prevence

[Caroprd111]

OK, stáhněte avast! + firewall a dejte log z RSIT.

[SPEEDY7]

je eset je lepsi nez avast?

[Caroprd111]

To se nedá říct, každý produkt je v něčem lepší a v něčem horší. ESS je kompletní balík včetně firewallu, k Avastu musíte doinstalovat firewall. Podívejte se na nějaké testy třeba na http://www.viry.cz/go.php

[SPEEDY7]

zda se mi ze ten avast nejak moc zere procesy

Logfile of random's system information tool 1.06 (written by random/random)
Run by SPEEDY at 2010-02-05 20:31:30
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 79 GB (52%) free of 153 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:32:08, on 5. 2. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast5\afwServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\VMware\VMware Workstation\hqtray.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Mixer.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\SPEEDY\Plocha\SPEEDY\programy\RSIT.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\trend micro\SPEEDY.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames.exe
C:\Program Files\Alwil Software\Avast5\setup\avast.setup

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [vmware-tray] C:\Program Files\VMware\VMware Workstation\vmware-tray.exe
O4 - HKLM\..\Run: [VMware hqtray] "C:\Program Files\VMware\VMware Workstation\hqtray.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [reset] regedit /s reset.reg
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: HDDlife.lnk = C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe
O4 - Global Startup: DualCoreCenter.lnk = C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 0816841500
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0815478015
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/L ... nstall.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D71164A3-5DC1-46BC-ABCB-DC2243017DCF}: NameServer = 192.168.120.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - ALWIL Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Drivers\MMERefresh.exe
O23 - Service: digiSPTIService - Digidesign, A Division of Avid Technology, Inc. - C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe
O23 - Service: Remote Connections Service (FlexService) - Unknown owner - C:\Program Files\RapidBIT\cisvc.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe

--
End of file - 10702 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
Winamp Toolbar Loader - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-14 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2008-06-12 958712]
{EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Winamp Toolbar - C:\Program Files\Winamp Toolbar\winamptb.dll [2009-05-06 1262888]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"SMSTray"=C:\Program Files\Samsung\EmoDio\SMSTray.exe [2008-09-17 484880]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"vmware-tray"=C:\Program Files\VMware\VMware Workstation\vmware-tray.exe [2007-05-01 68400]
"VMware hqtray"=C:\Program Files\VMware\VMware Workstation\hqtray.exe [2007-05-01 56112]
"CanonSolutionMenu"=C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-05-14 644696]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2007-04-03 1603152]
"reset"=regedit /s reset.reg []
"nwiz"=nwiz.exe /installquiet []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2009-11-20 12669544]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2009-11-20 110184]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"C-Media Mixer"=Mixer.exe /startup []
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"DigidesignMMERefresh"=C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2008-12-03 77824]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-05-26 413696]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-01-28 2757512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-06-26 81920]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"Steam"=C:\Program Files\Steam\Steam.exe [2009-12-20 1217808]
"ICQ"=C:\Program Files\ICQ6.5\ICQ.exe [2009-11-16 172792]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2010-01-22 4608]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
DualCoreCenter.lnk - C:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe

C:\Documents and Settings\SPEEDY\Nabídka Start\Programy\Po spuštění
HDDlife.lnk - C:\Program Files\BinarySense\HDDlife 3\HDDlifePro.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SetVisualStyle"=C:\WINDOWS\Resources\Themes\Inspirat2\Inspirat2.msstyles

