icq problem, nejde vytvorit rsit log,grafika?

[jasmine2]

ahoj, mam 2 problemy a to:
1) spousta lidi na icq mi pise, ze mi nemuzou posilat zpravy na icq ucet a hned potom se jim z meho uctu poslou odkazy na ruzne stranky po celem svete
2)tudiz se zacinam obavat aby to nebyl nejakej vir ktery to zpusobuje. pro kontrolu jsem zde chtela udelat vypis logu rsit, ale porad mi to pise hlasku: variable used without being declared.........prosim o radu co s tim
3) muj PC mel OS vistu, nyni jsem si zakoupila windows7, nastaly komplikace jakoby s grafikou, videa delaji kosticky a dokumenty obcas takyy, jak jsem koukala na ovladace grafiky a jejich aktualizace vse by melo byt OK. jenze asi neni a ja nejsem profik abych zradu odhalila

tudiz vas zadam o pomoc s temito problemy. dekuju Vladka

ps: pro zacatek vkladam vypis malwarebytes, pote dodam rsit pokud mi poradite, jeste jednou diky
ps2: PC sem si projela Nodem 32 a vysledek negativni

[jasmine2]

negativni byl i vypis malwarebytes

[jasmine2]

ahoj,prosim podival by sae mi nekdo na muj pc? udelala jsem si jeste vypis mvaw a vysledky jsou tyto:

Objekt "Spyware.NetScreenWatch Spyware/Adware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Objekt "RegSort Corrupted Adware/Spyware" nalezen v souborovém systému! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\Windows\reset.exe je infikovaný virem Trojan.Generic.1725172 (DB) !! Provedené akce: Ponecháno, neodstraněno!.
Soubor C:\Windows\reset.exe je infikovaný virem Trojan.Generic.1725172 (DB) !! Provedené akce: Ponecháno, neodstraněno!.

[jasmine2]

tak jsem to nakonec nasla. vypis RSIT je tadyy. prosim o kontrolu

Logfile of random's system information tool 1.06 (written by random/random)
Run by Uzivatel at 2009-12-05 19:28:30
Microsoft Windows 7 Home Premium
System drive C: has 100 GB (84%) free of 120 GB
Total RAM: 3002 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:34, on 5.12.2009
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\taskhost.exe
C:\Users\Uzivatel\Desktop\RSIT.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_4810t
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programy\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [Skype] "C:\Programy\Skype\\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programy\ICQ6.5\ICQ.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{38A06E2B-CE4D-4A39-9A0D-2AB4375A285E}: NameServer = 10.0.0.1,10.0.0.10
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe

--
End of file - 8149 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2008-11-18 408952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-10 7399968]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-04-10 1833504]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-19 487424]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-01 249600]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-26 31016]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-12 186904]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1194504]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-09-04 186912]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-02-06 2021400]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-13 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-13 167424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-13 144384]
"Adobe Reader Speed Launcher"=C:\Programy\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2009-07-14 144384]
"ICQ"=C:\Programy\ICQ6.5\ICQ.exe [2009-03-01 172792]
"Skype"=C:\Programy\Skype\\Phone\Skype.exe [2009-10-09 25623336]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-13 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-26 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-12-05 15:23:40 ----AD---- C:\Windows\VDLL.DLL
2009-12-05 15:23:40 ----AD---- C:\Windows\system32\runouce.exe
2009-12-05 15:23:40 ----AD---- C:\Windows\rundll16.exe
2009-12-05 15:23:40 ----AD---- C:\Windows\RUNDL132.EXE
2009-12-05 15:23:40 ----AD---- C:\Windows\logo1_.exe
2009-12-05 15:23:40 ----AD---- C:\Windows\logo_1.exe
2009-12-05 15:20:57 ----A---- C:\Windows\system32\msvcr80.dll
2009-12-05 15:20:56 ----A---- C:\Windows\system32\msvcp80.dll
2009-12-05 15:20:55 ----A---- C:\Windows\system32\eEmpty.exe
2009-12-05 15:20:47 ----D---- C:\Program Files\Common Files\MicroWorld
2009-12-05 15:20:42 ----D---- C:\ProgramData\MicroWorld
2009-12-05 14:37:31 ----D---- C:\Program Files\CCleaner
2009-12-04 15:16:40 ----D---- C:\rsit
2009-12-04 15:16:40 ----D---- C:\Program Files\trend micro
2009-12-04 15:00:10 ----D---- C:\Users\Uzivatel\AppData\Roaming\Malwarebytes
2009-12-04 15:00:02 ----D---- C:\ProgramData\Malwarebytes
2009-12-03 13:47:24 ----A---- C:\Windows\system32\javaws.exe
2009-12-03 13:47:24 ----A---- C:\Windows\system32\javaw.exe
2009-12-03 13:47:24 ----A---- C:\Windows\system32\java.exe
2009-11-29 11:32:02 ----A---- C:\Windows\system32\deploytk.dll
2009-11-28 13:35:35 ----DC---- C:\Windows\system32\DRVSTORE
2009-11-28 12:09:19 ----D---- C:\Program Files\Java
2009-11-25 19:00:40 ----A---- C:\Windows\system32\tzres.dll
2009-11-21 12:30:25 ----D---- C:\Program Files\Common Files\Adobe
2009-11-17 21:49:35 ----D---- C:\Windows\system32\x64
2009-11-17 21:32:28 ----A---- C:\Windows\system32\msv1_0.dll
2009-11-17 21:31:35 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-11-17 21:31:31 ----A---- C:\Windows\system32\mshtml.dll
2009-11-17 21:31:08 ----A---- C:\Windows\system32\wmp.dll
2009-11-17 21:31:05 ----A---- C:\Windows\system32\CertEnroll.dll
2009-11-17 21:31:04 ----A---- C:\Windows\explorer.exe
2009-11-17 21:31:03 ----A---- C:\Windows\system32\winresume.exe
2009-11-17 21:31:03 ----A---- C:\Windows\system32\winload.exe
2009-11-17 21:31:03 ----A---- C:\Windows\system32\t2embed.dll
2009-11-17 21:31:03 ----A---- C:\Windows\system32\fontsub.dll
2009-11-17 21:31:02 ----A---- C:\Windows\system32\atmfd.dll
2009-11-17 21:30:59 ----A---- C:\Windows\system32\wmploc.DLL
2009-11-17 21:30:57 ----A---- C:\Windows\system32\msasn1.dll
2009-11-17 21:26:57 ----D---- C:\ProgramData\ESET
2009-11-17 21:26:57 ----D---- C:\Program Files\ESET
2009-11-17 18:31:52 ----D---- C:\ProgramData\OEM
2009-11-17 18:29:45 ----A---- C:\Windows\system32\HdmiCoin.dll
2009-11-17 18:28:56 ----A---- C:\Windows\system32\igfxsrvc.dll
2009-11-17 18:28:56 ----A---- C:\Windows\system32\igfxress.dll
2009-11-17 18:28:56 ----A---- C:\Windows\system32\igfxexps.dll
2009-11-17 18:28:56 ----A---- C:\Windows\system32\igdumdx32.dll
2009-11-17 18:28:56 ----A---- C:\Windows\system32\hccutils.dll
2009-11-17 18:28:55 ----A---- C:\Windows\system32\igfxdev.dll
2009-11-17 18:28:55 ----A---- C:\Windows\system32\igfxCoIn_v1808.dll
2009-11-17 18:28:54 ----A---- C:\Windows\system32\igdumd32.dll
2009-11-17 18:28:54 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-11-17 18:26:16 ----A---- C:\Windows\Setup.INI
2009-11-17 18:25:50 ----D---- C:\Program Files\Launch Manager
2009-11-17 18:22:42 ----D---- C:\Windows\Minidump
2009-11-17 18:05:31 ----SHD---- C:\Recovery
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Šablony
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Plocha
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Oblíbené položky
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Nabídka Start
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Dokumenty
2009-11-17 18:05:31 ----SHD---- C:\ProgramData\Data aplikací
2009-11-17 18:03:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-11-17 17:27:49 ----SD---- C:\Users\Uzivatel\AppData\Roaming\Microsoft
2009-11-17 17:27:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\Media Center Programs
2009-11-17 17:26:10 ----D---- C:\Windows\system32\RTCOM
2009-11-17 17:26:10 ----D---- C:\Program Files\Realtek
2009-11-17 17:26:05 ----D---- C:\Program Files\Synaptics
2009-11-17 17:23:58 ----D---- C:\Windows\Prefetch
2009-11-17 17:23:15 ----D---- C:\Windows\Panther
2009-11-17 17:12:35 ----HD---- C:\$WINDOWS.~Q
2009-11-17 17:09:52 ----HD---- C:\$INPLACE.~TR
2009-11-17 16:22:48 ----D---- C:\Windows\acerTemp
2009-11-17 16:20:34 ----D---- C:\ProgramData\InstallShield
2009-11-17 16:19:51 ----D---- C:\OEM

