NOD - TrojanDownloader.Small

[xxmejla]

log MBAM

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3601
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

20.1.2010 15:21:00
mbam-log-2010-01-20 (15-20-21).txt

Typ kontroly: Kompletní kontrola (C:\|D:\|J:\|K:\|)
Zkontrolované objekty: 165665
Uplynulý čas: 25 minute(s), 3 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 3
Infikované adresáře: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
K:\EXE - zálohy\Čistící programy\SUPERAntiSpyware 4.23.1006 Final\SUPERAntiSpyware_CZ\SUPERAntiSpyware_CZ.exe (Trojan.Backdoor) -> No action taken.

[motji]

Co našel mbam, smažte.
Disk K je ten kde máte instalačky?

[xxmejla]

Disk K: jsem tam dal flash disk tam jsem měl taky nějaké instalačky..ale během scanu mi vyskočil opět NOD a načetl mi zase 8 exe souborů s infiltrací - dal jsem je taky smazat..je zajímavé že vymažu vždy napadené soubory po pár hodinách si najde jiné
zde poslední log co jste chtěla..

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 15:29 on 20/01/2010 by Administrator (Administrator - Elevation successful)

========== filefind ==========

Searching for "XXLGSC"
C:\WINDOWS\XXLGSC --a--- 0 bytes [12:02 27/12/2009] [19:07 01/01/2010] D41D8CD98F00B204E9800998ECF8427E

========== regfind ==========

Searching for "XXLGSC"

[xxmejla]

Tak z Mbam jsem to smáznul..po restartu jsem dal schválně Nodem proscannovat ty exe soubory..zatím nic dalšího nehlásí
můžu si pak znovu vypnout ty výstrahy systemu zabezpečení
kdy budem moct zapnou obnovu systému??
myslíte že to spomalení je dáno tím že tu mám teď spoustu čistících a scannových souborů

[motji]

To spomalení bude asi tím..jdeme čistit

Odinstalujte G-Mer
přes start-spustit-do okénka vložte příkaz
C:\WINDOWS\gmer_uninstall.cmd
potvrdit Enter


Odinstalujte combofix přes
Start >> Spustit zkopírujte do okénka:

ComboFix /Uninstall

stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.



Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir


Stahněte TFC a použijte
TFC (http://oldtimer.geekstogo.com/TFC.exe)

Ještě znovu spustte OTL, vpravo nahoře je tlačítko Clean up, uklidí po sobě

Z mého podpisu stahněte Ccleaner
-nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

záložka Registry
-klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy udělat zálohu registrů - nemusíte
-kliknete opravit všechny problémy ok zavřít

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

zapněte Obnovu systému
vložte nový log ze Rsitu a napište co počítač

to je divné, a co Vám nod mazal? Zase nějaké instalačky?
Zkuste pak proskenovat Nodem ty instalačky, zda něco najde
smažte C:\WINDOWS\XXLGSC

[xxmejla]

log RSIT
Logfile of random's system information tool 1.06 (written by random/random)
Run by Administrator at 2010-01-20 17:28:59
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 42 GB (82%) free of 51 GB
Total RAM: 511 MB (29% free)


