pocatac se zblaznil -velky download dat

[kaculdac]

prosim o pomoc a kontrolu logu. mam mobilni internet (pres dongel) a najednou mi na statistice pise, ze je download 10.94MB ja nic nestahuji a jedine co mam otevrene je viry.cz za par minut co jsem online mi dowload statistika poskocila o 100MB... to musi prestat

dekuji za pomoc

Logfile of random's system information tool 1.06 (written by random/random)
Run by Kaculdac at 2010-01-07 22:08:38
Microsoft® Windows Vista™ Home Premium
System drive C: has 42 GB (14%) free of 292 GB
Total RAM: 1917 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:08:51, on 07/01/2010
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Orange Mobile Partner\Orange Mobile Partner.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Kaculdac\Desktop\Anti-virus\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kaculdac.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1080123
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1080123
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CA7C8EB7-7AC1-40B9-AF40-8D4C91182463}: NameServer = 193.36.79.100 193.36.79.101
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATI WebPAM (ATIWebPAM) - Unknown owner - C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12189 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{377C180E-6F0E-4D4C-980F-F45BD3D40CF4}]
McAfee Phishing Filter - C:\Program Files\McAfee\MSK\mcapbho.dll [2007-07-27 324936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - c:\Program Files\Java\jre1.6.0\bin\ssv.dll [2008-01-22 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2007-07-24 66880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-18 263280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-12-18 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-18 263280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-23 1006264]
"Windows Mobile Device Center"=C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]
"DELL Webcam Manager"=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-12-12 3444736]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-08-03 582992]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2007-09-04 54576]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-24 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2007-09-04 95536]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-22 68856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe [2009-02-03 240544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
C:\Program Files\DellTPad\Apoint.exe [2007-09-24 159744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-20 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2006-10-03 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEM02Mon.exe]
C:\Windows\OEM02Mon.exe [2007-12-03 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-11-01 189736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2006-11-05 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-07 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
C:\PROGRA~1\DIGITA~1\DLG.exe [2006-11-03 50688]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

C:\Users\Kaculdac\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e0e6af2-7244-11de-a331-001dd9e57b5d}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9e0e6b17-7244-11de-a331-001dd9e57b5d}]
shell\AutoRun\command - G:\AutoRun.exe