======List of files/folders modified in the last 1 months======

2009-12-05 19:28:33 ----D---- C:\Windows\Temp
2009-12-05 15:56:18 ----D---- C:\Windows\system32\config
2009-12-05 15:23:40 ----D---- C:\Windows\System32
2009-12-05 15:23:40 ----D---- C:\Windows
2009-12-05 15:20:47 ----D---- C:\Program Files\Common Files
2009-12-05 15:20:42 ----HD---- C:\ProgramData
2009-12-05 14:37:31 ----RD---- C:\Program Files
2009-12-05 14:25:55 ----SHD---- C:\System Volume Information
2009-12-05 01:42:18 ----D---- C:\Users\Uzivatel\AppData\Roaming\ICQ
2009-12-04 23:04:01 ----D---- C:\Users\Uzivatel\AppData\Roaming\Skype
2009-12-04 15:00:05 ----D---- C:\Windows\system32\drivers
2009-12-04 15:00:01 ----D---- C:\Programy
2009-12-03 13:47:28 ----SHD---- C:\Windows\Installer
2009-11-28 14:00:17 ----D---- C:\Windows\Tasks
2009-11-28 14:00:17 ----D---- C:\Windows\system32\wfp
2009-11-28 14:00:17 ----D---- C:\Windows\system32\DriverStore
2009-11-28 14:00:17 ----D---- C:\Windows\system32\catroot2
2009-11-28 14:00:16 ----D---- C:\Windows\inf
2009-11-28 14:00:10 ----D---- C:\Windows\system32\wbem
2009-11-28 14:00:10 ----D---- C:\Windows\registration
2009-11-28 14:00:09 ----D---- C:\Windows\system32\Tasks
2009-11-28 14:00:07 ----D---- C:\Windows\system32\catroot
2009-11-28 13:57:11 ----D---- C:\Windows\system32\LogFiles
2009-11-28 13:35:47 ----HD---- C:\Program Files\Temp
2009-11-26 00:13:37 ----D---- C:\Windows\system32\FxsTmp
2009-11-25 19:25:12 ----D---- C:\Windows\rescache
2009-11-25 19:00:51 ----D---- C:\Windows\winsxs
2009-11-25 19:00:49 ----D---- C:\Windows\system32\cs-CZ
2009-11-22 20:45:23 ----D---- C:\Windows\system32\wdi
2009-11-22 20:34:46 ----D---- C:\PerfLogs
2009-11-21 12:36:06 ----D---- C:\ProgramData\Adobe
2009-11-17 22:13:01 ----D---- C:\Windows\Microsoft.NET
2009-11-17 22:12:08 ----RSD---- C:\Windows\assembly
2009-11-17 21:46:43 ----SD---- C:\ProgramData\Microsoft
2009-11-17 21:33:14 ----D---- C:\Windows\AppPatch
2009-11-17 21:33:14 ----D---- C:\Program Files\Internet Explorer
2009-11-17 21:33:13 ----D---- C:\Windows\ehome
2009-11-17 21:33:13 ----D---- C:\Program Files\Windows Media Player
2009-11-17 21:33:12 ----D---- C:\Windows\system32\Boot
2009-11-17 18:30:14 ----D---- C:\Windows\system32\restore
2009-11-17 18:26:57 ----D---- C:\Windows\system32\zh-TW
2009-11-17 18:26:57 ----D---- C:\Windows\system32\zh-CN
2009-11-17 18:26:57 ----D---- C:\Windows\system32\sv-SE
2009-11-17 18:26:57 ----D---- C:\Windows\system32\ru-RU
2009-11-17 18:26:57 ----D---- C:\Windows\system32\pt-BR
2009-11-17 18:26:56 ----D---- C:\Windows\system32\pl-PL
2009-11-17 18:26:56 ----D---- C:\Windows\system32\nl-NL
2009-11-17 18:26:56 ----D---- C:\Windows\system32\nb-NO
2009-11-17 18:26:56 ----D---- C:\Windows\system32\ko-KR
2009-11-17 18:26:56 ----D---- C:\Windows\system32\ja-JP
2009-11-17 18:26:56 ----D---- C:\Windows\system32\it-IT
2009-11-17 18:26:56 ----D---- C:\Windows\system32\fr-FR
2009-11-17 18:26:56 ----D---- C:\Windows\system32\fi-FI
2009-11-17 18:26:56 ----D---- C:\Windows\system32\es-ES
2009-11-17 18:26:56 ----D---- C:\Windows\system32\en-US
2009-11-17 18:26:56 ----D---- C:\Windows\system32\de-DE
2009-11-17 18:26:56 ----D---- C:\Windows\system32\da-DK
2009-11-17 18:05:31 ----D---- C:\Windows\system32\Recovery
2009-11-17 18:05:31 ----D---- C:\Program Files\Windows NT
2009-11-17 17:59:45 ----D---- C:\Windows\SoftwareDistribution
2009-11-17 17:46:07 ----RSD---- C:\Windows\Media
2009-11-17 17:43:03 ----RD---- C:\Users
2009-11-17 17:42:05 ----D---- C:\Users\Uzivatel\AppData\Roaming\W Photo Studio Viewer
2009-11-17 17:42:01 ----D---- C:\Users\Uzivatel\AppData\Roaming\Nero
2009-11-17 17:42:00 ----D---- C:\Users\Uzivatel\AppData\Roaming\Mozilla
2009-11-17 17:41:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\Macromedia
2009-11-17 17:41:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\InstallShield
2009-11-17 17:41:51 ----D---- C:\Users\Uzivatel\AppData\Roaming\Identities
2009-11-17 17:41:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\GHISLER
2009-11-17 17:41:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\eSobi
2009-11-17 17:41:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\ESET
2009-11-17 17:41:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\CyberLink
2009-11-17 17:41:49 ----D---- C:\Users\Uzivatel\AppData\Roaming\Corel
2009-11-17 17:41:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\AIMP
2009-11-17 17:41:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\Adobe
2009-11-17 17:41:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\Acer GameZone Console
2009-11-17 17:41:48 ----D---- C:\Users\Uzivatel\AppData\Roaming\Acer
2009-11-17 17:33:46 ----D---- C:\Windows\system32\CodeIntegrity
2009-11-17 17:33:24 ----D---- C:\Windows\WindowsMobile
2009-11-17 17:33:24 ----D---- C:\Windows\system32\XPSViewer
2009-11-17 17:33:24 ----D---- C:\Windows\system32\sysprep
2009-11-17 17:33:16 ----D---- C:\Windows\system32\RemInst
2009-11-17 17:33:15 ----D---- C:\Windows\system32\oobe
2009-11-17 17:33:15 ----D---- C:\Windows\system32\OEM
2009-11-17 17:33:07 ----D---- C:\Windows\system32\NDF
2009-11-17 17:33:07 ----D---- C:\Windows\system32\Macromed
2009-11-17 17:33:07 ----D---- C:\Windows\system32\Lang
2009-11-17 17:33:07 ----D---- C:\Windows\system32\EventProviders
2009-11-17 17:33:05 ----D---- C:\Windows\system32\Branding
2009-11-17 17:33:05 ----D---- C:\Windows\system32\Atheros_L1e
2009-11-17 17:33:02 ----D---- C:\Windows\system
2009-11-17 17:33:02 ----D---- C:\Windows\ShellNew
2009-11-17 17:33:01 ----D---- C:\Windows\Screensavers
2009-11-17 17:33:01 ----D---- C:\Windows\nap
2009-11-17 17:32:56 ----D---- C:\Windows\Logs
2009-11-17 17:32:56 ----D---- C:\Windows\Lan
2009-11-17 17:32:53 ----D---- C:\Windows\Help
2009-11-17 17:32:51 ----RSD---- C:\Windows\Fonts
2009-11-17 17:32:42 ----D---- C:\Windows\Downloaded Program Files
2009-11-17 17:32:42 ----D---- C:\Windows\DigitalLocker
2009-11-17 17:32:42 ----D---- C:\Windows\Corel
2009-11-17 17:32:41 ----D---- C:\Windows\Boot
2009-11-17 17:32:39 ----D---- C:\ProgramData\Skype
2009-11-17 17:32:38 ----D---- C:\ProgramData\SiteAdvisor
2009-11-17 17:32:38 ----D---- C:\ProgramData\Nero
2009-11-17 17:32:35 ----D---- C:\ProgramData\Microsoft Help
2009-11-17 17:32:25 ----D---- C:\ProgramData\McAfee
2009-11-17 17:32:25 ----D---- C:\ProgramData\Google
2009-11-17 17:32:25 ----D---- C:\ProgramData\eSobi
2009-11-17 17:32:24 ----D---- C:\ProgramData\EgisTec
2009-11-17 17:32:13 ----D---- C:\Program Files\Windows Photo Gallery
2009-11-17 17:32:13 ----D---- C:\Program Files\Windows Live SkyDrive
2009-11-17 17:32:13 ----D---- C:\Program Files\Windows Live
2009-11-17 17:32:11 ----D---- C:\Program Files\Windows Collaboration
2009-11-17 17:32:11 ----D---- C:\Program Files\Windows Calendar
2009-11-17 17:32:10 ----D---- C:\Program Files\WIDCOMM
2009-11-17 17:32:07 ----D---- C:\Program Files\QS
2009-11-17 17:32:06 ----D---- C:\Program Files\NewTech Infosystems
2009-11-17 17:32:05 ----D---- C:\Program Files\Nero
2009-11-17 17:31:22 ----D---- C:\Program Files\MSECache
2009-11-17 17:31:22 ----D---- C:\Program Files\MSBuild
2009-11-17 17:31:22 ----D---- C:\Program Files\Microsoft.NET
2009-11-17 17:31:22 ----D---- C:\Program Files\Microsoft Works
2009-11-17 17:31:12 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-11-17 17:31:06 ----D---- C:\Program Files\Microsoft Visual Studio
2009-11-17 17:31:06 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2009-11-17 17:31:05 ----D---- C:\Program Files\Microsoft Office Suite Activation Assistant
2009-11-17 17:30:58 ----D---- C:\Program Files\Microsoft Office
2009-11-17 17:30:16 ----D---- C:\Program Files\Microsoft Games
2009-11-17 17:30:15 ----D---- C:\Program Files\Microsoft
2009-11-17 17:30:14 ----D---- C:\Program Files\Intel
2009-11-17 17:30:12 ----HD---- C:\Program Files\InstallShield Installation Information
2009-11-17 17:30:09 ----D---- C:\Program Files\Convesoft
2009-11-17 17:30:08 ----D---- C:\Program Files\Common Files\Windows Live
2009-11-17 17:30:08 ----D---- C:\Program Files\Common Files\Oberon Media
2009-11-17 17:30:07 ----D---- C:\Program Files\Common Files\Nero
2009-11-17 17:30:03 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-17 17:29:52 ----D---- C:\Program Files\Common Files\InstallShield
2009-11-17 17:29:51 ----D---- C:\Program Files\Common Files\DESIGNER
2009-11-17 17:29:51 ----D---- C:\Program Files\Codec Pack - All In 1
2009-11-17 17:29:50 ----D---- C:\Program Files\ASUS
2009-11-17 17:29:46 ----D---- C:\Program Files\Acer Inc
2009-11-17 17:29:46 ----D---- C:\Program Files\Acer
2009-11-17 17:26:39 ----D---- C:\Windows\debug
2009-11-17 17:23:02 ----RASH---- C:\BOOTSECT.BAK
2009-11-17 17:23:01 ----SHD---- C:\Boot
2009-11-17 17:20:41 ----SD---- C:\Windows\system32\Microsoft