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-02 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"nod32kui"=C:\Program Files\Eset\nod32kui.exe [2006-06-23 778240]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
C:\WINDOWS\RTHDCPL.EXE [2006-04-04 16120832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Nabídka Start^Programy^Po spuštění^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-05-28 241664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-03 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Enabled:Kerio Personal Firewall 4 - GUI"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-01-20 17:28:59 ----D---- C:\rsit
2010-01-20 17:10:40 ----D---- C:\Program Files\CCleaner
2010-01-19 15:41:41 ----D---- C:\Program Files\Microsoft Works
2010-01-19 15:41:33 ----D---- C:\Program Files\MSBuild
2010-01-19 15:41:04 ----D---- C:\Program Files\Microsoft Visual Studio
2010-01-19 15:41:04 ----D---- C:\Program Files\Common Files\DESIGNER
2010-01-19 15:40:29 ----D---- C:\Program Files\Microsoft.NET
2010-01-19 15:37:16 ----D---- C:\WINDOWS\SHELLNEW
2010-01-19 15:36:01 ----RHD---- C:\MSOCache
2010-01-19 14:38:53 ----A---- C:\WINDOWS\system32\nms32.dll
2010-01-19 14:38:53 ----A---- C:\WINDOWS\system32\imon.dll
2010-01-19 14:34:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\VSRevoGroup
2010-01-19 14:29:25 ----D---- C:\Program Files\Microsoft Office
2010-01-18 20:17:07 ----D---- C:\Program Files\Add Remove Manager
2010-01-18 17:25:06 ----D---- C:\Program Files\VS Revo Group
2010-01-17 22:21:16 ----SHD---- C:\WINDOWS\CSC
2010-01-17 17:24:14 ----SHD---- C:\RECYCLER
2010-01-17 13:31:49 ----D---- C:\WINDOWS\temp
2010-01-16 23:30:49 ----D---- C:\WINDOWS\pss
2010-01-14 00:27:56 ----D---- C:\WINDOWS\Minidump
2010-01-09 12:46:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\ICQ
2010-01-09 12:44:40 ----D---- C:\Program Files\ICQ6.5
2010-01-09 12:34:42 ----D---- C:\Program Files\ICQ6
2010-01-09 12:34:03 ----D---- C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2010-01-02 14:19:08 ----D---- C:\Program Files\Free WMA to MP3 Converter
2010-01-02 13:42:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\XnView
2010-01-02 13:42:11 ----D---- C:\Program Files\XnView
2010-01-02 12:32:11 ----D---- C:\WINDOWS\Sun
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaws.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\javaw.exe
2010-01-02 12:29:52 ----A---- C:\WINDOWS\system32\java.exe
2010-01-02 12:29:41 ----D---- C:\Program Files\Java
2010-01-02 10:13:16 ----D---- C:\Program Files\Hewlett-Packard
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4r.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4a.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\MSXML4.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcr70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvcp70.dll
2010-01-02 10:13:07 ----RA---- C:\WINDOWS\system32\hpvaut32.dll
2010-01-02 10:10:35 ----RSD---- C:\WINDOWS\assembly
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\HPZc3212.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpovst08.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpotscl.dll
2010-01-02 10:05:41 ----RA---- C:\WINDOWS\system32\hpgwiamd.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZisn12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipt12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZipm12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZinw12.exe
2010-01-02 10:04:13 ----A---- C:\WINDOWS\system32\HPZidr12.dll
2010-01-02 10:04:13 ----A---- C:\WINDOWS\IsUninst.exe
2010-01-02 10:02:12 ----D---- C:\Program Files\HP
2010-01-01 21:07:55 ----A---- C:\WINDOWS\IsUn0405.exe
2009-12-29 17:56:22 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Malwarebytes
2009-12-29 17:56:16 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-29 17:56:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2009-12-28 22:52:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2009-12-28 22:52:17 ----D---- C:\Program Files\SUPERAntiSpyware
2009-12-28 22:52:17 ----D---- C:\Documents and Settings\Administrator\Data aplikací\SUPERAntiSpyware.com
2009-12-28 19:50:30 ----HD---- C:\WINDOWS\PIF
2009-12-28 18:53:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-28 13:20:45 ----A---- C:\WINDOWS\system32\PAStiSvc.exe
2009-12-28 13:20:25 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-12-28 13:18:54 ----D---- C:\Program Files\Common Files\ArcSoft
2009-12-28 13:18:53 ----A---- C:\WINDOWS\system32\unicows.dll
2009-12-28 13:18:48 ----A---- C:\WINDOWS\PCDLIB32.DLL
2009-12-28 13:17:31 ----D---- C:\WINDOWS\PixArt
2009-12-28 13:17:31 ----D---- C:\Program Files\PC Camer@
2009-12-28 13:17:31 ----D---- C:\Program Files\Common Files\PCCamera
2009-12-28 13:17:13 ----D---- C:\WINDOWS\Downloaded Installations
2009-12-27 21:30:23 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ArcSoft
2009-12-27 21:28:38 ----D---- C:\Program Files\ArcSoft