======List of files/folders created in the last 1 months======

2010-01-06 20:58:58 ----A---- C:\Windows\system32\msonpmon.dll
2010-01-06 20:57:41 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-06 20:56:49 ----D---- C:\Program Files\Microsoft.NET
2010-01-06 20:53:34 ----D---- C:\ProgramData\Microsoft Help
2010-01-06 20:52:58 ----RHD---- C:\MSOCache
2009-12-23 15:27:34 ----D---- C:\rsit
2009-12-23 08:45:22 ----D---- C:\Program Files\CCleaner
2009-12-23 08:27:16 ----D---- C:\Users\Kaculdac\AppData\Roaming\Malwarebytes
2009-12-23 08:27:07 ----D---- C:\ProgramData\Malwarebytes
2009-12-23 08:27:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-22 22:25:03 ----D---- C:\Program Files\Trend Micro
2009-12-22 20:40:59 ----A---- C:\Windows\system32\aswBoot.exe
2009-12-22 20:40:54 ----D---- C:\Program Files\Alwil Software
2009-12-11 16:58:20 ----A---- C:\Windows\system32\nshhttp.dll
2009-12-11 16:57:55 ----A---- C:\Windows\system32\httpapi.dll
2009-12-10 10:04:49 ----A---- C:\Windows\system32\mshtml.dll
2009-12-10 10:04:48 ----A---- C:\Windows\system32\wininet.dll
2009-12-10 10:04:47 ----A---- C:\Windows\system32\urlmon.dll
2009-12-10 10:04:46 ----A---- C:\Windows\system32\ieframe.dll
2009-12-10 10:04:45 ----A---- C:\Windows\system32\mstime.dll
2009-12-10 10:04:44 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-10 10:04:42 ----A---- C:\Windows\system32\iertutil.dll
2009-12-10 10:04:42 ----A---- C:\Windows\system32\iedkcs32.dll
2009-12-10 10:04:42 ----A---- C:\Windows\system32\dxtmsft.dll
2009-12-10 10:04:41 ----A---- C:\Windows\system32\occache.dll
2009-12-10 10:04:41 ----A---- C:\Windows\system32\msfeeds.dll
2009-12-10 10:04:40 ----A---- C:\Windows\system32\ieaksie.dll
2009-12-10 10:04:39 ----A---- C:\Windows\system32\mshtmled.dll
2009-12-10 10:04:39 ----A---- C:\Windows\system32\icardie.dll
2009-12-10 10:04:39 ----A---- C:\Windows\system32\dxtrans.dll
2009-12-10 10:04:37 ----A---- C:\Windows\system32\ieencode.dll
2009-12-10 10:04:36 ----A---- C:\Windows\system32\jsproxy.dll
2009-12-10 10:04:36 ----A---- C:\Windows\system32\advpack.dll
2009-12-10 10:04:36 ----A---- C:\Windows\system32\admparse.dll
2009-12-10 10:04:34 ----A---- C:\Windows\system32\ieui.dll
2009-12-10 10:04:33 ----A---- C:\Windows\system32\pngfilt.dll
2009-12-10 10:04:33 ----A---- C:\Windows\system32\ieUnatt.exe
2009-12-10 10:04:33 ----A---- C:\Windows\system32\iesetup.dll
2009-12-10 10:04:33 ----A---- C:\Windows\system32\iernonce.dll
2009-12-10 10:04:33 ----A---- C:\Windows\system32\ie4uinit.exe
2009-12-10 10:04:28 ----A---- C:\Windows\system32\mshtmler.dll
2009-12-10 10:04:28 ----A---- C:\Windows\system32\ieakui.dll
2009-12-10 09:55:34 ----A---- C:\Windows\system32\winhttp.dll
2009-12-10 09:45:22 ----A---- C:\Windows\system32\rastls.dll
2009-12-10 09:45:22 ----A---- C:\Windows\system32\raschap.dll