[Roli]

Zdravím, princezno není dobré si sama sobě odpovídat pak není vidět zda ti již někdo pomáhá.

Pokud nedostaneš odpověď hned je třeba počkat, nejsme tady pořád a je vás dost co potřebují pomoct,

tak že buď trpělivá.

Nyní stáhni a ulož na plochu ComboFix,

spusť aplikaci pod účtem s administrátorským oprávněním a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah vlož sem.

[jasmine2]

ahoj, předem se omlouvám, chtěla jsem jen pomoci
vkladám log z comba. děkuji

ComboFix 09-12-05.03 - Uzivatel 06.12.2009 10:27.1.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3002.2265 [GMT 1:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\WLSetup
c:\programdata\Microsoft\WLSetup\Logs\2009-04-11_03-25_f5c-ut75le7t.log
c:\users\Uzivatel\AppData\Roaming\.#
c:\windows\Suyin.reg

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-06 do 2009-12-06 )))))))))))))))))))))))))))))))
.

2009-12-06 09:38 . 2009-12-06 09:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\rundll16.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo1_.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo_1.exe
2009-12-05 14:20 . 2009-12-05 14:20 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-05 14:20 . 2009-12-05 14:20 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-05 14:20 . 2009-12-05 14:20 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\programdata\MicroWorld
2009-12-05 13:37 . 2009-12-05 13:39 -------- d-----w- c:\program files\CCleaner
2009-12-04 14:16 . 2009-12-05 18:28 4096 d-----w- c:\program files\trend micro
2009-12-04 14:16 . 2009-12-05 18:28 -------- d-----w- C:\rsit
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\programdata\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 10:32 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-28 12:40 . 2009-11-28 12:40 -------- d-----w- c:\users\Uzivatel\AppData\Local\ElevatedDiagnostics
2009-11-28 12:35 . 2009-11-28 12:35 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-28 11:09 . 2009-12-03 12:47 4096 d-----w- c:\program files\Java
2009-11-25 18:00 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-21 11:30 . 2009-11-21 11:30 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-17 20:49 . 2009-11-17 20:49 -------- d-----w- c:\windows\system32\x64
2009-11-17 20:44 . 2009-11-28 12:16 -------- d-----w- c:\users\Uzivatel\AppData\Local\Diagnostics
2009-11-17 20:32 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-17 20:31 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-17 20:31 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-17 20:31 . 2009-08-03 05:35 2613248 ----a-w- c:\windows\explorer.exe
2009-11-17 20:31 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-17 20:31 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-17 20:31 . 2009-07-30 16:29 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-17 20:31 . 2009-07-30 16:27 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-17 20:31 . 2009-07-30 04:44 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-17 20:30 . 2009-08-29 06:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-17 20:30 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-17 20:26 . 2009-11-17 20:26 -------- d-----w- c:\program files\ESET
2009-11-17 17:31 . 2009-11-17 17:31 -------- d-----w- c:\programdata\OEM
2009-11-17 17:29 . 2009-05-25 20:12 122368 ----a-w- c:\windows\system32\drivers\IntcHdmi.sys
2009-11-17 17:29 . 2009-05-25 20:12 4608 ----a-w- c:\windows\system32\HdmiCoin.dll
2009-11-17 17:28 . 2009-08-13 20:41 549888 ----a-w- c:\windows\system32\igdumdx32.dll
2009-11-17 17:28 . 2009-08-13 20:15 23552 ----a-w- c:\windows\system32\igfxexps.dll
2009-11-17 17:28 . 2009-08-13 20:15 51712 ----a-w- c:\windows\system32\igfxsrvc.dll
2009-11-17 17:28 . 2009-08-13 20:15 94720 ----a-w- c:\windows\system32\hccutils.dll
2009-11-17 17:28 . 2009-08-13 20:15 5702656 ----a-w- c:\windows\system32\igfxress.dll
2009-11-17 17:28 . 2009-08-13 20:15 217088 ----a-w- c:\windows\system32\igfxdev.dll
2009-11-17 17:28 . 2009-06-03 03:19 155648 ----a-w- c:\windows\system32\igfxCoIn_v1808.dll
2009-11-17 17:28 . 2009-06-03 03:07 982220 ----a-w- c:\windows\system32\igkrng500.bin
2009-11-17 17:28 . 2009-06-03 03:07 92216 ----a-w- c:\windows\system32\igfcg500m.bin
2009-11-17 17:28 . 2009-08-13 20:47 4233728 ----a-w- c:\windows\system32\igdumd32.dll
2009-11-17 17:28 . 2009-06-03 02:15 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-17 17:28 . 2009-06-03 03:07 134592 ----a-w- c:\windows\system32\igfcg500.bin
2009-11-17 17:27 . 2009-04-07 07:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-11-17 17:25 . 2009-11-17 17:26 4096 d-----w- c:\program files\Launch Manager
2009-11-17 17:06 . 2009-11-17 17:23 120224 ----a-w- c:\users\Uzivatel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-17 17:00 . 2009-12-05 21:17 -------- d-----w- c:\windows\system32\wbem\Performance
2009-11-17 16:46 . 2009-11-17 16:46 21496 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\windows\system32\RTCOM
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Realtek
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Synaptics
2009-11-17 16:23 . 2009-11-17 17:05 8192 d-----w- c:\windows\Panther
2009-11-17 16:12 . 2009-11-17 16:47 -------- d-----w- C:\$WINDOWS.~Q
2009-11-17 16:09 . 2009-11-17 16:11 -------- d-----w- C:\$INPLACE.~TR
2009-11-17 15:22 . 2009-11-17 16:32 -------- d-----w- c:\windows\acerTemp
2009-11-17 15:20 . 2009-11-17 16:32 -------- d-----w- c:\programdata\InstallShield
2009-11-17 15:19 . 2009-11-17 22:46 -------- d-----w- C:\OEM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 21:18 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2009-12-05 21:18 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2009-12-05 00:42 . 2009-07-26 12:56 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\ICQ
2009-12-04 22:04 . 2009-07-29 14:12 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\Skype
2009-11-28 12:35 . 2009-06-12 18:24 -------- d--h--w- c:\program files\Temp
2009-11-17 17:39 . 2009-11-17 17:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Plocha
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Oblíbené položky
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Šablony
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Nabídka Start
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Dokumenty
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Data aplikací
2009-11-17 16:42 . 2009-08-23 09:15 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\W Photo Studio Viewer
2009-11-17 16:42 . 2009-07-26 15:03 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Nero
2009-11-17 16:41 . 2009-06-12 18:29 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\InstallShield
2009-11-17 16:41 . 2009-10-08 09:48 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Corel
2009-11-17 16:41 . 2009-07-26 12:24 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\GHISLER
2009-11-17 16:41 . 2009-07-25 16:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\eSobi
2009-11-17 16:41 . 2009-07-25 14:57 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\CyberLink
2009-11-17 16:41 . 2009-07-26 13:39 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\AIMP
2009-11-17 16:41 . 2009-06-12 18:39 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer
2009-11-17 16:41 . 2009-06-12 18:22 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer GameZone Console
2009-11-17 16:31 . 2009-10-07 13:37 -------- d-----w- c:\program files\MSECache
2009-11-17 16:31 . 2009-07-25 16:36 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 16:31 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2009-11-17 16:31 . 2009-04-11 01:14 24576 d-----w- c:\program files\Microsoft Works
2009-11-17 16:31 . 2009-07-25 16:32 4096 d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-17 16:31 . 2009-04-11 01:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-17 16:31 . 2009-04-11 01:11 49152 d-----w- c:\program files\Microsoft Office Suite Activation Assistant
2009-11-17 16:30 . 2009-07-14 04:52 4096 d-----w- c:\program files\Microsoft Games
2009-11-17 16:30 . 2009-04-11 01:34 -------- d-----w- c:\program files\Microsoft
2009-11-17 16:30 . 2009-03-31 23:56 -------- d-----w- c:\program files\Intel
2009-11-17 16:30 . 2009-03-31 23:56 8192 d--h--w- c:\program files\InstallShield Installation Information
2009-11-17 16:30 . 2009-06-12 18:24 -------- d-----w- c:\program files\Convesoft
2009-11-17 16:30 . 2009-04-11 01:26 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-17 16:30 . 2009-04-11 01:00 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-11-17 16:30 . 2009-07-26 14:26 4096 d-----w- c:\program files\Common Files\Nero
2009-11-17 16:29 . 2009-06-12 18:24 4096 d-----w- c:\program files\Common Files\InstallShield
2009-11-17 16:29 . 2009-07-25 16:57 4096 d-----w- c:\program files\Codec Pack - All In 1
2009-11-17 16:29 . 2009-11-04 19:28 -------- d-----w- c:\program files\ASUS
2009-11-17 16:29 . 2009-06-12 18:43 -------- d-----w- c:\program files\Acer Inc
2009-11-17 16:29 . 2009-06-12 18:37 -------- d-----w- c:\program files\Acer
2009-11-17 16:26 . 2009-11-17 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-11-17 15:23 . 2009-06-12 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-04 19:39 . 2009-11-04 19:39 515832 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-11-02 19:42 . 2009-10-02 19:07 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-10-07 19:32 . 2009-10-07 19:32 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-09-15 18:40 . 2009-09-15 18:40 6114816 ----a-w- c:\windows\system32\drivers\NETw5s32.sys
2009-09-15 18:19 . 2009-09-15 18:19 2756608 ----a-w- c:\windows\system32\NETw5r32.dll
2009-09-15 18:18 . 2009-09-15 18:18 675840 ----a-w- c:\windows\system32\NETw5c32.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\programy\ICQ6.5\ICQ.exe silent" [X]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"Skype"="c:\programy\Skype\\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-10 1833504]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-08-19 487424]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-01 249600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 186904]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-09-04 186912]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-02-06 2021400]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-13 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-13 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-13 144384]
"Adobe Reader Speed Launcher"="c:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

c:\users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"egui"="c:\programy\ESET\ESET Smart Security\egui.exe" /hide /waitservice

R1 ehdrv;ehdrv;c:\windows\System32\drivers\ehdrv.sys [6.2.2009 14:23 106208]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [24.8.2009 3:30 107016]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [6.2.2009 14:23 727720]
R2 epfwwfpr;epfwwfpr;c:\windows\System32\drivers\epfwwfpr.sys [6.2.2009 14:24 92800]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [12.6.2009 19:37 688128]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [1.4.2009 20:06 54528]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 13:11 144632]
R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [12.6.2009 19:38 125472]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [17.11.2009 18:29 122368]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\System32\drivers\L1C62x86.sys [4.9.2009 5:37 54784]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\System32\drivers\NETw5s32.sys [15.9.2009 19:40 6114816]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\System32\regedt32.exe [14.7.2009 0:15 9216]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [17.11.2009 18:27 29472]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\System32\drivers\netw5v32.sys [10.6.2009 22:18 4231168]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 13:11 50424]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - easdrv
*Deregistered* - epfw
*Deregistered* - epfwtdi
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {38A06E2B-CE4D-4A39-9A0D-2AB4375A285E} = 10.0.0.1,10.0.0.10
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zuwsmznc.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programy\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - plugin: c:\programy\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\programy\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-GridVista - c:\windows\GVUni.exe GridV.UNI
AddRemove-LManager - c:\windows\UNINST32.EXE LManager.UNI
AddRemove-{1807706b-b7ba-4171-93a2-18e67b0916f1} - c:\program files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER=9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2009-12-06 10:42
ComboFix-quarantined-files.txt 2009-12-06 09:42

Před spuštěním: Volných bajtů: 105 178 492 928
Po spuštění: Volných bajtů: 105 376 395 264

- - End Of File - - 08D935F48274C80A01745A507078D6BA

[Roli]

Tak že princezno není třeba se omlouvat, protože bys to odnesla sama když bys nedostala odpověď.

Je tu však jiný problém, máš tam CRACKED Nod a to by nešlo.