2009-12-27 15:24:37 ----D---- C:\Program Files\Common Files\HP
2009-12-27 15:23:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hewlett-Packard
2009-12-27 15:21:40 ----D---- C:\Program Files\Common Files\Hewlett-Packard
2009-12-27 15:20:12 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-27 15:20:11 ----D---- C:\WINDOWS\system32\URTTemp
2009-12-27 14:43:14 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-27 14:42:27 ----N---- C:\WINDOWS\system32\px.dll
2009-12-27 14:42:24 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Winamp
2009-12-27 13:34:55 ----A---- C:\WINDOWS\system32\msonpmon.dll
2009-12-27 13:29:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-12-27 12:56:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2009-12-27 12:55:18 ----A---- C:\WINDOWS\WebIE.dll
2009-12-27 12:54:59 ----A---- C:\WINDOWS\WTRDCTM.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32P.INI
2009-12-27 12:54:31 ----A---- C:\WINDOWS\UN32.EXE
2009-12-27 12:49:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\OpenOffice.org2
2009-12-27 12:48:37 ----D---- C:\Program Files\OpenOffice.org 2.1
2009-12-27 12:44:47 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Vso
2009-12-27 12:44:47 ----A---- C:\Documents and Settings\Administrator\Data aplikací\inst.exe
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\vp7vfw.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\Pncrt.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv43260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv33260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\drv23260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\system32\cook3260.dll
2009-12-27 12:44:39 ----A---- C:\WINDOWS\gdiplus.dll
2009-12-27 12:44:37 ----D---- C:\Program Files\VSO
2009-12-27 12:30:49 ----D---- C:\Documents and Settings\Administrator\Data aplikací\ICQ
2009-12-27 12:29:50 ----D---- C:\Documents and Settings\Administrator\Data aplikací\skypePM
2009-12-27 12:27:16 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Skype
2009-12-27 12:27:01 ----D---- C:\Program Files\Common Files\Skype
2009-12-27 12:26:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-27 12:24:12 ----D---- C:\Program Files\WinRAR
2009-12-27 12:19:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-12-27 12:14:02 ----D---- C:\Documents and Settings\Administrator\Data aplikací\WinRAR
2009-12-27 12:10:17 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-27 12:08:52 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Sun
2009-12-27 12:07:47 ----D---- C:\Program Files\DVD Shrink
2009-12-27 12:07:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\DVD Shrink
2009-12-27 12:05:15 ----A---- C:\WINDOWS\iun6002.exe
2009-12-27 12:05:11 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-27 11:49:19 ----D---- C:\Documents and Settings\Administrator\Data aplikací\CyberLink
2009-12-27 11:47:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\CyberLink
2009-12-27 11:46:25 ----D---- C:\Program Files\CyberLink
2009-12-27 00:29:15 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdkor.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd106.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd103.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101c.dll
2009-12-26 23:44:55 ----A---- C:\WINDOWS\system32\kbd101b.dll
2009-12-26 22:22:26 ----A---- C:\WINDOWS\system32\fdco1.dll
2009-12-26 22:22:22 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-12-26 22:22:21 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-12-26 22:22:18 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-12-26 20:06:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\nView_Profiles
2009-12-26 19:52:29 ----D---- C:\WINDOWS\nview
2009-12-26 19:52:28 ----A---- C:\WINDOWS\system32\nvudisp.exe
2009-12-26 19:51:57 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-12-26 19:51:35 ----D---- C:\NVIDIA
2009-12-26 19:33:10 ----D---- C:\Program Files\NVIDIA Corporation
2009-12-26 19:33:07 ----D---- C:\Config.Msi
2009-12-26 15:30:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\NVIDIA
2009-12-26 15:07:04 ----D---- C:\Documents and Settings\Administrator\Data aplikací\AdobeUM
2009-12-26 15:06:23 ----D---- C:\Program Files\Common Files\Adobe
2009-12-26 15:06:22 ----D---- C:\Program Files\Adobe
2009-12-26 15:05:36 ----D---- C:\WINDOWS\Cache
2009-12-26 14:30:08 ----A---- C:\WINDOWS\NeroDigital.ini
2009-12-26 13:41:09 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Ahead
2009-12-26 13:40:08 ----D---- C:\Program Files\Nero
2009-12-26 13:40:08 ----D---- C:\Program Files\Common Files\Ahead
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-26 13:39:50 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-26 13:05:51 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-26 13:01:26 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-26 13:00:48 ----RA---- C:\WINDOWS\system32\idecoiins.dll