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2010-07-14 12:37:55 ----A---- C:\WINDOWS\RtlRack.ini
2010-07-12 16:28:08 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll
2010-07-12 16:28:06 ----R---- C:\WINDOWS\system32\RTLCPL.exe
2010-07-12 16:27:57 ----D---- C:\Program Files\Realtek Sound Manager
2010-07-12 16:27:56 ----D---- C:\Program Files\AvRack
2010-07-12 16:27:42 ----A---- C:\WINDOWS\SET10DE.tmp
2010-07-12 16:27:39 ----RA---- C:\WINDOWS\Alcrmv.exe
2010-07-12 16:27:39 ----R---- C:\WINDOWS\alcupd.exe
2010-07-12 16:24:45 ----A---- C:\WINDOWS\system32\nvusmb.exe
2010-02-05 20:25:13 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-02-05 20:25:09 ----D---- C:\Program Files\Alwil Software
2010-02-05 20:25:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-02-05 19:12:37 ----D---- C:\Program Files\trend micro
2010-02-05 19:12:36 ----D---- C:\rsit
2010-02-03 18:24:04 ----D---- C:\Program Files\QuickTime
2010-02-03 18:24:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2010-02-03 18:23:53 ----D---- C:\Program Files\Apple Software Update
2010-02-03 18:23:53 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-02-03 18:01:16 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\EurekaLog
2010-02-03 17:59:14 ----A---- C:\WINDOWS\system32\bassmidi.dll
2010-02-03 17:59:14 ----A---- C:\WINDOWS\system32\bassflac.dll
2010-02-03 17:59:13 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-02-03 17:59:13 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-02-03 17:59:13 ----A---- C:\WINDOWS\system32\bass.dll
2010-02-03 17:59:12 ----D---- C:\Program Files\SCAR 3.22
2010-02-03 17:52:08 ----D---- C:\Program Files\Adobe
2010-01-29 17:20:46 ----D---- C:\Program Files\Warcraft III
2010-01-29 12:32:28 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Trillium Lane
2010-01-28 21:00:56 ----D---- C:\Program Files\Valve
2010-01-28 17:35:24 ----D---- C:\Digidesign Databases
2010-01-28 17:33:09 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\PACE Anti-Piracy
2010-01-28 17:33:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\PACE Anti-Piracy
2010-01-28 17:27:58 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Structure
2010-01-28 17:14:47 ----D---- C:\Program Files\InterLok
2010-01-28 17:13:30 ----N---- C:\WINDOWS\system32\ilinet.dll
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\WinMMFix.dll
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\msvcp70.dll
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71KOR.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71JPN.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71ITA.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71CHT.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71CHS.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71FRA.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71ESP.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71ENU.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\MFC71DEU.DLL
2010-01-28 17:13:29 ----A---- C:\WINDOWS\system32\digicoin.dll
2010-01-28 17:13:27 ----A---- C:\WINDOWS\system32\qtmlClient.dll
2010-01-28 17:13:27 ----A---- C:\WINDOWS\system32\Diomidi.DLL
2010-01-28 17:13:27 ----A---- C:\WINDOWS\system32\dgfwdio.dll
2010-01-28 17:13:25 ----A---- C:\WINDOWS\system32\Digi32.dll
2010-01-28 17:13:24 ----A---- C:\WINDOWS\system32\digiasio.dll
2010-01-28 17:13:10 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2010-01-28 16:41:14 ----D---- C:\Program Files\SpeedFan
2010-01-24 17:30:19 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\OpenCandy
2010-01-24 17:30:12 ----D---- C:\Program Files\ASIO4ALL v2
2010-01-24 17:30:03 ----A---- C:\WINDOWS\system32\rewire.dll
2010-01-24 17:29:40 ----D---- C:\Program Files\Outsim
2010-01-24 17:28:14 ----D---- C:\Program Files\Image-Line
2010-01-24 14:43:41 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\BinarySense
2010-01-24 14:43:32 ----D---- C:\Program Files\Common Files\BinarySense
2010-01-24 14:23:14 ----RA---- C:\WINDOWS\system32\tmp260.tmp
2010-01-24 13:41:31 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2010-01-24 13:41:31 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2010-01-22 21:17:05 ----A---- C:\WINDOWS\system32\_AxShlEx.dll
2010-01-22 18:04:50 ----D---- C:\Documents and Settings\All Users\Data aplikací\Trymedia
2010-01-22 17:47:17 ----D---- C:\Program Files\Funcom
2010-01-21 18:08:35 ----RA---- C:\WINDOWS\system32\tmp82E3.tmp
2010-01-21 15:25:15 ----D---- C:\Program Files\JDownloader
2010-01-20 16:52:20 ----HD---- C:\WINDOWS\PIF
2010-01-20 16:42:33 ----A---- C:\WINDOWS\system32\Iyvu9_32.dll
2010-01-20 16:42:33 ----A---- C:\WINDOWS\system32\ir50_lcs.dll
2010-01-20 16:42:33 ----A---- C:\WINDOWS\system32\iacenc.dll
2010-01-20 14:47:37 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Help
2010-01-20 14:15:39 ----D---- C:\Program Files\Universal Extractor
2010-01-20 14:14:29 ----A---- C:\WINDOWS\wincmd.ini
2010-01-17 17:59:01 ----D---- C:\Program Files\Common Files\PACE Anti-Piracy
2010-01-17 17:41:52 ----D---- C:\Program Files\Digidesign
2010-01-17 17:41:52 ----D---- C:\Program Files\Common Files\Digidesign
2010-01-17 17:38:44 ----D---- C:\totalcmd
2010-01-15 19:15:19 ----D---- C:\temp
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTWMAFile2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTTextToAudio2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioVisualization2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioTransform2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioRecord2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioPlayer2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioInformation2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioFile2.dll
2010-01-15 19:14:12 ----A---- C:\WINDOWS\system32\NCTAudioEditor2.dll
2010-01-15 19:14:11 ----A---- C:\WINDOWS\system32\NCTAudioCDGrabber2.dll
2010-01-15 19:14:05 ----D---- C:\Program Files\Power Sound Editor Free
2010-01-15 18:53:49 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Power Sound Editor Free
2010-01-15 16:30:02 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\COWON
2010-01-15 15:23:53 ----D---- C:\Program Files\Common Files\COWON
2010-01-15 15:23:51 ----D---- C:\Program Files\JetAudio
2010-01-15 14:37:01 ----D---- C:\Program Files\Alcohol Soft
2010-01-15 14:14:27 ----RA---- C:\WINDOWS\system32\tmp5A5.tmp
2010-01-15 14:14:27 ----D---- C:\Program Files\OpenAL
2010-01-15 14:14:27 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2010-01-15 14:14:27 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2010-01-14 18:49:30 ----D---- C:\Documents and Settings\All Users\Data aplikací\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2010-01-14 18:42:41 ----D---- C:\Program Files\XPC Tools
2010-01-14 18:08:54 ----D---- C:\Program Files\Carambis
2010-01-14 17:28:37 ----RA---- C:\WINDOWS\system32\CMRMDRV3.exe
2010-01-14 17:28:37 ----A---- C:\WINDOWS\Cmicnfg3.ini.cfl
2010-01-14 17:28:19 ----A---- C:\WINDOWS\system32\cmudax3.DLL
2010-01-14 17:27:22 ----D---- C:\Program Files\directx
2010-01-14 17:24:16 ----A---- C:\WINDOWS\CMMIXER.INI
2010-01-14 15:13:54 ----A---- C:\WINDOWS\mixerdef.ini
2010-01-14 14:59:32 ----RA---- C:\WINDOWS\Cmicnfg3.ini.cfg
2010-01-14 14:59:31 ----A---- C:\WINDOWS\CmiPCIUninstall.exe
2010-01-14 14:59:26 ----A---- C:\WINDOWS\cmudax3.ini
2010-01-14 14:59:13 ----D---- C:\Program Files\C-Media PCI Audio Device
2010-01-13 17:09:45 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Broad Intelligence
2010-01-13 17:08:58 ----D---- C:\Program Files\MediaCoder
2010-01-13 15:40:21 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-13 15:40:13 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-12 17:11:01 ----D---- C:\Program Files\Zoner
2010-01-12 15:12:13 ----R---- C:\WINDOWS\avrack.ini
2010-01-12 15:12:03 ----D---- C:\Program Files\Realtek AC97
2010-01-11 18:18:10 ----D---- C:\WINDOWS\NV504536.TMP
2010-01-11 18:16:21 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-01-11 18:07:31 ----D---- C:\WINDOWS\NV2362756.TMP
2010-01-11 18:00:22 ----D---- C:\WINDOWS\system32\WinFast
2010-01-11 18:00:15 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\InstallShield
2010-01-11 17:43:53 ----A---- C:\WINDOWS\system32\xvidcore.dll
2010-01-11 17:43:53 ----A---- C:\WINDOWS\system32\libmp3lame-0.dll
2010-01-11 17:43:52 ----D---- C:\Program Files\Flash FLV to Video Audio Converter
2010-01-11 17:38:54 ----D---- C:\Program Files\DVDVIDEOSOFT
2010-01-11 17:30:57 ----D---- C:\Program Files\YouTube Downloader
2010-01-10 18:58:47 ----A---- C:\WINDOWS\nfsc_patch.ini
2010-01-09 19:58:52 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Zoner
2010-01-09 19:14:24 ----A---- C:\WINDOWS\system32\XceedZip.dll
2010-01-09 19:14:17 ----D---- C:\Program Files\Driver-Soft
2010-01-09 17:09:15 ----RA---- C:\WINDOWS\SET4D8.tmp
2010-01-09 16:40:24 ----R---- C:\WINDOWS\Alcmtr.exe
2010-01-09 15:43:09 ----D---- C:\Program Files\PC Drivers HeadQuarters