Pokud tedy chceš pokračovat odinstaluj ho včetně Eset Trial Resetu a pořiď si free antivir když za něj nechceš platit.

Do té doby

[jasmine2]

odinstalováno.
takže co ted? novy log combofïx a rsit?

[Roli]

Požádám o nový log z ComboFix.

A k těm kostičkám na monitoru se zeptám, máš správné ovladače pro grafiku ?

[jasmine2]

ahoj, pardon že píšu až teď ale dodělavala jsem nějaké seminárky do školy
ohledně té grafiky: měla jsem vistu, koupila jsem si windows 7, nainstalovala, pak jsem šla na stranky aceru a našla aktualizace pro mou grafiku a stáhla. ale od doby instalace windows 7 mi videa, občas dokumenty, stránky netu........ dělají kostičky. je tedy možné že má grafika není až tak kompatibilní s windows 7 jak slíbili výrobci ?dále mě napadá vlastně, že jak jsem stáhla ty aktualizace na grafikua ahctěla spustit, pc mi hlásil, že už tam nějaké tyto části mám, že byly v té instalaci Windows 7. dále uvádím výpis z combofixu. děkuji za kontrolu

výpis z comba:
ComboFix 09-12-05.03 - Uzivatel 11.12.2009 18:11.2.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3002.2231 [GMT 1:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-11-11 do 2009-12-11 )))))))))))))))))))))))))))))))
.

2009-12-11 17:23 . 2009-12-11 17:23 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-11 17:23 . 2009-12-11 17:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-09 17:49 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-09 17:49 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-09 17:49 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-09 17:49 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-09 17:49 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-09 17:48 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-09 17:48 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-09 17:48 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\rundll16.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo1_.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo_1.exe
2009-12-05 14:20 . 2009-12-05 14:20 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-05 14:20 . 2009-12-05 14:20 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-05 14:20 . 2009-12-05 14:20 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\programdata\MicroWorld
2009-12-05 13:37 . 2009-12-05 13:39 -------- d-----w- c:\program files\CCleaner
2009-12-04 14:16 . 2009-12-05 18:28 4096 d-----w- c:\program files\trend micro
2009-12-04 14:16 . 2009-12-05 18:28 -------- d-----w- C:\rsit
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\programdata\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 10:32 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-28 12:40 . 2009-11-28 12:40 -------- d-----w- c:\users\Uzivatel\AppData\Local\ElevatedDiagnostics
2009-11-28 12:35 . 2009-11-28 12:35 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-28 11:09 . 2009-12-03 12:47 4096 d-----w- c:\program files\Java
2009-11-25 18:00 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-21 11:30 . 2009-11-21 11:30 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-17 20:49 . 2009-11-17 20:49 -------- d-----w- c:\windows\system32\x64
2009-11-17 20:44 . 2009-11-28 12:16 -------- d-----w- c:\users\Uzivatel\AppData\Local\Diagnostics
2009-11-17 20:32 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-17 20:31 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-17 20:31 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-17 20:31 . 2009-08-03 05:35 2613248 ----a-w- c:\windows\explorer.exe
2009-11-17 20:31 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-17 20:31 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-17 20:31 . 2009-07-30 16:29 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-17 20:31 . 2009-07-30 16:27 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-17 20:31 . 2009-07-30 04:44 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-17 20:30 . 2009-08-29 06:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-17 20:30 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-17 17:31 . 2009-11-17 17:31 -------- d-----w- c:\programdata\OEM
2009-11-17 17:29 . 2009-05-25 20:12 122368 ----a-w- c:\windows\system32\drivers\IntcHdmi.sys
2009-11-17 17:29 . 2009-05-25 20:12 4608 ----a-w- c:\windows\system32\HdmiCoin.dll
2009-11-17 17:28 . 2009-08-13 20:41 549888 ----a-w- c:\windows\system32\igdumdx32.dll
2009-11-17 17:28 . 2009-08-13 20:15 23552 ----a-w- c:\windows\system32\igfxexps.dll
2009-11-17 17:28 . 2009-08-13 20:15 51712 ----a-w- c:\windows\system32\igfxsrvc.dll
2009-11-17 17:28 . 2009-08-13 20:15 94720 ----a-w- c:\windows\system32\hccutils.dll
2009-11-17 17:28 . 2009-08-13 20:15 5702656 ----a-w- c:\windows\system32\igfxress.dll
2009-11-17 17:28 . 2009-08-13 20:15 217088 ----a-w- c:\windows\system32\igfxdev.dll
2009-11-17 17:28 . 2009-06-03 03:19 155648 ----a-w- c:\windows\system32\igfxCoIn_v1808.dll
2009-11-17 17:28 . 2009-06-03 03:07 982220 ----a-w- c:\windows\system32\igkrng500.bin
2009-11-17 17:28 . 2009-06-03 03:07 92216 ----a-w- c:\windows\system32\igfcg500m.bin
2009-11-17 17:28 . 2009-08-13 20:47 4233728 ----a-w- c:\windows\system32\igdumd32.dll
2009-11-17 17:28 . 2009-06-03 02:15 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-17 17:28 . 2009-06-03 03:07 134592 ----a-w- c:\windows\system32\igfcg500.bin
2009-11-17 17:27 . 2009-04-07 07:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-11-17 17:25 . 2009-11-17 17:26 4096 d-----w- c:\program files\Launch Manager
2009-11-17 17:06 . 2009-11-17 17:23 120224 ----a-w- c:\users\Uzivatel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-17 17:00 . 2009-12-10 09:21 -------- d-----w- c:\windows\system32\wbem\Performance
2009-11-17 16:46 . 2009-11-17 16:46 21496 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\windows\system32\RTCOM
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Realtek
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Synaptics
2009-11-17 16:23 . 2009-11-17 17:05 8192 d-----w- c:\windows\Panther
2009-11-17 16:12 . 2009-11-17 16:47 -------- d-----w- C:\$WINDOWS.~Q
2009-11-17 16:09 . 2009-11-17 16:11 -------- d-----w- C:\$INPLACE.~TR
2009-11-17 15:22 . 2009-11-17 16:32 -------- d-----w- c:\windows\acerTemp
2009-11-17 15:20 . 2009-11-17 16:32 -------- d-----w- c:\programdata\InstallShield
2009-11-17 15:19 . 2009-11-17 22:46 -------- d-----w- C:\OEM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-11 12:36 . 2009-07-29 14:12 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\Skype
2009-12-10 09:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2009-12-10 09:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2009-12-05 00:42 . 2009-07-26 12:56 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\ICQ
2009-11-28 12:35 . 2009-06-12 18:24 -------- d--h--w- c:\program files\Temp
2009-11-17 17:39 . 2009-11-17 17:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Plocha
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Oblíbené položky
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Šablony
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Nabídka Start
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Dokumenty
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Data aplikací
2009-11-17 16:42 . 2009-08-23 09:15 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\W Photo Studio Viewer
2009-11-17 16:42 . 2009-07-26 15:03 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Nero
2009-11-17 16:41 . 2009-06-12 18:29 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\InstallShield
2009-11-17 16:41 . 2009-10-08 09:48 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Corel
2009-11-17 16:41 . 2009-07-26 12:24 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\GHISLER
2009-11-17 16:41 . 2009-07-25 16:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\eSobi
2009-11-17 16:41 . 2009-07-25 14:57 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\CyberLink
2009-11-17 16:41 . 2009-07-26 13:39 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\AIMP
2009-11-17 16:41 . 2009-06-12 18:39 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer
2009-11-17 16:41 . 2009-06-12 18:22 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer GameZone Console
2009-11-17 16:31 . 2009-10-07 13:37 -------- d-----w- c:\program files\MSECache
2009-11-17 16:31 . 2009-07-25 16:36 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 16:31 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2009-11-17 16:31 . 2009-04-11 01:14 24576 d-----w- c:\program files\Microsoft Works
2009-11-17 16:31 . 2009-07-25 16:32 4096 d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-17 16:31 . 2009-04-11 01:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-17 16:31 . 2009-04-11 01:11 49152 d-----w- c:\program files\Microsoft Office Suite Activation Assistant
2009-11-17 16:30 . 2009-07-14 04:52 4096 d-----w- c:\program files\Microsoft Games
2009-11-17 16:30 . 2009-04-11 01:34 -------- d-----w- c:\program files\Microsoft
2009-11-17 16:30 . 2009-03-31 23:56 -------- d-----w- c:\program files\Intel
2009-11-17 16:30 . 2009-03-31 23:56 8192 d--h--w- c:\program files\InstallShield Installation Information
2009-11-17 16:30 . 2009-06-12 18:24 -------- d-----w- c:\program files\Convesoft
2009-11-17 16:30 . 2009-04-11 01:26 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-17 16:30 . 2009-04-11 01:00 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-11-17 16:30 . 2009-07-26 14:26 4096 d-----w- c:\program files\Common Files\Nero
2009-11-17 16:29 . 2009-06-12 18:24 4096 d-----w- c:\program files\Common Files\InstallShield
2009-11-17 16:29 . 2009-07-25 16:57 4096 d-----w- c:\program files\Codec Pack - All In 1
2009-11-17 16:29 . 2009-11-04 19:28 -------- d-----w- c:\program files\ASUS
2009-11-17 16:29 . 2009-06-12 18:43 -------- d-----w- c:\program files\Acer Inc
2009-11-17 16:29 . 2009-06-12 18:37 -------- d-----w- c:\program files\Acer
2009-11-17 16:26 . 2009-11-17 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-11-17 15:23 . 2009-06-12 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-04 19:39 . 2009-11-04 19:39 515832 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-11-02 19:42 . 2009-10-02 19:07 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-09-15 18:40 . 2009-09-15 18:40 6114816 ----a-w- c:\windows\system32\drivers\NETw5s32.sys
2009-09-15 18:19 . 2009-09-15 18:19 2756608 ----a-w- c:\windows\system32\NETw5r32.dll
2009-09-15 18:18 . 2009-09-15 18:18 675840 ----a-w- c:\windows\system32\NETw5c32.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((( SnapShot@2009-12-06_09.38.41 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-13 23:42 . 2009-07-14 01:14 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.20579_none_1776fc29cc29780f\msfeedssync.exe
+ 2009-12-09 08:32 . 2009-11-19 07:08 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.20579_none_1776fc29cc29780f\msfeedsbs.dll
+ 2009-07-13 23:42 . 2009-07-14 01:14 12800 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16466_none_16f52e6cb306704f\msfeedssync.exe
+ 2009-12-09 08:32 . 2009-11-19 07:22 64512 c:\windows\winsxs\x86_microsoft-windows-ie-feedsbs_31bf3856ad364e35_8.0.7600.16466_none_16f52e6cb306704f\msfeedsbs.dll
+ 2009-12-06 15:10 . 2009-12-06 15:10 44008 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2009-11-17 17:38 . 2009-12-11 17:08 26458 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2009-12-11 17:08 36510 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-11-17 20:31 . 2009-09-05 05:56 64512 c:\windows\System32\msfeedsbs.dll
+ 2009-12-09 08:32 . 2009-11-19 07:22 64512 c:\windows\System32\msfeedsbs.dll
+ 2009-11-17 16:27 . 2009-12-11 17:08 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 16:27 . 2009-12-05 13:57 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 16:27 . 2009-12-05 13:57 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 16:27 . 2009-12-11 17:08 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:41 . 2009-12-05 13:57 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:41 . 2009-12-11 17:08 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 20:49 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 20:49 . 2009-12-06 09:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:34 . 2009-11-28 12:09 80384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-07-14 04:34 . 2009-12-09 19:32 80384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2009-11-17 20:49 . 2009-12-11 17:08 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 20:49 . 2009-12-06 09:00 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 20:49 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-17 20:49 . 2009-12-06 09:00 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 19:14 . 2009-12-06 09:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 21:02 . 2009-12-06 09:12 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 21:02 . 2009-12-11 17:09 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 21:02 . 2009-12-06 09:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-17 21:02 . 2009-12-11 17:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
+ 2009-11-17 21:02 . 2009-12-11 17:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-17 21:02 . 2009-12-06 09:12 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-17 19:14 . 2009-12-06 09:12 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-11 17:09 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 19:14 . 2009-12-06 09:00 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 17:24 . 2009-12-11 17:08 5822 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2331625064-3312407356-1933700260-1000_UserData.bin
- 2009-12-06 08:58 . 2009-12-06 08:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-11 17:06 . 2009-12-11 17:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-12-06 08:58 . 2009-12-06 08:58 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-11 17:06 . 2009-12-11 17:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-19 13:26 . 2009-12-10 21:03 205014 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:05 . 2009-12-05 21:18 607190 c:\windows\System32\perfh009.dat
+ 2009-07-14 02:05 . 2009-12-10 09:21 607190 c:\windows\System32\perfh009.dat
- 2009-07-14 02:05 . 2009-12-05 21:18 103568 c:\windows\System32\perfc009.dat
+ 2009-07-14 02:05 . 2009-12-10 09:21 103568 c:\windows\System32\perfc009.dat
+ 2009-12-09 08:32 . 2009-11-19 07:08 5959168 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.20579_none_2e6c1fbc1390ef66\mshtml.dll
+ 2009-12-09 08:32 . 2009-11-19 07:22 5958656 c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7600.16466_none_2dea51fefa6de7a6\mshtml.dll
- 2009-07-14 02:03 . 2009-12-05 14:56 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2009-12-11 11:30 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-12-09 08:32 . 2009-11-19 07:22 5958656 c:\windows\System32\mshtml.dll
- 2009-11-17 20:31 . 2009-10-19 14:10 5958656 c:\windows\System32\mshtml.dll
+ 2009-07-14 04:34 . 2009-12-09 17:48 3834150 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
- 2009-07-14 04:34 . 2009-11-26 10:07 3834150 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
+ 2009-07-14 08:40 . 2009-12-09 08:31 60771929 c:\windows\winsxs\ManifestCache\e4e8be02b8fae2a7_blobs.bin
+ 2009-12-09 17:39 . 2009-12-01 11:06 25966024 c:\windows\System32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\programy\ICQ6.5\ICQ.exe silent" [X]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"Skype"="c:\programy\Skype\\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-10 1833504]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-08-19 487424]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-01 249600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 186904]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-09-04 186912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-13 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-13 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-13 144384]
"Adobe Reader Speed Launcher"="c:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avast!"="c:\programy\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"egui"="c:\programy\ESET\ESET Smart Security\egui.exe" /hide /waitservice