2009-12-26 13:00:47 ----A---- C:\WINDOWS\system32\idecoi.dll
2009-12-26 13:00:42 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-26 12:59:53 ----SHD---- C:\WINDOWS\Installer
2009-12-26 12:59:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-26 12:59:52 ----D---- C:\Program Files\Common Files\ODBC
2009-12-26 12:59:52 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-26 12:59:49 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-26 12:59:48 ----RD---- C:\Program Files
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-26 12:59:48 ----D---- C:\Program Files\Common Files
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-26 12:59:45 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-26 12:59:42 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-26 12:59:41 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-26 12:59:38 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-26 12:59:36 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-12-26 12:59:31 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-26 12:59:30 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-26 12:59:29 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-26 12:59:26 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-26 12:59:26 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-26 12:59:25 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-12-26 12:59:24 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-26 12:59:17 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-26 12:57:25 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-26 12:57:19 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-26 12:56:58 ----SHD---- C:\System Volume Information
2009-12-26 12:56:58 ----D---- C:\Documents and Settings
2009-12-26 12:56:17 ----RASH---- C:\boot.ini
2009-12-26 12:54:41 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Macromedia
2009-12-26 12:54:40 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Adobe
2009-12-26 12:50:54 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-26 12:50:54 ----RSD---- C:\WINDOWS\Fonts
2009-12-26 12:50:54 ----RD---- C:\WINDOWS\Web
2009-12-26 12:50:54 ----HD---- C:\WINDOWS\inf
2009-12-26 12:50:54 ----D---- C:\WINDOWS\WinSxS
2009-12-26 12:50:54 ----D---- C:\WINDOWS\twain_32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wins
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\wbem
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\usmt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\spool
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\Setup
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ras
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\oobe
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\npp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\IME
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\icsxml
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\ias
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\export
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\drivers
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\dhcp
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\3076
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\2052
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1054
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1042
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1041
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1037
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1033
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1031
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1029
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1028
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32\1025
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system32
2009-12-26 12:50:54 ----D---- C:\WINDOWS\system
2009-12-26 12:50:54 ----D---- C:\WINDOWS\security
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Resources
2009-12-26 12:50:54 ----D---- C:\WINDOWS\repair
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Provisioning
2009-12-26 12:50:54 ----D---- C:\WINDOWS\pchealth
2009-12-26 12:50:54 ----D---- C:\WINDOWS\PeerNet
2009-12-26 12:50:54 ----D---- C:\WINDOWS\mui
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msapps
2009-12-26 12:50:54 ----D---- C:\WINDOWS\msagent
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Media
2009-12-26 12:50:54 ----D---- C:\WINDOWS\java
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ime
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Help
2009-12-26 12:50:54 ----D---- C:\WINDOWS\ehome
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Driver Cache
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Debug
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Cursors
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Connection Wizard
2009-12-26 12:50:54 ----D---- C:\WINDOWS\Config
2009-12-26 12:50:54 ----D---- C:\WINDOWS\AppPatch