======List of files/folders modified in the last 1 months======

2010-01-07 22:08:51 ----D---- C:\Windows\Prefetch
2010-01-07 22:08:40 ----D---- C:\Windows\Temp
2010-01-07 21:37:42 ----SHD---- C:\System Volume Information
2010-01-07 21:32:18 ----SHD---- C:\Windows\Installer
2010-01-07 21:28:57 ----RSD---- C:\Windows\assembly
2010-01-07 21:25:46 ----D---- C:\Windows\System32
2010-01-07 21:25:46 ----D---- C:\Windows\inf
2010-01-07 21:25:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-01-07 21:19:41 ----A---- C:\Windows\system32\NapaSet.txt
2010-01-06 21:52:40 ----SD---- C:\Users\Kaculdac\AppData\Roaming\Microsoft
2010-01-06 20:58:15 ----D---- C:\Program Files\Microsoft Works
2010-01-06 20:58:08 ----D---- C:\Program Files\Common Files\microsoft shared
2010-01-06 20:57:46 ----D---- C:\Program Files\Microsoft Office
2010-01-06 20:57:41 ----D---- C:\Program Files\Common Files
2010-01-06 20:57:12 ----RSD---- C:\Windows\Fonts
2010-01-06 20:56:49 ----SD---- C:\ProgramData\Microsoft
2010-01-06 20:56:49 ----RD---- C:\Program Files
2010-01-06 20:54:45 ----D---- C:\Windows\ShellNew
2010-01-06 20:53:34 ----HD---- C:\ProgramData
2009-12-31 23:33:20 ----D---- C:\Users\Kaculdac\AppData\Roaming\ICQ
2009-12-29 15:27:51 ----D---- C:\Program Files\DivX
2009-12-29 15:27:09 ----D---- C:\Program Files\Common Files\DivX Shared
2009-12-29 15:27:06 ----D---- C:\Windows\winsxs
2009-12-27 20:52:33 ----D---- C:\Windows\system32\catroot2
2009-12-23 13:34:32 ----D---- C:\Windows
2009-12-23 08:46:42 ----D---- C:\Windows\Debug
2009-12-23 08:27:09 ----D---- C:\Windows\system32\drivers
2009-12-13 21:22:17 ----D---- C:\Users\Kaculdac\AppData\Roaming\Skype
2009-12-13 16:31:48 ----D---- C:\Users\Kaculdac\AppData\Roaming\skypePM
2009-12-11 16:59:09 ----D---- C:\Windows\system32\catroot
2009-12-11 15:22:00 ----D---- C:\Windows\system32\migration
2009-12-11 15:22:00 ----D---- C:\Program Files\Internet Explorer
2009-12-11 15:21:57 ----D---- C:\Windows\system32\en-US
2009-12-11 15:21:57 ----D---- C:\Windows\AppPatch
2009-12-11 15:21:57 ----D---- C:\Program Files\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-24 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-24 48560]
R1 mfehidk;McAfee Inc.; C:\Windows\system32\drivers\mfehidk.sys [2007-07-21 201288]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2007-07-13 125728]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-15 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-15 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-15 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-09-24 155136]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-03 3155456]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-12 1044984]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-23 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2008-08-08 101632]
R3 mfeavfk;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk.sys [2007-07-24 79304]
R3 mfebopk;McAfee Inc.; C:\Windows\system32\drivers\mfebopk.sys [2007-07-21 35240]
R3 mfesmfk;McAfee Inc.; C:\Windows\system32\drivers\mfesmfk.sys [2007-07-21 40488]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-12-03 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-12-03 7424]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-23 82432]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-07 330240]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-23 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-29 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-07 78128]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 mferkdk;McAfee Inc.; C:\Windows\system32\drivers\mferkdk.sys [2007-07-24 33800]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2007-12-03 3155456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2005-08-30 8336]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2005-08-30 94000]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7; C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 163840]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-24 18752]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2007-12-03 610304]
R2 ATIWebPAM;ATI WebPAM; C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe [2003-09-29 110592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-24 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-01-09 767976]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-01-25 2458128]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2007-07-16 359248]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2007-07-24 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2007-07-18 856864]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2007-07-27 23880]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-07 102400]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-12 24064]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-24 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-24 352920]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2007-07-25 695624]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-12 651720]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-20 29744]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-27 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2007-07-25 378184]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------

[motji]

Dobre ranko

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, skopírujte celý jeho obsah sem

[kaculdac]

vsimla jsem si ze mnozstvi dat vylitne po hrani farmville na facebuku. ale i bez toho to nahodne vylitne, chvili se drzi a pak se zase sklidni na normalni hodnotu... Dnes jsem se take snazila prihlasit na mejl na hotmailu, nechalo me to prihlasit a pak se nic nezobrazilo - pomuze s tim ten combofix nebo je problem trosku jinde. jen se bojim abych to tu v kompu vic nerozkopala....
dekuji

[motji]