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [9.12.2009 18:49 114768]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [9.12.2009 18:49 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [9.12.2009 18:48 53328]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [24.8.2009 3:30 107016]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [12.6.2009 19:37 688128]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [1.4.2009 20:06 54528]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 13:11 144632]
R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [12.6.2009 19:38 125472]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [17.11.2009 18:29 122368]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\System32\drivers\L1C62x86.sys [4.9.2009 5:37 54784]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\System32\drivers\NETw5s32.sys [15.9.2009 19:40 6114816]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\System32\regedt32.exe [14.7.2009 0:15 9216]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [17.11.2009 18:27 29472]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\System32\drivers\netw5v32.sys [10.6.2009 22:18 4231168]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 13:11 50424]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - eamon
*Deregistered* - easdrv
*Deregistered* - epfw
*Deregistered* - epfwtdi
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {38A06E2B-CE4D-4A39-9A0D-2AB4375A285E} = 10.0.0.1,10.0.0.10
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zuwsmznc.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programy\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - plugin: c:\programy\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\programy\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(2072)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\Acer\Acer PowerSmart Manager\SysHook.dll
.
Celkový čas: 2009-12-11 18:28
ComboFix-quarantined-files.txt 2009-12-11 17:28
ComboFix2.txt 2009-12-06 09:42

Před spuštěním: Volných bajtů: 102 352 224 256
Po spuštění: Volných bajtů: 102 381 424 640

- - End Of File - - D0199C5DFE798C42F324E5B09E8BAE2A

[Roli]

V pohodě princezno já mám času dost.