======List of files/folders modified in the last 1 months======

2010-07-14 12:26:48 ----D---- C:\WINDOWS\Media
2010-07-14 12:26:46 ----D---- C:\Program Files\Movie Maker
2010-07-14 12:26:20 ----D---- C:\WINDOWS\system32\usmt
2010-07-12 16:21:10 ----A---- C:\WINDOWS\system32\NVCOI.DLL
2010-07-12 16:21:09 ----A---- C:\WINDOWS\system32\idecoi.dll
2010-02-05 20:32:09 ----D---- C:\WINDOWS\Temp
2010-02-05 20:31:18 ----D---- C:\Program Files\Mozilla Firefox
2010-02-05 20:29:58 ----D---- C:\WINDOWS
2010-02-05 20:29:19 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Skype
2010-02-05 20:29:09 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\ICQ
2010-02-05 20:29:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\VMware
2010-02-05 20:28:58 ----D---- C:\Program Files\Steam
2010-02-05 20:28:45 ----D---- C:\WINDOWS\system32\CatRoot2
2010-02-05 20:28:32 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\VMware
2010-02-05 20:27:08 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-02-05 20:25:29 ----D---- C:\WINDOWS\system32\drivers
2010-02-05 20:25:26 ----HD---- C:\WINDOWS\inf
2010-02-05 20:25:18 ----SHD---- C:\WINDOWS\Installer
2010-02-05 20:25:18 ----D---- C:\WINDOWS\WinSxS
2010-02-05 20:25:18 ----D---- C:\WINDOWS\Prefetch
2010-02-05 20:25:13 ----D---- C:\WINDOWS\system32
2010-02-05 20:25:09 ----RD---- C:\Program Files
2010-02-05 19:40:34 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\uTorrent
2010-02-05 17:46:06 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\skypePM
2010-02-05 15:24:50 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-05 12:03:29 ----SD---- C:\Documents and Settings\SPEEDY\Data aplikací\Microsoft
2010-02-04 09:00:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-02-03 18:24:30 ----D---- C:\Program Files\Internet Explorer
2010-02-03 18:23:55 ----SD---- C:\WINDOWS\Tasks
2010-02-03 17:52:17 ----D---- C:\Program Files\Common Files\Adobe
2010-02-03 17:52:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-02-03 16:01:37 ----D---- C:\Documents and Settings\SPEEDY\Data aplikací\Audacity
2010-01-31 12:36:10 ----D---- C:\Program Files\Garena
2010-01-29 12:33:23 ----ASD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-01-29 12:32:33 ----AHD---- C:\Program Files\WindowsUpdate
2010-01-29 12:32:33 ----AD---- C:\Program Files\Outlook Express
2010-01-29 12:32:33 ----AD---- C:\Program Files\Common Files\System
2010-01-28 20:35:16 ----D---- C:\WINDOWS\system32\oodag
2010-01-28 17:33:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-01-28 17:14:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-01-28 17:12:51 ----RSD---- C:\WINDOWS\Fonts
2010-01-25 14:13:01 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-01-24 17:33:47 ----D---- C:\Program Files\VST
2010-01-24 14:43:32 ----D---- C:\Program Files\Common Files
2010-01-24 14:23:06 ----D---- C:\WINDOWS\system32\DirectX
2010-01-24 14:23:05 ----RSD---- C:\WINDOWS\assembly
2010-01-24 13:16:54 ----A---- C:\WINDOWS\win.ini
2010-01-22 15:27:06 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-01-22 15:26:56 ----D---- C:\WINDOWS\ie8updates
2010-01-22 15:26:51 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-20 18:12:56 ----A---- C:\WINDOWS\system.ini
2010-01-20 16:42:33 ----D---- C:\WINDOWS\Help
2010-01-17 18:39:24 ----D---- C:\WINDOWS\system32\CatRoot
2010-01-17 18:14:45 ----D---- C:\WINDOWS\system32\config
2010-01-17 18:14:36 ----D---- C:\WINDOWS\system32\wbem
2010-01-17 18:14:34 ----D---- C:\WINDOWS\Registration
2010-01-17 18:14:24 ----D---- C:\WINDOWS\Downloaded Installations
2010-01-17 18:13:55 ----D---- C:\WINDOWS\system32\Restore
2010-01-15 17:33:45 ----D---- C:\WINDOWS\Cursors
2010-01-14 18:04:44 ----D---- C:\WINDOWS\system
2010-01-14 18:04:21 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-01-14 12:03:22 ----D---- C:\Program Files\MSI
2010-01-14 12:02:50 ----D---- C:\Program Files\Setup Files
2010-01-14 11:14:42 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-01-14 11:01:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-01-13 19:56:20 ----D---- C:\WINDOWS\nview
2010-01-13 16:22:40 ----D---- C:\WINDOWS\AppPatch
2010-01-13 16:15:48 ----D---- C:\WINDOWS\Debug
2010-01-12 14:20:10 ----D---- C:\WINDOWS\Minidump
2010-01-11 18:19:43 ----A---- C:\WINDOWS\system32\wpa.bak
2010-01-11 18:02:56 ----D---- C:\NVIDIA
2010-01-10 18:12:11 ----RSH---- C:\boot.ini
2010-01-09 16:40:20 ----D---- C:\WINDOWS\system32\RTCOM
2010-01-09 16:40:15 ----D---- C:\Program Files\Realtek
2010-01-09 15:47:17 ----D---- C:\WINDOWS\Microsoft.NET
2010-01-09 15:05:19 ----D---- C:\WINDOWS\system32\Lang