Jestli se combofixu tak bojíte, pujdeme na to jinak

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users , File Scan,
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
%SYSTEMDRIVE%\*.exe
%SYSTEMDRIVE%\eventlog.dll /s /md5
%SYSTEMDRIVE%\scecli.dll /s /md5
%SYSTEMDRIVE%\netlogon.dll /s /md5
%SYSTEMDRIVE%\cngaudit.dll /s /md5
%SYSTEMDRIVE%\sceclt.dll /s /md5
%SYSTEMDRIVE%\ntelogon.dll /s /md5
%SYSTEMDRIVE%\logevent.dll /s /md5
%SYSTEMDRIVE%\iaStor.sys /s /md5
%SYSTEMDRIVE%\nvstor.sys /s /md5
%SYSTEMDRIVE%\atapi.sys /s /md5
%SYSTEMDRIVE%\IdeChnDr.sys /s /md5
%SYSTEMDRIVE%\viasraid.sys /s /md5
%SYSTEMDRIVE%\AGP440.sys /s /md5
%SYSTEMDRIVE%\vaxscsi.sys /s /md5
%SYSTEMDRIVE%\nvatabus.sys /s /md5
%SYSTEMDRIVE%\viamraid.sys /s /md5
%SYSTEMDRIVE%\nvata.sys /s /md5
CREATERESTOREPOINT

-klikněte na tlačítko Run scan.
-proběhne sken a objeví se dva logy, obsah obou vložte zde

Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu provedete druhý sken a log sem také vložíte.


Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[kaculdac]

behem provadeni vsech tech doporucenych testu naskocila modra obrazovka - ze fatal error a dumping physical memory - vic sem nestihla, pocitac se restartoval - co se proboha deje??

[motji]

Můžete se prosím podívat, jestli se Vám vytvořila tato složka -C:\Windows\Minidump a máte v ní něco?

[kaculdac]

jedine co se pote objevilo bylo desktop.ini s timto textem

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799

[kaculdac]

tady je gem log

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-01-09 21:55:08
Windows 6.0.6000
Running: gmer.exe; Driver: C:\Users\Kaculdac\AppData\Local\Temp\uxrdqpob.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0x8CC2E98E]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0x8CC2E928]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0x8CC2E93C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8CC2E9CC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0x8CC2EA0F]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0x8CC2E9A2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0x8CC2EA37]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0x8CC2EA23]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0x8CC2E97A]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x8CC2E966]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8CC2E9FB]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8CC2E9E2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0x8CC2E9B8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateUserProcess [0x8CC2E952]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

---- EOF - GMER 1.0.15 ----

[kaculdac]

tady je MBAM

Malwarebytes' Anti-Malware 1.42
Database version: 3414
Windows 6.0.6000
Internet Explorer 7.0.6000.16945

10/01/2010 01:07:23
mbam-log-2010-01-10 (01-07-16).txt

Scan type: Full Scan (C:\|D:\|E:\|G:\|)
Objects scanned: 255329
Time elapsed: 2 hour(s), 3 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> No action taken.

[kaculdac]

OTL log mi nejde vlozit - prilis mnoho charakteru

nejde mi ani vlozit do prilohy - .txt neni dovolen

co ted?

[motji]

Dejte soubor otestovat na http://www.virustotal.com

C:\Program Files\Windows Live\Messenger\msimg32.dll
C:\Program Files\Windows Live\Messenger\riched20.dll

Do okénka zkopírujte cestu k souboru , pokud napíše, že soubor byl už testován, dejte otestovat znovu.
Sem vložte link s výsledky.

Log z Otm rozdělte do více příspěvků

Při kterém programu se objevila ta modrá obrazovka?

[kaculdac]

modra obrazovka myslim byla po spusteni gem

tady je vysledek prvniho souboru

File msimg32.dll received on 2010.01.10 21:22:35 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Result: 13/40 (32.5%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 46 and 66 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:


Antivirus Version Last Update Result
a-squared 4.5.0.48 2010.01.10 -
AhnLab-V3 5.0.0.2 2010.01.10 -
AntiVir 7.9.1.134 2010.01.10 -
Antiy-AVL 2.0.3.7 2010.01.08 AdTool/Win32.MyWebSearch.gen
Authentium 5.2.0.5 2010.01.10 W32/Adware.ABWR
Avast 4.8.1351.0 2010.01.10 -
AVG 8.5.0.430 2010.01.04 -
BitDefender 7.2 2010.01.10 -
CAT-QuickHeal 10.00 2010.01.09 -
ClamAV 0.94.1 2010.01.09 -
Comodo 3537 2010.01.10 ApplicUnwnt.Win32.AdTool.MyWebSearch.cv
DrWeb 5.0.1.12222 2010.01.10 Adware.MyWebSearch.6
eSafe 7.0.17.0 2010.01.10 -
eTrust-Vet 35.2.7226 2010.01.08 -
F-Prot 4.5.1.85 2010.01.10 W32/Adware.ABWR
F-Secure 9.0.15370.0 2010.01.10 -
Fortinet 4.0.14.0 2010.01.09 Adware/MyWebSearch
GData 19 2010.01.10 -
Ikarus T3.1.1.80.0 2010.01.10 -
Jiangmin 13.0.900 2010.01.10 -
K7AntiVirus 7.10.943 2010.01.09 Non-Virus:
Kaspersky 7.0.0.125 2010.01.10 -
McAfee 5857 2010.01.10 potentially unwanted program MWS
McAfee+Artemis 5857 2010.01.10 potentially unwanted program MWS
McAfee-GW-Edition 6.8.5 2010.01.10 -
Microsoft 1.5302 2010.01.10 -
NOD32 4759 2010.01.10 Win32/Toolbar.MyWebSearch
Norman 6.04.03 2010.01.10 -
nProtect 2009.1.8.0 2010.01.10 -
Panda 10.0.2.2 2010.01.10 -
PCTools 7.0.3.5 2010.01.10 -
Rising 22.29.06.04 2010.01.10 -
Sophos 4.49.0 2010.01.10 -
Sunbelt 3.2.1858.2 2010.01.10 -
Symantec 20091.2.0.41 2010.01.10 -
TheHacker 6.5.0.3.145 2010.01.10 Aplicacion/MyWebSearch.cv
TrendMicro 9.120.0.1004 2010.01.10 -
VBA32 3.12.12.1 2010.01.09 -
ViRobot 2010.1.8.2128 2010.01.08 Adware.MyWebSearch.28672
VirusBuster 5.0.21.0 2010.01.10 Adware.Agent.IOLL
Additional information
File size: 28672 bytes
MD5...: 1375586480385cfdd91a0f27b2e28f3e
SHA1..: 511defd57d3b3d083697039b7cab9d1fff1f3c72
SHA256: 36f6ecf4ceee2a36cdba179cddad42e8dbaae8d8346c87e66222324ea2f1708a
ssdeep: 192:IlEyEE7ghocm4eaY5MHXBZam9tUV0nHU01E2ycoe:4Io6eL5MLam9tUkU+zy
Je

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1260
timedatestamp.....: 0x481f3128 (Mon May 05 16:09:12 2008)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x11a0 0x2000 4.02 27b2399656dbd4995de7c12e68a97297
.rdata 0x3000 0x409 0x1000 1.72 9fbd3a37929ee8f4d3df722831bcdd23
.data 0x4000 0x3ee 0x1000 1.31 d5d7b3525616aa8009e61dc9bbe18ad9
.rsrc 0x5000 0x3b0 0x1000 0.98 54ff2dc8f33c483c8001be36ee7ccf40
.reloc 0x6000 0x27a 0x1000 1.20 e2b9ad57d39a28398b2ff690aed03f47

( 2 imports )
> KERNEL32.dll: InitializeCriticalSection, DeleteCriticalSection, HeapAlloc, GetProcessHeap, HeapReAlloc, HeapFree, LeaveCriticalSection, VirtualQuery, LoadLibraryExA, GetSystemDirectoryA, GetProcAddress, lstrcatA, GetModuleFileNameA, VirtualProtect, GetModuleHandleA, lstrcmpiA, IsBadReadPtr, GetVersionExA, lstrlenA, EnterCriticalSection, lstrcpyA
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA

( 5 exports )
AlphaBlend, DllInitialize, GradientFill, TransparentBlt, vSetDdrawflag

RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win64 Executable Generic (80.9%)
Win32 Executable Generic (8.0%)
Win32 Dynamic Link Library (generic) (7.1%)
Generic Win/DOS Executable (1.8%)
DOS Executable Generic (1.8%)
sigcheck:
publisher....: FunWebProducts.com
copyright....: Copyright (c) 2006, 2007, 2008
product......: Smiley Central
description..: Smiley Central MSN and IE GDI Ext DLL
original name: f3IMStub.dll
internal name: f3IMStub
file version.: 1, 0, 0, 6
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

[kaculdac]

tady vysledek druheho souboru

File riched20.dll_ received on 2010.01.10 21:30:34 (UTC)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Result: 14/41 (34.15%)
Loading server information...
Your file is queued in position: ___.
Estimated start time is between ___ and ___ .
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:


Antivirus Version Last Update Result
a-squared 4.5.0.48 2010.01.10 Adware.Win32.MyWebSearch!A2
AhnLab-V3 5.0.0.2 2010.01.10 -
AntiVir 7.9.1.134 2010.01.10 -
Antiy-AVL 2.0.3.7 2010.01.08 AdTool/Win32.MyWebSearch.gen
Authentium 5.2.0.5 2010.01.10 W32/Adware.ABWS
Avast 4.8.1351.0 2010.01.10 -
AVG 8.5.0.430 2010.01.04 -
BitDefender 7.2 2010.01.10 -
CAT-QuickHeal 10.00 2010.01.09 -
ClamAV 0.94.1 2010.01.09 -
Comodo 3537 2010.01.10 ApplicUnwnt.Win32.Toolbar.MyWebSearch
DrWeb 5.0.1.12222 2010.01.10 Adware.MyWebSearch.8
eSafe 7.0.17.0 2010.01.10 -
eTrust-Vet 35.2.7226 2010.01.08 -
F-Prot 4.5.1.85 2010.01.10 W32/Adware.ABWS
F-Secure 9.0.15370.0 2010.01.10 -
Fortinet 4.0.14.0 2010.01.09 Adware/MyWebSearch
GData 19 2010.01.10 -
Ikarus T3.1.1.80.0 2010.01.10 -
Jiangmin 13.0.900 2010.01.10 -
K7AntiVirus 7.10.943 2010.01.09 Trojan.Win32.Malware.1
Kaspersky 7.0.0.125 2010.01.10 -
McAfee 5857 2010.01.10 -
McAfee+Artemis 5857 2010.01.10 -
McAfee-GW-Edition 6.8.5 2010.01.10 -
Microsoft 1.5302 2010.01.10 -
NOD32 4759 2010.01.10 Win32/Toolbar.MyWebSearch
Norman 6.04.03 2010.01.10 W32/Mywebsearch.KK
nProtect 2009.1.8.0 2010.01.10 -
Panda 10.0.2.2 2010.01.10 -
PCTools 7.0.3.5 2010.01.10 -
Prevx 3.0 2010.01.10 Medium Risk Malware
Rising 22.29.06.04 2010.01.10 -
Sophos 4.49.0 2010.01.10 -
Sunbelt 3.2.1858.2 2010.01.10 -
Symantec 20091.2.0.41 2010.01.10 -
TheHacker 6.5.0.3.145 2010.01.10 Aplicacion/MyWebSearch.cj
TrendMicro 9.120.0.1004 2010.01.10 -
VBA32 3.12.12.1 2010.01.09 -
ViRobot 2010.1.8.2128 2010.01.08 Adware.MyWebSearch.245760.E
VirusBuster 5.0.21.0 2010.01.10 Adware.Agent.JPLC
Additional information
File size: 24576 bytes
MD5...: c4ff418909d55a7744b04774a83135c9
SHA1..: 2489008ef2e8fb7a3bdf6014d4488d01629c7034
SHA256: 76adc93b3153ccd4ab6f692d78013cb75842f741168a6de5adee56c23748b7a3
ssdeep: 48:SEygP1vvEC1PYzWZwU3FoNzfRcIwxU5d3uywxQSD1It40VqXDY27:TElzWtqN
zfRcIwxU50ywxQyO40sXcM

PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x46058eaf (Sat Mar 24 20:48:47 2007)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3fb 0x1000 2.06 ba1812dd7e6a315ab7af13d1cc5a3603
.rdata 0x2000 0x39d 0x1000 1.60 84ff216845fbbc763a2ef07097c8f81f
.data 0x3000 0x1a5 0x1000 0.45 450b79c78efa9a1d16507e0335d1a017
.rsrc 0x4000 0x3a8 0x1000 0.97 0f21b1113854b30539d83564a6e9a729
.reloc 0x5000 0x12c 0x1000 0.26 5b06f85996c05ce55fa7c583e0ef1168

( 2 imports )
> KERNEL32.dll: LoadLibraryExA, lstrcatA, GetSystemDirectoryA, FreeLibrary, GetProcAddress, lstrlenA, HeapFree, GetProcessHeap, DeleteCriticalSection, GetModuleFileNameA, InitializeCriticalSection
> ADVAPI32.dll: RegQueryValueExA, RegCloseKey, RegOpenKeyExA

( 9 exports )
CreateTextServices, IID_IRichEditOle, IID_IRichEditOleCallback, IID_ITextHost, IID_ITextHost2, IID_ITextServices, REExtendedRegisterClass, RichEdit10ANSIWndProc, RichEditANSIWndProc

RDS...: NSRL Reference Data Set
-
<a href='http://info.prevx.com/aboutprogramtext. ... 009C286D4E' target='_blank'>http://info.prevx.com/aboutprogramtext. ... C286D4E</a>
sigcheck:
publisher....: FunWebProducts.com
copyright....: Copyright (c) 2003,2004,2005
product......: Smiley Central
description..: Smiley Central MSN Rich Edit DLL
original name: f3REStub.dll
internal name: f3REStub
file version.: 1, 0, 0, 9
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

pdfid.: -
trid..: Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)

[kaculdac]

OTL c.1

OTL logfile created on: 09/01/2010 22:09:25 - Run 1
OTL by OldTimer - Version 3.1.22.0 Folder = C:\Users\Kaculdac\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16945)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 69.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.37 Gb Total Space | 39.54 Gb Free Space | 13.86% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.59 Gb Free Space | 55.90% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 22.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BALVAN
Current User Name: Kaculdac
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/01/09 21:32:41 | 00,543,232 | ---- | M] (OldTimer Tools) -- C:\Users\Kaculdac\Desktop\OTL.exe
PRC - [2009/12/18 23:12:32 | 00,285,296 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2009/12/03 16:14:00 | 01,394,000 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2009/11/24 23:51:40 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/11/24 23:51:35 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/11/24 23:51:21 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/11/24 23:48:48 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/11/24 23:43:56 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/10/27 15:11:10 | 00,634,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/10/27 12:27:27 | 00,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009/07/16 20:29:13 | 00,114,688 | ---- | M] () -- C:\Program Files\Orange Mobile Partner\Orange Mobile Partner.exe
PRC - [2009/02/03 02:07:18 | 00,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe
PRC - [2008/10/29 06:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/01 18:57:12 | 00,289,576 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/09/16 14:02:26 | 00,163,840 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/08/13 17:32:40 | 00,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/22 23:33:34 | 00,068,856 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2007/12/12 07:03:34 | 03,444,736 | ---- | M] (Dell Inc.) -- C:\Windows\System32\WLTRAY.EXE
PRC - [2007/12/12 07:03:34 | 00,024,064 | ---- | M] () -- C:\Windows\System32\WLTRYSVC.EXE
PRC - [2007/12/12 07:02:50 | 02,506,752 | ---- | M] (Dell Inc.) -- C:\Windows\System32\BCMWLTRY.EXE
PRC - [2007/12/03 05:59:48 | 00,610,304 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\Ati2evxx.exe
PRC - [2007/09/07 18:25:12 | 00,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/04 13:52:08 | 00,095,536 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
PRC - [2007/08/29 21:25:16 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/08/03 22:33:14 | 00,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/07/27 16:43:34 | 00,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
PRC - [2007/07/27 06:20:26 | 00,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/07/25 01:41:52 | 00,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/07/24 12:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 15:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2007/07/16 13:29:24 | 00,359,248 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/07/13 14:14:56 | 00,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/05/31 09:21:28 | 00,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007/02/20 13:01:12 | 01,125,088 | ---- | M] (Dell Inc) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2006/12/14 17:04:04 | 00,135,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\ATI\WebPAM\_jvm\bin\java.exe
PRC - [2006/11/05 11:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
PRC - [2006/11/05 11:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
PRC - [2006/11/03 17:55:50 | 00,703,280 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/11/02 12:36:04 | 00,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/11/02 12:34:48 | 00,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe
PRC - [2006/11/02 09:46:02 | 00,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2006/08/05 00:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2003/09/29 08:30:08 | 00,110,592 | ---- | M] () -- C:\Program Files\ATI\WebPAM\jetty\extra\win32\Wrapper.exe