2009-12-26 12:50:54 ----D---- C:\WINDOWS\addins
2009-12-26 12:50:54 ----D---- C:\WINDOWS
2009-12-26 12:50:18 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Mozilla
2009-12-26 12:49:56 ----D---- C:\Program Files\Mozilla Firefox
2009-12-26 12:36:08 ----D---- C:\Program Files\Kerio
2009-12-26 12:33:26 ----D---- C:\Program Files\ESET
2009-12-26 12:32:54 ----D---- C:\totalcmd
2009-12-26 12:32:54 ----A---- C:\WINDOWS\wincmd.ini
2009-12-26 12:28:56 ----D---- C:\WINDOWS\system32\Lang
2009-12-26 12:27:28 ----R---- C:\WINDOWS\system32\ChCfg.exe
2009-12-26 12:27:05 ----D---- C:\WINDOWS\system32\RTCOM
2009-12-26 12:27:03 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-26 12:26:36 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-26 12:26:35 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\SOUNDMAN.EXE
2009-12-26 12:26:32 ----RA---- C:\WINDOWS\RtlUpd.exe
2009-12-26 12:26:29 ----RA---- C:\WINDOWS\RTLCPL.EXE
2009-12-26 12:26:25 ----RA---- C:\WINDOWS\RTHDCPL.EXE
2009-12-26 12:26:24 ----RA---- C:\WINDOWS\MicCal.exe
2009-12-26 12:26:23 ----RA---- C:\WINDOWS\ALCMTR.EXE
2009-12-26 12:26:22 ----RA---- C:\WINDOWS\ALCWZRD.EXE
2009-12-26 12:26:22 ----D---- C:\Program Files\Realtek
2009-12-26 12:26:21 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-26 12:25:56 ----R---- C:\WINDOWS\RtlExUpd.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l2052.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1046.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1042.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1041.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1040.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1036.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1034.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1031.dll
2009-12-26 12:24:32 ----RA---- C:\WINDOWS\system32\fdco_l1028.dll
2009-12-26 12:24:29 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2009-12-26 12:24:03 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-26 12:23:30 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-26 12:16:21 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Identities
2009-12-26 12:16:20 ----HD---- C:\Program Files\Uninstall Information
2009-12-26 12:16:04 ----ASH---- C:\Documents and Settings\Administrator\Data aplikací\desktop.ini
2009-12-26 12:16:03 ----SD---- C:\Documents and Settings\Administrator\Data aplikací\Microsoft
2009-12-26 12:15:55 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-26 12:15:54 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-26 12:15:54 ----N---- C:\WINDOWS\SchedLgU.Txt
2009-12-26 12:15:54 ----D---- C:\WINDOWS\Prefetch
2009-12-26 12:12:00 ----D---- C:\WINDOWS\system32\xircom
2009-12-26 12:12:00 ----D---- C:\Program Files\xerox
2009-12-26 12:12:00 ----D---- C:\Program Files\microsoft frontpage
2009-12-26 12:11:40 ----A---- C:\WINDOWS\control.ini
2009-12-26 12:11:22 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-26 12:10:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-26 12:10:38 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-26 12:10:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-26 12:10:32 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-26 12:10:28 ----HD---- C:\Program Files\WindowsUpdate
2009-12-26 12:10:26 ----D---- C:\Program Files\Online Services
2009-12-26 12:10:03 ----D---- C:\WINDOWS\system32\DirectX
2009-12-26 12:09:29 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-26 12:09:26 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-26 12:09:26 ----A---- C:\WINDOWS\desktop.ini
2009-12-26 12:09:18 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-26 12:09:17 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-26 12:09:16 ----D---- C:\Program Files\Common Files\Services
2009-12-26 12:09:12 ----SD---- C:\WINDOWS\Tasks
2009-12-26 12:09:12 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-26 12:09:11 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-26 12:09:06 ----D---- C:\WINDOWS\system32\Macromed
2009-12-26 12:09:06 ----D---- C:\WINDOWS\srchasst
2009-12-26 12:09:02 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-26 12:09:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-26 12:09:00 ----N---- C:\WINDOWS\system32\wuauclt.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-26 12:09:00 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-26 12:08:59 ----N---- C:\WINDOWS\system32\qmgr.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-26 12:08:59 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-26 12:08:54 ----D---- C:\Program Files\Movie Maker
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-26 12:08:48 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-26 12:08:43 ----N---- C:\WINDOWS\system32\srsvc.dll
2009-12-26 12:08:43 ----D---- C:\WINDOWS\system32\Restore
