
R2 VRAID Log Service;VRAID Log Service; C:\Program Files\VIA\RAID\vialogsv.exe [2000-01-01 52888]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-03-06 520192]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-11 251248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Dulcimer · #32 Příspěvek od **Dulcimer** » 13 úno 2013 08:24

A k třetímu dotazu.
S pc nejsou již žádné viditelné problémy - běží minimálně o 30% rychleji než před našimi zásahy.
Aktualizace fungují, antivir jsem tam dal Microsoft Security Essentials.
Jediné coí nefunguje tak je brána firewall od Windowsu, ta nejde zapnout.

#33 Příspěvek od **cernohous13** » 13 úno 2013 08:44

pokračujeme:

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Search
Proběhne skenování a pak se objeví log, případně bude uložen na systémovém disku jako AdwCleaner[R?].txt, ten mi sem dej

teď ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni ComboFix zde: http://www.bleepingcomputer.com/downloa ... s/combofix
Ulož ho přejmenovaný jako "zmije.com" na plochu a spusť - pokud by nepracoval (prochází Stage 1-50) tak ho zase zhasni

a dej mi vědět.

Dulcimer · #34 Příspěvek od **Dulcimer** » 13 úno 2013 08:59

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 08:57:33
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Simona Adamcová - SIMONAPC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Simona Adamcová\Plocha\adwcleaner0.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar

***** [Registry] *****

Key Found : HKCU\Software\ICQToolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Bar] = hxxp://google.icq.com/search/search_frame.php
[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd

-\\ Opera v12.14.1738.0

File : C:\Documents and Settings\Simona Adamcová\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2001 octets] - [13/02/2013 08:57:33]

########## EOF - C:\AdwCleaner[R1].txt - [2061 octets] ##########

#35 Příspěvek od **cernohous13** » 13 úno 2013 09:12

CF ti fičí?

až dojede, tak:

Spusť znovu AdwCleaner
Klikni na Delete
bude provedena oprava, restartuje se a vypadne log (C:\AdwCleaner [S?].txt) , jeho obsah vložíš sem

Dulcimer · #36 Příspěvek od **Dulcimer** » 13 úno 2013 09:37

# AdwCleaner v2.112 - Logfile created 02/13/2013 at 09:29:12
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Simona Adamcová - SIMONAPC
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Simona Adamcová\Plocha\adwcleaner0.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\ICQ\ICQToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Prev Search Bar] = hxxp://google.icq.com/search/search_frame.php --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://www.icq.com/search/results.php?q={searc ... &ch_id=osd --> hxxp://www.google.com

-\\ Opera v12.14.1738.0

File : C:\Documents and Settings\Simona Adamcová\Data aplikací\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2130 octets] - [13/02/2013 08:57:33]
AdwCleaner[S1].txt - [2157 octets] - [13/02/2013 09:29:12]

########## EOF - C:\AdwCleaner[S1].txt - [2217 octets] ##########

Combofix ani po přejmenování nejde (stejné jako předtím).

#37 Příspěvek od **cernohous13** » 13 úno 2013 10:04

Udělej nový scan Rkill - nález sem

Dulcimer · #38 Příspěvek od **Dulcimer** » 13 úno 2013 10:26

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/13/2013 10:21:13 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\Ati2evxx.exe (PID: 752) [WD-HEUR]
* C:\WINDOWS\system32\Ati2evxx.exe (PID: 1100) [WD-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Centrum zabezpečení (wscsvc) is not Running.
Startup Type set to: Automatic

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\drivers\DMusic.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\dmusic.sys : 52 864 : 08/03/2004 11:07 PM : a6f881284ac1150e37d9ae47ff601267 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\dmusic.sys : 52 864 : 04/13/2008 08:45 PM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\dmusic.sys : 52 864 : 04/13/2008 08:45 PM : 8a208dfcf89792a484e76c40e5f50b45 [Pos Repl]