========== Modules (SafeList) ==========

MOD - [2010/01/09 21:32:41 | 00,543,232 | ---- | M] (OldTimer Tools) -- C:\Users\Kaculdac\Desktop\OTL.exe
MOD - [2006/11/02 09:38:57 | 01,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Running] -- -- (ATIWebPAM)
SRV - [2009/11/24 23:51:35 | 00,138,680 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus)
SRV - [2009/11/24 23:51:21 | 00,254,040 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner)
SRV - [2009/11/24 23:48:48 | 00,352,920 | ---- | M] (ALWIL Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner)
SRV - [2009/11/24 23:43:56 | 00,018,752 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2009/06/27 18:54:13 | 00,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/12 22:05:47 | 00,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/12/20 14:44:32 | 00,029,744 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-061008-081103)
SRV - [2008/10/01 18:57:00 | 00,536,872 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2008/10/01 13:06:14 | 00,116,040 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/09/16 14:02:26 | 00,163,840 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/08/13 17:32:40 | 00,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2008/01/25 00:38:12 | 02,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/23 06:36:21 | 00,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 15:50:22 | 00,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2007/12/12 07:03:34 | 00,024,064 | ---- | M] () [Auto | Running] -- C:\Windows\System32\WLTRYSVC.EXE -- (wltrysvc)
SRV - [2007/12/03 05:59:48 | 00,610,304 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\System32\Ati2evxx.exe -- (Ati External Event Utility)
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/10/18 11:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2007/09/07 18:25:12 | 00,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/08/29 21:25:16 | 00,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/07/27 06:20:26 | 00,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007/07/25 03:16:16 | 00,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/07/25 01:41:52 | 00,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/07/24 12:02:14 | 00,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 15:54:42 | 00,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2007/07/16 13:29:24 | 00,359,248 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/05/31 09:21:24 | 00,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 00,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/11/05 11:15:12 | 00,880,640 | ---- | M] (Sonic Solutions) [On_Demand | Running] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2006/11/05 11:13:00 | 00,159,744 | ---- | M] (Sonic Solutions) [Auto | Running] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2006/11/02 12:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 19:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/09/14 14:54:34 | 00,073,728 | ---- | M] (MicroVision Development, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2006/08/05 00:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2004/10/22 03:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)

[motji]

Co našel mbam, smažte.
Na Otl kouknu zítra
Problém stále přetrvává?