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-12-26 12:08:43 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-26 12:08:42 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-26 12:08:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-26 12:08:38 ----D---- C:\Program Files\NetMeeting
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-26 12:08:38 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-26 12:08:37 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-26 12:08:36 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-26 12:08:34 ----N---- C:\WINDOWS\system32\schedsvc.dll
2009-12-26 12:08:34 ----D---- C:\Program Files\Outlook Express
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-26 12:08:34 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-26 12:08:33 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-26 12:08:24 ----D---- C:\Program Files\Common Files\System
2009-12-26 12:08:23 ----D---- C:\Program Files\Internet Explorer
2009-12-26 12:07:57 ----D---- C:\Program Files\ComPlus Applications
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-26 12:07:56 ----A---- C:\WINDOWS\vb.ini
2009-12-26 12:07:52 ----D---- C:\WINDOWS\Registration
2009-12-26 12:07:47 ----D---- C:\Program Files\Windows Media Player
2009-12-26 12:07:42 ----D---- C:\Program Files\Messenger
2009-12-26 12:07:37 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-26 12:07:37 ----A---- C:\WINDOWS\system32\write.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-26 12:07:19 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-26 12:07:18 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-26 12:07:08 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-26 12:07:07 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-26 12:07:06 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-26 12:07:05 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-26 12:07:04 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-26 12:07:03 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-26 12:07:02 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-26 12:06:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-26 12:06:52 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-26 12:06:51 ----D---- C:\Program Files\Windows NT
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-26 12:06:51 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-26 12:06:50 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-26 12:06:49 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-26 12:06:48 ----N---- C:\WINDOWS\system32\termsrv.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-26 12:06:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-26 12:06:47 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-26 12:06:47 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-26 12:06:46 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-26 12:06:45 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-26 12:06:44 ----D---- C:\WINDOWS\system32\Com
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-26 12:06:44 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-26 12:06:43 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-26 12:06:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-26 12:06:33 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2010-01-19 15:37:51 ----A---- C:\WINDOWS\win.ini
2010-01-17 13:35:45 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
R1 fwdrv;Firewall Driver; C:\WINDOWS\system32\drivers\fwdrv.sys [2005-06-21 270336]
R1 khips;Kerio HIPS Driver; C:\WINDOWS\system32\drivers\khips.sys [2005-05-30 53248]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 AMON;AMON; \??\C:\WINDOWS\system32\drivers\amon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-06 4258816]
R3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-22 52736]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-22 18944]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 PAC207;SoC PC-Camer@; C:\WINDOWS\system32\DRIVERS\pfc027.sys [2005-02-24 162176]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-12-27 47360]
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 GMSIPCI;GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS []
S3 GVCplDrv;GVCplDrv; C:\WINDOWS\system32\drivers\GVCplDrv.sys [2004-05-02 23040]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2004-06-21 51088]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2004-06-21 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2004-06-21 21744]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-02 153376]
R2 KPF4;Kerio Personal Firewall 4; C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe [2009-12-26 1630208]
R2 NOD32krn;NOD32 Kernel Service; C:\Program Files\Eset\nod32krn.exe [2010-01-19 331776]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2003-02-20 32768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 NDQ;NDQ; C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\NDQ.exe []
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-03-18 65536]