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-01-28 28240]
R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 43008]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2010-01-28 103120]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-01-28 270928]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-01-28 163280]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-01-28 46672]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-01-28 19024]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-01-28 100432]
R2 DigiNet;Digidesign Ethernet Support; C:\WINDOWS\system32\DRIVERS\diginet.sys [2008-12-04 16400]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\Drivers\hcmon.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2007-05-01 28592]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2;Vstor2 Virtual Storage Driver; \??\C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vstor2.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-01-28 23376]
R3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-03-18 1512960]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2009-11-21 10235968]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-08-01 54784]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-08-01 22016]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
S2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
S3 aw5cyev9;aw5cyev9; C:\WINDOWS\system32\drivers\aw5cyev9.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-11-18 377358]
S3 CrystalSysInfo;CrystalSysInfo; \??\C:\Program Files\MediaCoder\SysInfo.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\SPEEDY\LOCALS~1\Temp\DTU653.tmp []
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
S3 irsir;Microsoft Serial Infrared Driver; C:\WINDOWS\system32\DRIVERS\irsir.sys [2001-08-17 18688]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys [2004-10-25 17664]
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2007-05-01 16816]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R2 avast! Firewall;avast! Firewall; C:\Program Files\Alwil Software\Avast5\afwServ.exe [2010-01-28 119200]
R2 DigiRefresh;Digidesign MME Refresh Service; C:\Program Files\Digidesign\Drivers\MMERefresh.exe [2008-12-03 77824]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
R2 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 97432]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-14 153376]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-06-26 126976]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2009-11-20 154216]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2007-05-01 109360]
R2 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2007-05-01 121648]
R2 vmount2;VMware Virtual Mount Manager Extended; C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe [2007-03-23 269104]
R2 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2007-05-01 150320]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-01-28 40384]
S2 FlexService;Remote Connections Service; C:\Program Files\RapidBIT\cisvc.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 digiSPTIService;digiSPTIService; C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe [2008-12-03 159744]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2007-04-09 187184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Caroprd111]

Doporučuji odinstalovat (pokud nepoužíváte) toolbary (lišty) v Přidat nebo odebrat programy.

Odinstalujte Garenu.

V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523


Stáhněte a uložte, nejlépe na plochu http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypněte všechny rezidentní bezpečnostní programy - firewally, antiviry, antispywary

Spusťte aplikaci pod účtem s oprávněním Administrátora (Správce), ihned po startu se zobrází stránka s licenčnímy podmínkami, pokračujte stisknutím tlačítka "Ano"

Dále postupujte dle pokynů, během scanu nespouštějte jiné aplikace a neklikejte do zobrazujícího se okna

Scan by měl trvat okolo 5 - 10 minut, po dokončení Combofix zobrazí log C:\ComboFix.txt , který sem vložte.

Během skenování může být počítač restartován.


Jsou s PC nějaké problémy

[SPEEDY7]

v tom avaste bylo napsano ze je intergrovany v nem

[Caroprd111]

To je, ale pouze v placené verzi

[SPEEDY7]

ten combofix nejak nejde zapl jsem ho a jenom tam byl ten prikazovej radek a ze se skenuje, kouknul jsem se po 10 minut a nic tam nebylo. ani jsem neslysel ze by mi nejak hucel harddisk ti skenovanim

[SPEEDY7]

jo a co byste mi doporucil za firewall

[Caroprd111]

Zkuste ComboFix přejmenovat třeba na cokoliv.com a spusťte ho v nouzovém režimu.

Jako firewall bych doporučil Zone Alarm.

[SPEEDY7]

v tom nouzovym rezimu to slo
takze tady log:

ComboFix 10-02-05.04 - SPEEDY . 02. 2010 15:58:11.1.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2047.1892 [GMT 1:00]
Spuštěný z: c:\documents and settings\SPEEDY\Plocha\ComboFix.exe
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Data aplikací\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Cheat Engine\dbk32.sys
c:\program files\ICQ6.5\ICQLRun.exe
c:\windows\system32\muzapp.exe
c:\windows\system32\Thumbs.db
c:\windows\system32\wl.exe

----- BITS: Možné infikované stránky -----

hxxp://armmf.adobe.com
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-08 do 2010-02-08 )))))))))))))))))))))))))))))))
.