* C:\WINDOWS\System32\drivers\drmkaud.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmkaud.sys : 2 944 : 08/03/2004 11:07 PM : 1ed4dbbae9f5d558dbba4cc450e3eb2e [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmkaud.sys : 2 944 : 04/13/2008 08:45 PM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\drmkaud.sys : 2 944 : 04/13/2008 08:45 PM : 8f5fcff8e8848afac920905fbd9d33c8 [Pos Repl]

* C:\WINDOWS\System32\drivers\drmk.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\drmk.sys : 60 288 : 08/03/2004 11:08 PM : ff86422268de771d571e123eb7092c6a [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\drmk.sys : 60 160 : 04/13/2008 08:45 PM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\drmk.sys : 60 160 : 04/13/2008 08:45 PM : 6cb08593487f5701d2d2254e693eafce [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\drmk.sys : 60 288 : 08/03/2004 11:08 PM : ff86422268de771d571e123eb7092c6a [Pos Repl]

* C:\WINDOWS\System32\drivers\isapnp.sys [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\isapnp.sys : 37 248 : 04/14/2008 08:27 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\isapnp.sys : 37 248 : 04/14/2008 08:27 AM : cc9f8a2d60aed1a51a3ac34c59b987ae [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\isapnp.sys : 35 840 : 10/24/2001 11:44 AM : 1091528512e4dd7ed5fddcc4df1c53d7 [Pos Repl]

* C:\WINDOWS\System32\drivers\ks.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ks.sys : 140 928 : 08/03/2004 11:15 PM : b9540e258f952650de8dec68719a5c97 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ks.sys : 141 056 : 04/13/2008 09:16 PM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ks.sys : 141 056 : 04/13/2008 09:16 PM : 0753515f78df7f271a5e61c20bcd36a1 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\ks.sys : 140 928 : 08/03/2004 11:15 PM : b9540e258f952650de8dec68719a5c97 [Pos Repl]

* C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
+-> C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys : 72 960 : 07/06/2007 09:52 AM : d92fce6729ee150a15a7cdbc433f390e [Pos Repl]
+-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91 776 : 06/22/2009 01:30 PM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB937894$\mqac.sys : 72 960 : 08/03/2004 10:58 PM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
+-> C:\WINDOWS\$NtUninstallKB971032$\mqac.sys : 72 960 : 07/06/2007 10:05 AM : 157a32ddc6a019a4e31b19d604d2f127 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92 544 : 04/13/2008 08:39 PM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2gdr\mqac.sys : 91 776 : 06/22/2009 01:48 PM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\365e539221dfbf31f4fbd0d9768a7481\sp2qfe\mqac.sys : 91 776 : 06/22/2009 01:30 PM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\mqac.sys : 92 544 : 04/13/2008 08:39 PM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
+-> C:\WINDOWS\system32\dllcache\mqac.sys : 91 776 : 06/22/2009 01:48 PM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

* C:\WINDOWS\System32\drivers\portcls.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\portcls.sys : 145 792 : 08/03/2004 11:15 PM : 5b0f00e43a7094c0b7e433cb42c79164 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\portcls.sys : 146 048 : 04/13/2008 09:19 PM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\portcls.sys : 146 048 : 04/13/2008 09:19 PM : e82a496c3961efc6828b508c310ce98f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\portcls.sys : 145 792 : 08/03/2004 11:15 PM : 5b0f00e43a7094c0b7e433cb42c79164 [Pos Repl]

* C:\WINDOWS\System32\drivers\stream.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\stream.sys : 48 640 : 08/03/2004 11:08 PM : c43356072eb3e88cd62958db10cead47 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\stream.sys : 49 408 : 04/13/2008 08:45 PM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\stream.sys : 49 408 : 04/13/2008 08:45 PM : 3e5d89099ded9e86e5639f411693218f [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\stream.sys : 48 640 : 08/03/2004 11:08 PM : c43356072eb3e88cd62958db10cead47 [Pos Repl]