-----------------EOF-----------------

[xxmejla]

TAK...vše provedeno dle instrukcí,ten Nod mi před tím smazal zase ty instalačky.nyní jsem to Nodem nechal projet a nic nehlásí
PC běhá jak má.net taky..jen od doby co naběhne system a ikony na plochu..-musím cca 2 minuty počkat,než se s nimi dá pracovat..příklad - chci otevřít - tento počítač - kliknu - vyběhne okno,ale místo složek tam lítá ta přihlouplá baterka...ale po prvním načtení už to běhá jak má..tak nevím ..ty dvě minuty nejsou zas tak moc - ale je to normální??

[motji]

Stahněte ještě Hijackthis http://www.edownload.cz/sw/trend-micro- ... /download/ a udělejte sken, u Rsitu se nestahl.

start - spustit - cmd -ok
-do černého okna napište
sc delete NDQ
ok

Nod Vám mazal stále nové instalačky? Zkuste udělat třeba za 2 dny nový sken, kdyby se Vám chtělo, pár instalaček otestujte na www.virustotal.com

To nabíhání mám také takové pomalé, ale mám starší počítač, i když se o něj starám . Tak pomalu Vám začal nabíhat až ted, nebo to dělalo už dřív? Zkusíme ještě defragmentaci disku

vyčistění disku
start-spustit - napište cleanmgr - ok..ok
-dát fajfku temporary ,,,offline,,koš,,,dočasné soubory - ok,


start-spustit - napište cleanmgr - ok..ok
-další možnosti - obnovení systému - vyčistit - ok

start-spustit - napište chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat

defragmentace disku
start - ovládací panely - nástroje pro správu - správa počítače - defragmentace disku
-můžete použít i jiný nástroj na defragmentaci, ten ve windows není nic moc

Za sebe můžu doporučit JK defrag, který se neinstaluje
http://www.slunecnice.cz/sw/jkdefrag/

[xxmejla]

log HIJACK - co mám teď s tím hijack exe udělat??

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07:47, on 20.1.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Documents and Settings\Administrator\Plocha\HijackThis.HJT\Administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NDQ - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\NDQ.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - C:\Program Files\Eset\nod32krn.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe

--
End of file - 5710 bytes

[motji]

Můžete ho odinstalovat . Rsit si ho normálně stahne sám, ve Vašem případě to neudělal

[xxmejla]

to asi proto že já tu složku s hijack měl na disku D navíc se mi tam udělala nějaká kopie toho souboru hijack - administrator
taky moc nerozumím tomuhle::arrow: vyčistění disku
start-spustit - napište cleanmgr - ok..ok
-dát fajfku temporary ,,,offline,,koš,,,dočasné soubory - ok, to ,,,offline,,,tam nevidím

[motji]

Nevadí, to vynechte.
Ten Hijackthis kopie administrátor - to je přejmenovaný HJt, maskuje se proti havěti, kdyby ho chtěla blokovat

[xxmejla]

Jinak ten NOD mi vždy vyletěl u jiného exe souboru - s tím že to neumí léčit,tak jsem odsouhlasil vymazat..ale zajímavé,že třeba v pondělí jsem ten soubor nodem projížděl a nic nenašel a dnes ho hlásil z virem
to pomalé nabíhání ..myslím že to nabíhalo o něco rychleji,a hlavně když jsem dal otevřít - tento počítač,tak se zložky - disky načítali hned a nelítala tam ta hledající baterka..

[motji]

kdyby Vám Nod zase něco hlásil, nemažte to hned, ale nejprve otestujte na www.virustotal.com

[xxmejla]

já vím že vám pčipadám jak ňouma,ale jak vynechat?? dám to přez přidat - odebrat programy odinstalovat,ale na ploše mám složku,kde je hijack.exe a hijack administrator.exe - s tou složkou mám udělat co??