2010-07-12 15:28 . 2006-10-18 01:53 147456 ------r- c:\windows\system32\RtlCPAPI.dll
2010-07-12 15:28 . 2006-12-08 14:20 10528768 ------r- c:\windows\system32\RTLCPL.exe
2010-07-12 15:28 . 2007-03-08 13:34 4027840 ----a-r- c:\windows\system32\drivers\ALCXWDM.SYS
2010-07-12 15:27 . 2010-07-12 15:27 -------- d-----w- c:\program files\Realtek Sound Manager
2010-07-12 15:27 . 2010-01-12 14:12 -------- d-----w- c:\program files\AvRack
2010-07-12 15:27 . 2006-07-31 10:27 217088 ----a-r- c:\windows\Alcrmv.exe
2010-07-12 15:27 . 2006-07-31 10:19 315392 ------r- c:\windows\alcupd.exe
2010-07-12 15:24 . 2008-08-20 16:35 453152 ----a-w- c:\windows\system32\nvusmb.exe
2010-07-12 14:57 . 2004-08-03 20:31 20992 -c--a-w- c:\windows\system32\dllcache\rtl8139.sys
2010-07-12 14:57 . 2004-08-03 20:31 20992 ----a-w- c:\windows\system32\drivers\RTL8139.sys
2010-02-06 18:23 . 2010-02-08 15:02 -------- d-----w- c:\program files\Cheat Engine
2010-02-06 18:23 . 2007-12-26 16:30 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-02-06 18:23 . 2007-12-26 16:30 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-02-06 15:22 . 2010-01-28 21:57 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-02-06 15:22 . 2010-01-28 21:57 163280 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-02-06 15:22 . 2010-01-28 21:54 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-02-06 15:22 . 2010-01-28 21:54 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-02-06 15:22 . 2010-01-28 21:54 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-02-06 15:22 . 2010-01-28 21:54 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-02-06 15:22 . 2010-01-28 21:53 28240 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-02-06 15:21 . 2010-01-28 22:09 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-02-06 15:21 . 2010-01-28 22:09 152672 ----a-w- c:\windows\system32\aswBoot.exe
2010-02-06 15:21 . 2010-02-06 15:21 -------- d-----w- c:\program files\Alwil Software
2010-02-05 20:04 . 2010-02-05 20:05 -------- d-----w- C:\3de4d3a8bc1bb03a5e9ac632a591
2010-02-05 19:41 . 2010-02-05 20:08 -------- d-----w- C:\299153df0e102c2fb38e
2010-02-05 18:12 . 2010-02-05 19:31 -------- d-----w- c:\program files\trend micro
2010-02-05 18:12 . 2010-02-05 18:13 -------- d-----w- C:\rsit
2010-02-03 17:24 . 2010-02-03 17:24 -------- d-----w- c:\program files\QuickTime
2010-02-03 17:23 . 2010-02-03 17:23 -------- d-----w- c:\program files\Apple Software Update
2010-02-03 16:59 . 2008-10-28 12:07 25152 ----a-w- c:\windows\system32\bassmidi.dll
2010-02-03 16:59 . 2008-04-02 11:26 25152 ----a-w- c:\windows\system32\bassflac.dll
2010-02-03 16:59 . 2008-10-28 13:00 98360 ----a-w- c:\windows\system32\bass.dll
2010-02-03 16:59 . 2004-06-17 13:19 155648 ----a-w- c:\windows\system32\ssleay32.dll
2010-02-03 16:59 . 2004-06-17 13:19 688128 ----a-w- c:\windows\system32\libeay32.dll
2010-02-03 16:59 . 2010-02-03 17:06 -------- d-----w- c:\program files\SCAR 3.22
2010-01-29 16:20 . 2010-01-30 14:47 -------- d-----w- c:\program files\Warcraft III
2010-01-28 20:00 . 2010-01-29 15:12 -------- d-----w- c:\program files\Valve
2010-01-28 16:35 . 2010-01-28 16:35 -------- d-----w- C:\Digidesign Databases
2010-01-28 16:14 . 2010-01-28 16:14 -------- d-----w- c:\program files\InterLok
2010-01-28 15:41 . 2010-01-28 21:19 -------- d-----w- c:\program files\SpeedFan
2010-01-24 16:30 . 2010-01-24 16:30 -------- d-----w- c:\program files\ASIO4ALL v2
2010-01-24 16:30 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll
2010-01-24 16:29 . 2010-01-24 16:29 -------- d-----w- c:\program files\Outsim
2010-01-24 16:28 . 2010-01-24 16:30 -------- d-----w- c:\program files\Image-Line
2010-01-24 13:43 . 2010-01-26 13:09 -------- d-----w- c:\program files\Common Files\BinarySense
2010-01-24 12:41 . 2001-05-16 16:54 309616 ----a-w- c:\windows\system32\wmv8dmod.dll
2010-01-24 12:41 . 2001-05-11 12:18 420240 ----a-w- c:\windows\system32\mpg4c32.dll
2010-01-22 20:17 . 2008-02-22 11:30 334792 ----a-w- c:\windows\system32\_AxShlEx.dll
2010-01-22 16:47 . 2010-01-22 16:59 -------- d-----w- c:\program files\Funcom
2010-01-21 14:25 . 2010-02-05 16:27 -------- d-----w- c:\program files\JDownloader
2010-01-20 15:52 . 2010-01-20 15:52 -------- d--h--w- c:\windows\PIF
2010-01-20 15:42 . 1998-02-13 13:30 143872 ----a-w- c:\windows\system32\iacenc.dll
2010-01-20 15:42 . 1997-11-06 11:53 27648 ----a-w- c:\windows\system32\ir50_lcs.dll
2010-01-20 15:42 . 1997-08-27 08:53 391168 ----a-w- c:\windows\system32\i263_32.drv
2010-01-20 15:42 . 1997-06-13 07:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2010-01-20 15:42 . 2010-01-20 15:42 -------- d-----w- c:\documents and settings\SPEEDY\WINDOWS
2010-01-20 15:39 . 2010-01-20 15:39 -------- d-----w- c:\documents and settings\SPEEDY\dwhelper
2010-01-20 13:15 . 2010-01-20 13:16 -------- d-----w- c:\program files\Universal Extractor
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\UC.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\RAR.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKZIP.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\PKUNZIP.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\NOCLOSE.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\LHA.PIF
2010-01-20 13:14 . 2008-08-08 06:04 545 ----a-w- c:\windows\ARJ.PIF
2010-01-17 17:14 . 2010-01-17 17:14 -------- d-----w- c:\windows\system32\wbem\Repository
2010-01-17 16:59 . 2010-01-28 16:33 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2010-01-17 16:41 . 2010-02-08 14:24 -------- d-----w- c:\program files\Digidesign
2010-01-17 16:41 . 2010-02-08 14:23 -------- d-----w- c:\program files\Common Files\Digidesign
2010-01-17 16:41 . 2007-10-30 23:03 1362460 ----a-w- c:\windows\system32\ExpansionHD_Firmware.bin
2010-01-17 16:38 . 2010-01-20 13:47 -------- d-----w- C:\totalcmd
2010-01-15 18:15 . 2010-01-25 15:36 -------- d-----w- C:\temp
2010-01-15 18:14 . 2005-05-18 10:52 1212416 ----a-w- c:\windows\system32\NCTAudioInformation2.dll
2010-01-15 18:14 . 2005-05-17 11:37 1986560 ----a-w- c:\windows\system32\NCTAudioFile2.dll
2010-01-15 18:14 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioRecord2.dll
2010-01-15 18:14 . 2005-04-25 12:01 458752 ----a-w- c:\windows\system32\NCTAudioPlayer2.dll
2010-01-15 18:14 . 2005-04-15 11:08 880640 ----a-w- c:\windows\system32\NCTAudioEditor2.dll
2010-01-15 18:14 . 2005-04-04 16:21 602112 ----a-w- c:\windows\system32\NCTAudioTransform2.dll
2010-01-15 18:14 . 2005-03-28 14:54 479232 ----a-w- c:\windows\system32\NCTAudioVisualization2.dll
2010-01-15 18:14 . 2005-03-28 14:52 417792 ----a-w- c:\windows\system32\NCTTextToAudio2.dll
2010-01-15 18:14 . 2005-02-24 10:51 348160 ----a-w- c:\windows\system32\NCTWMAFile2.dll
2010-01-15 18:14 . 2004-11-04 12:31 835584 ----a-w- c:\windows\system32\NCTAudioCDGrabber2.dll
2010-01-15 18:14 . 2010-01-15 18:14 -------- d-----w- c:\program files\Power Sound Editor Free
2010-01-15 14:23 . 2010-01-15 14:24 -------- d-----w- c:\program files\Common Files\COWON
2010-01-15 14:23 . 2010-02-07 10:04 -------- d-----w- c:\program files\JetAudio
2010-01-15 13:37 . 2010-01-15 13:37 -------- d-----w- c:\program files\Alcohol Soft
2010-01-15 13:35 . 2010-01-20 16:53 716272 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-15 13:14 . 2010-01-24 13:23 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-15 13:14 . 2010-01-24 13:23 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-15 13:14 . 2010-01-15 13:14 -------- d-----w- c:\program files\OpenAL
2010-01-14 17:42 . 2010-01-14 17:42 -------- d-----w- c:\program files\XPC Tools
2010-01-14 17:08 . 2010-01-14 17:16 -------- d-----w- c:\program files\Carambis
2010-01-14 16:28 . 2008-09-10 18:58 270336 ----a-r- c:\windows\system32\CMRMDRV3.exe
2010-01-14 16:28 . 2009-03-18 10:34 1512960 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-01-14 16:28 . 2007-02-26 19:30 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-01-14 16:27 . 2010-01-14 16:27 -------- d-----w- c:\program files\directx