Nejdříve ale doladíme, proto pokud jsi tak ještě neučinila, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Folder::
c:\programy\ESET  

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"egui"=-

Driver::
.EsetTrialReset

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



po aplikaci na Tebe vypadne další log, dej ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[jasmine2]

vypis combofix new log:

ComboFix 09-12-05.03 - Uzivatel 14.12.2009 19:58.3.1 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3002.1958 [GMT 1:00]
Spuštěný z: c:\users\Uzivatel\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Uzivatel\Desktop\CFScript.txt
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programy\ESET

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-14 do 2009-12-14 )))))))))))))))))))))))))))))))
.

2009-12-14 18:59 . 2009-12-14 18:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-12-14 18:59 . 2009-12-14 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-09 17:49 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-12-09 17:49 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-12-09 17:49 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-12-09 17:49 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-12-09 17:49 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-12-09 17:48 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-12-09 17:48 . 2009-11-24 23:49 53328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2009-12-09 17:48 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\rundll16.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo1_.exe
2009-12-05 14:23 . 2009-12-05 14:23 -------- d---a-w- c:\windows\logo_1.exe
2009-12-05 14:20 . 2009-12-05 14:20 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-05 14:20 . 2009-12-05 14:20 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-05 14:20 . 2009-12-05 14:20 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-05 14:20 . 2009-12-05 14:20 -------- d-----w- c:\programdata\MicroWorld
2009-12-05 13:37 . 2009-12-05 13:39 -------- d-----w- c:\program files\CCleaner
2009-12-04 14:16 . 2009-12-05 18:28 4096 d-----w- c:\program files\trend micro
2009-12-04 14:16 . 2009-12-05 18:28 -------- d-----w- C:\rsit
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-04 14:00 . 2009-12-04 14:00 -------- d-----w- c:\programdata\Malwarebytes
2009-12-04 14:00 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-29 10:32 . 2009-10-11 03:17 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-28 12:40 . 2009-11-28 12:40 -------- d-----w- c:\users\Uzivatel\AppData\Local\ElevatedDiagnostics
2009-11-28 12:35 . 2009-11-28 12:35 -------- dc----w- c:\windows\system32\DRVSTORE
2009-11-28 11:09 . 2009-12-03 12:47 4096 d-----w- c:\program files\Java
2009-11-25 18:00 . 2009-10-29 07:22 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-21 11:30 . 2009-11-21 11:30 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-17 20:49 . 2009-11-17 20:49 -------- d-----w- c:\windows\system32\x64
2009-11-17 20:44 . 2009-11-28 12:16 -------- d-----w- c:\users\Uzivatel\AppData\Local\Diagnostics
2009-11-17 20:32 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2009-11-17 20:31 . 2009-10-02 04:06 728648 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-11-17 20:31 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2009-11-17 20:31 . 2009-08-03 05:35 2613248 ----a-w- c:\windows\explorer.exe
2009-11-17 20:31 . 2009-08-19 07:20 442920 ----a-w- c:\windows\system32\winresume.exe
2009-11-17 20:31 . 2009-08-19 07:20 507568 ----a-w- c:\windows\system32\winload.exe
2009-11-17 20:31 . 2009-07-30 16:29 108544 ----a-w- c:\windows\system32\t2embed.dll
2009-11-17 20:31 . 2009-07-30 16:27 71168 ----a-w- c:\windows\system32\fontsub.dll
2009-11-17 20:31 . 2009-07-30 04:44 293888 ----a-w- c:\windows\system32\atmfd.dll
2009-11-17 20:30 . 2009-08-29 06:54 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-17 20:30 . 2009-08-29 06:57 34816 ----a-w- c:\windows\system32\msasn1.dll
2009-11-17 17:31 . 2009-11-17 17:31 -------- d-----w- c:\programdata\OEM
2009-11-17 17:29 . 2009-05-25 20:12 122368 ----a-w- c:\windows\system32\drivers\IntcHdmi.sys
2009-11-17 17:29 . 2009-05-25 20:12 4608 ----a-w- c:\windows\system32\HdmiCoin.dll
2009-11-17 17:28 . 2009-08-13 20:41 549888 ----a-w- c:\windows\system32\igdumdx32.dll
2009-11-17 17:28 . 2009-08-13 20:15 23552 ----a-w- c:\windows\system32\igfxexps.dll
2009-11-17 17:28 . 2009-08-13 20:15 51712 ----a-w- c:\windows\system32\igfxsrvc.dll
2009-11-17 17:28 . 2009-08-13 20:15 94720 ----a-w- c:\windows\system32\hccutils.dll
2009-11-17 17:28 . 2009-08-13 20:15 5702656 ----a-w- c:\windows\system32\igfxress.dll
2009-11-17 17:28 . 2009-08-13 20:15 217088 ----a-w- c:\windows\system32\igfxdev.dll
2009-11-17 17:28 . 2009-06-03 03:19 155648 ----a-w- c:\windows\system32\igfxCoIn_v1808.dll
2009-11-17 17:28 . 2009-06-03 03:07 982220 ----a-w- c:\windows\system32\igkrng500.bin
2009-11-17 17:28 . 2009-06-03 03:07 92216 ----a-w- c:\windows\system32\igfcg500m.bin
2009-11-17 17:28 . 2009-08-13 20:47 4233728 ----a-w- c:\windows\system32\igdumd32.dll
2009-11-17 17:28 . 2009-06-03 02:15 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2009-11-17 17:28 . 2009-06-03 03:07 134592 ----a-w- c:\windows\system32\igfcg500.bin
2009-11-17 17:27 . 2009-04-07 07:32 29472 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2009-11-17 17:25 . 2009-11-17 17:26 4096 d-----w- c:\program files\Launch Manager
2009-11-17 17:06 . 2009-11-17 17:23 120224 ----a-w- c:\users\Uzivatel\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-17 17:00 . 2009-12-10 09:21 -------- d-----w- c:\windows\system32\wbem\Performance
2009-11-17 16:46 . 2009-11-17 16:46 21496 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\windows\system32\RTCOM
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Realtek
2009-11-17 16:26 . 2009-11-17 16:26 -------- d-----w- c:\program files\Synaptics
2009-11-17 16:23 . 2009-11-17 17:05 8192 d-----w- c:\windows\Panther
2009-11-17 16:12 . 2009-11-17 16:47 -------- d-----w- C:\$WINDOWS.~Q
2009-11-17 16:09 . 2009-11-17 16:11 -------- d-----w- C:\$INPLACE.~TR
2009-11-17 15:22 . 2009-11-17 16:32 -------- d-----w- c:\windows\acerTemp
2009-11-17 15:20 . 2009-11-17 16:32 -------- d-----w- c:\programdata\InstallShield
2009-11-17 15:19 . 2009-11-17 22:46 -------- d-----w- C:\OEM