* C:\WINDOWS\System32\drivers\swmidi.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\swmidi.sys : 54 272 : 08/17/2001 10:00 PM : 94abc808fc4b6d7d2bbf42b85e25bb4d [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\swmidi.sys : 56 576 : 04/13/2008 08:45 PM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\swmidi.sys : 56 576 : 04/13/2008 08:45 PM : 8ce882bcc6cf8a62f2b2323d95cb3d01 [Pos Repl]

* C:\WINDOWS\System32\drivers\sysaudio.sys [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\sysaudio.sys : 60 800 : 08/03/2004 11:15 PM : 650ad082d46bac0e64c9c0e0928492fd [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\sysaudio.sys : 60 800 : 04/13/2008 09:15 PM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sysaudio.sys : 60 800 : 04/13/2008 09:15 PM : 8b83f3ed0f1688b4958f77cd6d2bf290 [Pos Repl]

* C:\WINDOWS\System32\drivers\usbccgp.sys [NoSig]
+-> C:\WINDOWS\ServicePackFiles\i386\usbccgp.sys : 32 128 : 04/13/2008 08:45 PM : 173f317ce0db8e21322e71b7e60a27e8 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\usbccgp.sys : 32 128 : 04/13/2008 08:45 PM : 173f317ce0db8e21322e71b7e60a27e8 [Pos Repl]

* C:\WINDOWS\System32\ksuser.dll [NoSig]
+-> C:\WINDOWS\$NtServicePackUninstall$\ksuser.dll : 4 096 : 08/17/2004 03:49 PM : fc727882241cd48e243868dd8401ab60 [Pos Repl]
+-> C:\WINDOWS\ServicePackFiles\i386\ksuser.dll : 4 096 : 04/14/2008 08:21 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
+-> C:\WINDOWS\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\ksuser.dll : 4 096 : 04/14/2008 08:21 AM : af6a4bcde2343e8562d3003a1740cc96 [Pos Repl]
+-> C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\ksuser.dll : 4 096 : 08/17/2004 03:49 PM : fc727882241cd48e243868dd8401ab60 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/13/2013 10:22:14 AM
Execution time: 0 hours(s), 1 minute(s), and 0 seconds(s)

#39 Příspěvek od **cernohous13** » 13 úno 2013 15:18

Podle kolegova návodu

vyosek píše: Stahnete Farbar Service Scanner http://download.bleepingcomputer.com/farbar/FSS.exe
Ulozte nejlepe na Plochu

U vsech polozek udelejte zatrzitko (tim je oznacite pro skenovani)

Kliknete na Scan

Po dokonceni skenu se objevi log FSS.txt ten sem vlozte

Dulcimer · #40 Příspěvek od **Dulcimer** » 13 úno 2013 15:28

Tady to je:
Farbar Service Scanner Version: 10-02-2013
Ran by Simona Adamcová (administrator) on 13-02-2013 at 15:27:48
Running from "C:\Documents and Settings\Simona Adamcová\Plocha"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2004-08-17 14:49] - [2008-04-14 04:21] - 0125952 ____A (Microsoft Corporation) 8C9A53E285AC5E6704844D0459EC85BE

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-17 14:49] - [2008-04-14 04:21] - 0045568 ____A (Microsoft Corporation) 0634B791684B84F4A331F3D3536FEEF8

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-17 14:49] - [2008-04-14 04:21] - 0329728 ____A (Microsoft Corporation) F58FACA9621D2DB01BD0927D9A0A208E

C:\WINDOWS\system32\netman.dll
[2004-08-17 14:49] - [2008-04-14 04:21] - 0198144 ____A (Microsoft Corporation) 72E1E9E2977BE08BDEEDB6D8FD9D4D40

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-04-02 15:26] - [2008-04-14 04:22] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\srsvc.dll
[2007-04-02 15:27] - [2008-04-14 04:22] - 0171008 ____A (Microsoft Corporation) 35B91147124F64AC8081A2EDB9EA4DEE