2010-01-14 13:59 . 2008-09-11 10:10 278528 ----a-w- c:\windows\CmiPCIUninstall.exe
2010-01-14 13:59 . 2010-01-14 17:04 -------- d-----w- c:\program files\C-Media PCI Audio Device
2010-01-13 16:09 . 2010-01-13 16:09 -------- d-----w- c:\documents and settings\SPEEDY\NabÝdka Start
2010-01-13 16:08 . 2010-01-13 16:09 -------- d-----w- c:\program files\MediaCoder
2010-01-13 14:29 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-01-12 16:11 . 2010-01-12 16:11 -------- d-----w- c:\program files\Zoner
2010-01-12 15:22 . 2009-09-02 09:20 652 ----a-w- c:\windows\FIX.reg
2010-01-12 15:22 . 2008-11-01 12:23 280 ----a-w- c:\windows\reset.reg
2010-01-12 14:12 . 2010-01-24 15:47 -------- d-----w- c:\program files\Realtek AC97
2010-01-11 17:18 . 2010-01-12 12:53 -------- d-----w- c:\windows\NV504536.TMP
2010-01-11 17:16 . 2008-07-29 11:33 446464 ----a-w- c:\windows\system32\nvunrm.exe
2010-01-11 17:07 . 2010-01-11 17:10 -------- d-----w- c:\windows\NV2362756.TMP
2010-01-11 17:00 . 2010-01-11 17:00 -------- d-----w- c:\windows\system32\WinFast
2010-01-11 16:43 . 2007-02-25 14:36 383238 ----a-w- c:\windows\system32\libmp3lame-0.dll
2010-01-11 16:43 . 2006-11-01 13:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2010-01-11 16:43 . 2010-01-11 16:50 -------- d-----w- c:\program files\Flash FLV to Video Audio Converter
2010-01-11 16:38 . 2010-01-11 16:38 -------- d-----w- c:\program files\DVDVIDEOSOFT
2010-01-11 16:30 . 2010-01-11 16:30 -------- d-----w- c:\program files\YouTube Downloader
2010-01-09 18:14 . 2004-06-14 13:56 427864 ----a-w- c:\windows\system32\XceedZip.dll
2010-01-09 18:14 . 2010-01-09 18:14 -------- d-----w- c:\program files\Driver-Soft
2010-01-09 15:40 . 2005-05-03 10:43 69632 ------r- c:\windows\Alcmtr.exe
2010-01-09 15:32 . 2008-04-13 18:45 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys
2010-01-09 15:32 . 2008-04-13 18:45 10624 ----a-w- c:\windows\system32\drivers\gameenum.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-12 15:21 . 2009-12-14 17:27 33280 ----a-w- c:\windows\system32\NVCOI.DLL
2010-07-12 15:21 . 2009-12-14 17:27 289792 ----a-w- c:\windows\system32\idecoi.dll
2010-02-08 15:02 . 2010-02-06 18:23 -------- d-----w- c:\program files\Cheat Engine
2010-02-08 15:02 . 2009-12-16 16:37 -------- d-----w- c:\program files\ICQ6.5
2010-02-08 10:45 . 2009-12-20 18:38 -------- d-----w- c:\program files\Steam
2010-02-05 20:04 . 2006-03-02 12:00 79798 ----a-w- c:\windows\system32\perfc005.dat
2010-02-05 20:04 . 2006-03-02 12:00 433110 ----a-w- c:\windows\system32\perfh005.dat
2010-02-05 14:24 . 2009-12-14 17:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-03 16:52 . 2009-12-14 18:58 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-31 11:36 . 2009-12-15 14:04 -------- d-----w- c:\program files\Garena
2010-01-24 16:33 . 2009-12-26 13:05 -------- d-----w- c:\program files\VST
2010-01-14 11:03 . 2009-12-14 17:30 -------- d-----w- c:\program files\MSI
2010-01-14 11:02 . 2009-12-15 11:41 -------- d-----w- c:\program files\Setup Files
2010-01-09 15:40 . 2009-12-14 17:22 -------- d-----w- c:\program files\Realtek
2010-01-09 14:43 . 2010-01-09 14:43 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2009-12-27 16:54 . 2006-03-02 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2009-12-26 16:27 . 2009-12-26 16:01 -------- d-----w- c:\program files\ScreenVCR
2009-12-26 13:05 . 2009-12-26 13:05 -------- d-----w- c:\program files\Acoustica Mixcraft 4
2009-12-26 13:05 . 2009-12-26 13:05 -------- d-----w- c:\program files\Acoustica Shared Effects
2009-12-23 15:50 . 2009-12-23 15:50 0 ----a-w- c:\windows\system32\Access.dat
2009-12-23 13:20 . 2009-12-21 15:04 -------- d-----w- c:\program files\Microsoft Works
2009-12-21 19:08 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-21 15:21 . 2009-12-21 15:16 -------- d-----w- c:\program files\Canon
2009-12-21 15:20 . 2009-12-21 15:20 -------- d-----w- c:\program files\Common Files\CANON
2009-12-21 15:17 . 2009-12-21 15:17 -------- d--h--w- c:\program files\CanonBJ
2009-12-21 15:03 . 2009-12-21 15:03 -------- d-----w- c:\program files\Microsoft.NET
2009-12-21 14:40 . 2009-12-21 14:39 -------- d-----w- c:\program files\Guitar Pro 5
2009-12-21 10:44 . 2009-12-21 10:44 -------- d-----w- c:\program files\KeePass Password Safe
2009-12-20 18:08 . 2009-12-20 18:07 -------- d-----w- c:\program files\InstantMask 1.2
2009-12-19 19:00 . 2009-12-19 19:00 229208 ----a-w- c:\windows\system32\drivers\VMM.sys
2009-12-19 17:55 . 2009-12-19 17:55 -------- d-----w- c:\program files\Microsoft Virtual PC
2009-12-16 12:50 . 2009-12-16 12:50 -------- d-----w- c:\program files\VMware
2009-12-16 12:50 . 2009-12-16 12:50 -------- d-----w- c:\program files\Common Files\VMware
2009-12-16 11:04 . 2009-12-16 11:04 -------- d-----w- c:\program files\Electronic Arts
2009-12-16 10:09 . 2009-12-16 10:09 -------- d-----w- c:\program files\uTorrent
2009-12-16 08:56 . 2009-12-14 16:43 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-16 08:56 . 2009-12-14 16:43 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-16 08:54 . 2009-12-14 16:43 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-16 07:38 . 2009-12-16 07:38 -------- d-----w- c:\program files\MSBuild
2009-12-16 07:38 . 2009-12-16 07:38 -------- d-----w- c:\program files\Reference Assemblies
2009-12-15 20:13 . 2009-12-15 20:13 -------- d-----w- c:\program files\MSXML 6.0
2009-12-15 18:48 . 2009-12-15 18:48 -------- d-----w- c:\program files\SystemRequirementsLab
2009-12-15 15:45 . 2009-12-15 12:18 -------- d-----w- c:\program files\Audacity 1.3 Beta (Unicode)
2009-12-15 13:34 . 2009-12-15 13:34 -------- d-----w- c:\program files\7-Zip
2009-12-15 13:21 . 2009-12-15 13:21 -------- d-----w- c:\program files\SoundSpectrum
2009-12-15 13:21 . 2009-12-14 18:37 -------- d-----w- c:\program files\Winamp
2009-12-15 12:46 . 2009-12-15 12:46 -------- d-----w- c:\program files\MSXML 4.0
2009-12-15 12:09 . 2009-12-15 12:09 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-15 12:06 . 2009-12-15 12:06 -------- d-----w- c:\program files\OO Software
2009-12-15 12:05 . 2009-12-15 12:04 -------- d-----r- c:\program files\Skype
2009-12-15 12:04 . 2009-12-15 12:04 -------- d-----w- c:\program files\Common Files\Skype
2009-12-15 11:52 . 2009-12-15 11:52 -------- d-----w- c:\program files\CCleaner
2009-12-14 18:37 . 2009-12-14 18:37 -------- d-----w- c:\program files\Winamp Toolbar
2009-12-14 18:19 . 2009-12-14 18:19 -------- d-----w- c:\program files\ICQ6Toolbar
2009-12-14 17:59 . 2009-12-14 17:59 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-12-14 17:49 . 2009-12-14 17:49 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-14 17:46 . 2009-12-14 17:46 -------- d-----w- c:\program files\MarkAny
2009-12-14 17:46 . 2009-12-14 17:46 -------- d-----w- c:\program files\Samsung
2009-12-14 17:45 . 2009-12-14 17:45 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-14 17:45 . 2009-12-14 17:45 -------- d-----w- c:\program files\Java
2009-12-14 17:44 . 2009-12-14 17:44 0 ----a-w- c:\windows\nsreg.dat
2009-12-14 17:29 . 2009-12-14 17:29 -------- d-----w- c:\program files\NVIDIA Corporation
2009-12-14 17:28 . 2009-12-14 17:22 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-14 17:28 . 2009-12-14 17:28 -------- d-----w- c:\program files\DIFX
2009-12-14 16:44 . 2009-12-14 16:44 -------- d-----w- c:\program files\microsoft frontpage
2009-12-14 16:41 . 2009-12-14 16:41 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-21 16:03 . 2006-03-02 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-20 19:32 . 2009-11-20 19:32 278120 ----a-w- c:\windows\system32\nvmccs.dll
2009-11-19 20:42 . 2009-12-14 17:27 592488 ----a-w- c:\windows\system32\NVUNINST.EXE
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "c:\program files\Winamp Toolbar\winamptb.dll" [2009-05-06 1262888]