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-14 19:02 . 2009-07-29 14:12 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\Skype
2009-12-14 18:18 . 2009-09-30 07:48 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\TeamViewer
2009-12-10 09:21 . 2009-07-14 08:44 622660 ----a-w- c:\windows\system32\perfh005.dat
2009-12-10 09:21 . 2009-07-14 08:44 118810 ----a-w- c:\windows\system32\perfc005.dat
2009-12-05 00:42 . 2009-07-26 12:56 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\ICQ
2009-11-28 12:35 . 2009-06-12 18:24 -------- d--h--w- c:\program files\Temp
2009-11-17 17:39 . 2009-11-17 17:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Plocha
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Oblíbené položky
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Šablony
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Nabídka Start
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Dokumenty
2009-11-17 17:05 . 2009-11-17 17:05 -------- d-sh--we c:\programdata\Data aplikací
2009-11-17 16:42 . 2009-08-23 09:15 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\W Photo Studio Viewer
2009-11-17 16:42 . 2009-07-26 15:03 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Nero
2009-11-17 16:41 . 2009-06-12 18:29 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\InstallShield
2009-11-17 16:41 . 2009-10-08 09:48 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Corel
2009-11-17 16:41 . 2009-07-26 12:24 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\GHISLER
2009-11-17 16:41 . 2009-07-25 16:09 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\eSobi
2009-11-17 16:41 . 2009-07-25 14:57 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\CyberLink
2009-11-17 16:41 . 2009-07-26 13:39 4096 d-----w- c:\users\Uzivatel\AppData\Roaming\AIMP
2009-11-17 16:41 . 2009-06-12 18:39 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer
2009-11-17 16:41 . 2009-06-12 18:22 -------- d-----w- c:\users\Uzivatel\AppData\Roaming\Acer GameZone Console
2009-11-17 16:31 . 2009-10-07 13:37 -------- d-----w- c:\program files\MSECache
2009-11-17 16:31 . 2009-07-25 16:36 -------- d-----w- c:\program files\Microsoft.NET
2009-11-17 16:31 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2009-11-17 16:31 . 2009-04-11 01:14 24576 d-----w- c:\program files\Microsoft Works
2009-11-17 16:31 . 2009-07-25 16:32 4096 d-----w- c:\program files\Microsoft Visual Studio 8
2009-11-17 16:31 . 2009-04-11 01:38 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-11-17 16:31 . 2009-04-11 01:11 49152 d-----w- c:\program files\Microsoft Office Suite Activation Assistant
2009-11-17 16:30 . 2009-07-14 04:52 4096 d-----w- c:\program files\Microsoft Games
2009-11-17 16:30 . 2009-04-11 01:34 -------- d-----w- c:\program files\Microsoft
2009-11-17 16:30 . 2009-03-31 23:56 -------- d-----w- c:\program files\Intel
2009-11-17 16:30 . 2009-03-31 23:56 8192 d--h--w- c:\program files\InstallShield Installation Information
2009-11-17 16:30 . 2009-06-12 18:24 -------- d-----w- c:\program files\Convesoft
2009-11-17 16:30 . 2009-04-11 01:26 -------- d-----w- c:\program files\Common Files\Windows Live
2009-11-17 16:30 . 2009-04-11 01:00 -------- d-----w- c:\program files\Common Files\Oberon Media
2009-11-17 16:30 . 2009-07-26 14:26 4096 d-----w- c:\program files\Common Files\Nero
2009-11-17 16:29 . 2009-06-12 18:24 4096 d-----w- c:\program files\Common Files\InstallShield
2009-11-17 16:29 . 2009-07-25 16:57 4096 d-----w- c:\program files\Codec Pack - All In 1
2009-11-17 16:29 . 2009-11-04 19:28 -------- d-----w- c:\program files\ASUS
2009-11-17 16:29 . 2009-06-12 18:43 -------- d-----w- c:\program files\Acer Inc
2009-11-17 16:29 . 2009-06-12 18:37 -------- d-----w- c:\program files\Acer
2009-11-17 16:26 . 2009-11-17 16:26 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_SynTP_01007.Wdf
2009-11-17 15:23 . 2009-06-12 18:24 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-04 19:39 . 2009-11-04 19:39 515832 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-11-02 19:42 . 2009-10-02 19:07 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((( SnapShot_2009-12-11_17.23.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-11-17 17:38 . 2009-12-14 10:57 26806 c:\windows\System32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:55 . 2009-12-14 17:13 36702 c:\windows\System32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2009-11-17 16:27 . 2009-12-11 17:08 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-17 16:27 . 2009-12-14 18:41 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-17 16:27 . 2009-12-14 18:41 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 16:27 . 2009-12-11 17:08 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:41 . 2009-12-14 18:41 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:41 . 2009-12-11 17:08 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 20:49 . 2009-12-14 17:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 20:49 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-17 20:49 . 2009-12-14 17:11 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 20:49 . 2009-12-11 17:08 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-17 20:49 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 20:49 . 2009-12-14 17:11 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-14 17:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 19:14 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-11-17 21:02 . 2009-12-11 17:09 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 21:02 . 2009-12-14 18:07 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 21:02 . 2009-12-14 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
- 2009-11-17 21:02 . 2009-12-11 17:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\History\History.IE5\index.dat
- 2009-11-17 21:02 . 2009-12-11 17:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
+ 2009-11-17 21:02 . 2009-12-14 18:07 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Temp\Cookies\index.dat
- 2009-11-17 19:14 . 2009-12-11 17:09 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-14 18:07 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-17 19:14 . 2009-12-14 17:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-17 19:14 . 2009-12-11 17:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-11-17 17:24 . 2009-12-14 17:13 6152 c:\windows\System32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2331625064-3312407356-1933700260-1000_UserData.bin
- 2009-12-11 17:06 . 2009-12-11 17:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-12-14 17:11 . 2009-12-14 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-12-11 17:06 . 2009-12-11 17:06 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-12-14 17:11 . 2009-12-14 17:11 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-11-19 13:26 . 2009-12-14 16:59 206630 c:\windows\System32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:03 . 2009-12-11 11:30 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
+ 2009-07-14 02:03 . 2009-12-14 08:20 6815744 c:\windows\System32\SMI\Store\Machine\schema.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ICQ"="c:\programy\ICQ6.5\ICQ.exe silent" [X]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"Skype"="c:\programy\Skype\Phone\Skype.exe" [2009-10-09 25623336]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-02-06 1430824]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-04-10 7399968]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-04-10 1833504]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2009-08-19 487424]
"BackupManagerTray"="c:\program files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2009-04-01 249600]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-02-12 186904]
"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2009-09-04 186912]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-13 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-13 167424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-13 144384]
"Adobe Reader Speed Launcher"="c:\programy\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"avast!"="c:\programy\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]

c:\users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-17 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [9.12.2009 18:49 114768]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\System32\drivers\vwififlt.sys [14.7.2009 0:52 48128]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [9.12.2009 18:49 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [9.12.2009 18:48 53328]
R2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [24.8.2009 3:30 107016]
R2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [12.6.2009 19:37 688128]
R2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [1.4.2009 20:06 54528]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [23.9.2008 13:11 144632]
R2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [12.6.2009 19:38 125472]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\System32\drivers\IntcHdmi.sys [17.11.2009 18:29 122368]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20);c:\windows\System32\drivers\L1C62x86.sys [4.9.2009 5:37 54784]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\System32\drivers\NETw5s32.sys [15.9.2009 19:40 6114816]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\System32\regedt32.exe [14.7.2009 0:15 9216]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [17.11.2009 18:27 29472]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\System32\drivers\netw5v32.sys [10.6.2009 22:18 4231168]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [23.9.2008 13:11 50424]

--- Ostatní služby/ovladače v paměti ---

*Deregistered* - eamon
*Deregistered* - easdrv
*Deregistered* - epfw
*Deregistered* - epfwtdi
.
------- Doplňkový sken -------
.
uStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0509&m=aspire_4810t
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {38A06E2B-CE4D-4A39-9A0D-2AB4375A285E} = 10.0.0.1,10.0.0.10
FF - ProfilePath - c:\users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\zuwsmznc.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programy\Adobe\Reader 9.0\Reader\browser\nppdf32.dll
FF - plugin: c:\programy\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\programy\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\programy\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(5340)
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\Acer\Acer PowerSmart Manager\SysHook.dll
.
Celkový čas: 2009-12-14 20:05
ComboFix-quarantined-files.txt 2009-12-14 19:05
ComboFix2.txt 2009-12-06 09:42

Před spuštěním: Volných bajtů: 102 162 911 232
Po spuštění: Volných bajtů: 102 130 532 352

- - End Of File - - 6E736A43BE0987E10132B6A241B5C5FD

[Roli]

Jelikož se nám nesmazal ten crack tak si ještě jednou otevři Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

Driver::  
EsetTrialReset

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



po aplikaci na Tebe vypadne další log, dej ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[jasmine2]

ahoj, jiz minule pri presouvani souboru v pozn. bloku mi zmizla ikona combofixu. nyní jsem chtela nekolikrát udelat vypis z combofixu, chtela ho stahnout ale vsechny odkazy mi pisou ze je tento program nedostupny. nevite cim to je nebo co se deje? dale mi zacinaji blbnout dalsi veci, jako mizi smajliky z icq, pred chvili se mi zmenila plocha, po obnove systemu se vratila........ dekuju

[Roli]

No ComboFix je momentálně nedostupný.

Tak že ještě spusť skener Cure It podle TOHOTO návodu

po skončení skenu chci sem výsledky (upozornění je úchylně pomalý a je zapotřebí ho sledovat občas se na něco ptá)