C:\WINDOWS\system32\Drivers\sr.sys
[2007-04-02 15:27] - [2008-04-14 03:41] - 0073344 ____A (Microsoft Corporation) 94610C8653635E4459316A0050D55CE7

C:\WINDOWS\system32\wscsvc.dll
[2004-08-17 14:49] - [2008-04-14 04:22] - 0080896 ____A (Microsoft Corporation) 4C86D5FAF78194995AF9CC1075F65DD3

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-04-02 15:26] - [2008-04-14 04:22] - 0144896 ____A (Microsoft Corporation) E488332126E3B1182D2B8A0C35408EC6

C:\WINDOWS\system32\wuauserv.dll
[2007-04-02 15:27] - [2008-04-14 04:22] - 0006656 ____A (Microsoft Corporation) C1364564800EE9784192145324A23308

C:\WINDOWS\system32\qmgr.dll
[2007-04-02 15:27] - [2008-04-14 04:21] - 0409088 ____A (Microsoft Corporation) 19395D092FD85DDC2D9C7729CF5A2AC8

C:\WINDOWS\system32\es.dll
[2004-08-17 14:49] - [2008-07-07 21:29] - 0253952 ____A (Microsoft Corporation) A371F11EF07653591C8DE26AFB13CE7F

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-17 14:49] - [2008-04-14 04:21] - 0062464 ____A (Microsoft Corporation) F3AB0933CBD166D271992F411C27CCAF

C:\WINDOWS\system32\svchost.exe
[2004-08-17 14:49] - [2008-04-14 04:22] - 0014336 ____A (Microsoft Corporation) BE4A520E29B6391F49E79CCC52044D93

C:\WINDOWS\system32\rpcss.dll
[2004-08-17 14:49] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation) BE27674D1CBC3214AEC84B4336A38BBF

C:\WINDOWS\system32\services.exe
[2004-08-17 14:49] - [2009-02-09 12:25] - 0111104 ____A (Microsoft Corporation) 9EF697AF07BB8DD82C3B02CA953A95B7

Extra List:
=======
AegisP(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0900000005000000010000000200000003000000040000000A000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

#41 Příspěvek od **cernohous13** » 13 úno 2013 15:42

FW ve Win XP je spíš parodie - pokud bys na něm trval, tak oprav v registru na DWORD:1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

i když je to slabá mašina, vyzkoušej Zone Alarm Nebo Comodo

zdá se, že máš čisto
a jestli už nenacházíš nic podivného, tak po sobě uklidím

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni a spusť T-cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe - uklidí po použitých čističích.
Po spuštění ignoruj případné varování antiviru - je to v pořádku
Po provedení akce T-cleaner smažeš

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

Kdyby něco z návodu nefungovalo, pokračuj dalším krokem.

Dulcimer · #42 Příspěvek od **Dulcimer** » 13 úno 2013 16:01

Ohledně vyčištění jsem vše provedl.
Ccleaner jsem na počítač už nainstaloval

Defragmentaci ještě provedu

Je to tedy vše?
Nemám dát ještě nějaký log?

#43 Příspěvek od **cernohous13** » 13 úno 2013 16:07

Řekni problém a já ti řeknu jaký log je potřeba

Dulcimer · #44 Příspěvek od **Dulcimer** » 13 úno 2013 16:20

Problém už žádný není

Mockrát děkuji za spolupráci, seš opravdový odborník

PS: Všiml jsem si, že zde na fóru je možnost naučit se odvirovávat pc, myslíš že bych to někdy v budoucnu mohl zkusit?

#45 Příspěvek od **cernohous13** » 13 úno 2013 16:26

v případě vážného zájmu prostuduj podmínky - http://forum.viry.cz/viewtopic.php?f=12&t=116819

Nemáš zač - rádo se stalo a jsme tady i příště

VIRY.CZ

Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku

Re: Prosím o preventivní prohlídku