[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLTBSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-06-26 81920]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"Steam"="c:\program files\Steam\Steam.exe" [2009-12-20 1217808]
"ICQ"="c:\program files\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2010-01-22 4608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"reset"="regedit" [X]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
"SMSTray"="c:\program files\Samsung\EmoDio\SMSTray.exe" [2008-09-17 484880]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"vmware-tray"="c:\program files\VMware\VMware Workstation\vmware-tray.exe" [2007-05-01 68400]
"VMware hqtray"="c:\program files\VMware\VMware Workstation\hqtray.exe" [2007-05-01 56112]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-20 12669544]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-11-20 110184]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"C-Media Mixer"="Mixer.exe" [2002-10-15 1818624]
"DigidesignMMERefresh"="c:\program files\Digidesign\Drivers\MMERefresh.exe" [2008-12-03 77824]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
DualCoreCenter.lnk - c:\program files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe [2009-12-15 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"wave4"=Digi32.dll
"MIDI4"=diomidi.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5. 7. 2006 13:46 63352]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15. 1. 2010 14:35 716272]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6. 2. 2010 16:22 163280]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6. 2. 2010 16:22 19024]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\drivers\diginet.sys [28. 1. 2010 17:13 16400]
S2 FlexService;Remote Connections Service;"c:\program files\RapidBIT\cisvc.exe" --> c:\program files\RapidBIT\cisvc.exe [?]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [14. 12. 2009 19:19 222456]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\SPEEDY\LOCALS~1\Temp\DTU653.tmp --> c:\docume~1\SPEEDY\LOCALS~1\Temp\DTU653.tmp [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - PARPORT
.
Obsah adresáře 'Naplánované úlohy'

2010-02-04 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: &Winamp Search - c:\documents and settings\All Users\Data aplikací\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: com.tw\asia.msi
Trusted Zone: com.tw\global.msi
Trusted Zone: com.tw\www.msi
TCP: {D71164A3-5DC1-46BC-ABCB-DC2243017DCF} = 192.168.120.1
DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} - hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
FF - ProfilePath -
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-nwiz - nwiz.exe
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
MSConfigStartUp-CTFMON - (no file)
AddRemove-{9A4C35C5-8558-4837-A9BF-753AF9E3DA3E}_is1 - c:\program files\Instinkt\unins000.exe



**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\SPEEDY\LOCALS~1\Temp\DTU653.tmp"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="CFAC37703F0F218778958C21076EA2684E8DF901EA48561E7DC4DBBF0C338890E5DC8737D47A3B12EBFC08285117B3CB52BC764191FD0DE0AE51587726406BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6171C11EC38DE3DFEBC9E127BECC74CA9C6AECB7A5D14071A60E71FBBE4E4CB21F46BAEBC5BFCEC650333E1D02EFB74F250C8A516DC7F3CABE6E71D9854E7A0F90D38003768782952BC498F4856C1C880B5F1960E5EDB204A99EBFD85E8F7605F1DCC6E7A3FB9AE9A46C704F14D64A412B6458D627B55D5771047633C1854EDC6DE1A4641462DD7CB995B54B00A1EFC6BB04F893A5E918A4B298354C8DA2F4F3E50C636A0E7B124057867783C891BEADFC1CD6B90332B10EE84DD3A0E2FAFB062B3AB52FB131C39FA6282CC1FCAFD2BD850B477B6A9B0DD2188C4653E16F060E70FD7128C3A35DDF5A2F691B751D99E5483AC58CEF7A28C345E5E866416825116AC89CF625537FDD140C3ECB9A5394AE347109B52D4795A8DF182B45BB8E61AC79B39CB5EDC532AFE0E9A642AD11958ABCC6EB18B7E9C292975BEE9D30B15F6EB2C102A35D02D15831D6366E4E6691365860BF09BB56B7E135D5205D49E79C407F5E9EFF1335D987544374319F690ED5EAD5F1274BD37066FE332C7360AF009AE52D98BF18B6F2E8020E4AE499BE57BF73F15B2DEDF470BF205865923E6CF678FDE264967E2E277E78FEFC04C70B7F6A7798CD377E8D480E9822DC39DD15DADE700455FD6C92D37FDB40EF64C1347BAF6E0D85B2D2A0DFDB0E03575FAED53C80CD967E31BD135D6AAF7A9314928484A8140411344F6143ABA6A644062DFE1CC62D66DD1E29157606B03E1B214D7E4497B9FC1285429FD168D2CB1DCD2512C70E6A5EC89AD25E306CF4609A6554E397F27510A2B489D5511C4F5CB629B6F488EA8392FCD52299E197B74A41706BAD75C5F6A7D12603399538DDE115161EC4126CAC5B1467BC13F93A884707577CEC4EE90423337B04FBA2429BD970C9D7F965805C5257E2594F29022B2DA954A45F76CBD7477D5A15B1F74EFB1A6D81DDF3CEFA1F97165A3CC585048FC0630F5D7DF2EF9E049126EC3A254CA9ABB60014C975480E02ECF9A9983361027496145C5DD3170AC5C6FA57811F9399E06B33C0605151543A9F283ACFDC881372E2B5755C5965DBF98D62C6FAD3FCC276CC39853D26666AA65EAAD3CC1B6B8F9736F1F4B62A1924698973A9F2DA12BDF86E6B3FDC39D90E316B73A8441CE65FC8B77E1756D3CF4302C625B07BB44103B9E57FDD20FB74182253D9FC3DD064C949DF0BB211B74FC31D6CBEE26756B48EC38B43C2360513D5D3241A63BF171465804EA1BA4107939C2514E28816E8237EF8680854656AEDA8C8C716DB3C74F3F"
.
Celkový čas: 2010-02-08 16:03:46
ComboFix-quarantined-files.txt 2010-02-08 15:03

Před spuštěním: Volných bajtů: 86 980 329 472
Po spuštění: Volných bajtů: 86 955 425 792

- - End Of File - - 918375D877E7D19E45AB0B8FAB4EFA7F

[Caroprd111]

Pokud nemáte, přesuňte Combofix na plochu
-otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

Folder::
c:\program files\Cheat Engine
c:\program files\ICQ6Toolbar
c:\program files\Garena

Registry::
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"reset"=-
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]

Driver::
GarenaPEngine
ICQ Service

File::
c:\docume~1\SPEEDY\LOCALS~1\Temp\DTU653.tmp 
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\windows\reset.reg
c:\windows\FIX.reg

-uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
-po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:


-po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci


V logu nevidím firewall, doinstalujte Přehled: http://www.viry.cz/forum/viewtopic.php?f=41&t=6523

[SPEEDY7]

já ale garenu a cheat engine pouzivam.......

[Caroprd111]

Tyto programy jsou svinstvo a to tady na fóru nekompromisně mažme.

[riffman]

nelegalni software a nespoluprace s radcem