Prosím překontrolovat log

Zpráva

vg38 · #1 Příspěvek od **vg38** » 18 úno 2010 18:16

Logfile of random's system information tool 1.06 (written by random/random)
Run by pc at 2010-02-18 18:09:44
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 67 GB (14%) free of 477 GB
Total RAM: 3071 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:09, on 2010-02-18
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\werfault.exe
C:\Users\pc\Desktop\RSIT.exe
C:\Program Files\trend micro\pc.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe
O4 - Startup: Remote Control.lnk = C:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O15 - Trusted Zone: http://download.windowsupdate.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O20 - AppInit_DLLs: C:\Windows\system32\guard32.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: MgiSvr - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 7521 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000UA.job
C:\Windows\tasks\User_Feed_Synchronization-{BA0B0CFB-4AAE-49E7-8092-A836D42CB46A}.job
C:\Windows\tasks\WebReg HP Deskjet F2200 series.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - c:\program files\real\realplayer\rpbrowserrecordplugin.dll [2009-12-15 329312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2008-09-24 6335008]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2007-07-03 64000]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-12-03 98304]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-12-05 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-12-05 8530464]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-12-05 81920]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2008-09-24 1833504]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-12-15 198160]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-02-18 1800464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
"Center Agent"=C:\Program Files\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe [2009-08-18 1520128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Remote Control.lnk - C:\Program Files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-02-18 18:04:10 ----D---- C:\Program Files\trend micro
2010-02-18 18:04:05 ----D---- C:\rsit
2010-02-18 17:48:14 ----D---- C:\ProgramData\Comodo
2010-02-18 17:48:14 ----A---- C:\Windows\system32\guard32.dll
2010-02-18 17:47:51 ----D---- C:\Program Files\COMODO
2010-02-17 16:35:01 ----A---- C:\ComboFix.txt
2010-02-17 16:34:30 ----SHD---- C:\$RECYCLE.BIN
2010-02-17 16:27:00 ----A---- C:\Windows\MBR.exe
2010-02-17 16:26:59 ----A---- C:\Windows\PEV.exe
2010-02-17 16:26:51 ----D---- C:\ComboFix
2010-02-17 16:26:34 ----A---- C:\Windows\SWXCACLS.exe
2010-02-17 16:21:41 ----A---- C:\Windows\zip.exe
2010-02-17 16:21:41 ----A---- C:\Windows\SWSC.exe
2010-02-17 16:21:41 ----A---- C:\Windows\SWREG.exe
2010-02-17 16:21:41 ----A---- C:\Windows\sed.exe
2010-02-17 16:21:41 ----A---- C:\Windows\NIRCMD.exe
2010-02-17 16:21:41 ----A---- C:\Windows\grep.exe
2010-02-17 16:21:27 ----A---- C:\Windows\system32\CF11412.exe
2010-02-10 15:07:31 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-02-10 15:07:31 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-02-10 15:07:25 ----D---- C:\ProgramData\DVD Shrink
2010-02-10 15:07:23 ----D---- C:\Program Files\DVD Shrink
2010-02-10 15:07:22 ----A---- C:\Windows\system32\quartz.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\tsbyuv.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\msyuv.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\msvidc32.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\msvfw32.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\msrle32.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\mciavi32.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\iyuv_32.dll
2010-02-10 15:07:21 ----A---- C:\Windows\system32\avifil32.dll
2010-01-31 13:55:17 ----D---- C:\ProgramData\Codemasters
2010-01-31 13:48:54 ----A---- C:\Windows\system32\mkl_vml_p4.dll
2010-01-31 13:48:54 ----A---- C:\Windows\system32\mkl_vml_p3.dll
2010-01-31 13:48:54 ----A---- C:\Windows\system32\mkl_vml_def.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\mkl_p4.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\mkl_p3.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\mkl_lapack64.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\mkl_lapack32.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\mkl_def.dll
2010-01-31 13:48:53 ----A---- C:\Windows\system32\libguide40.dll
2010-01-31 13:48:52 ----A---- C:\Windows\system32\rapture3d_oal.dll
2010-01-31 13:48:51 ----D---- C:\Program Files\BRS
2010-01-31 13:48:35 ----RA---- C:\Windows\system32\tmp99E0.tmp
2010-01-31 13:48:35 ----D---- C:\Program Files\OpenAL
2010-01-31 13:47:12 ----RA---- C:\Windows\system32\tmp99A1.tmp
2010-01-31 12:41:40 ----D---- C:\Program Files\Codemasters
2010-01-30 18:59:15 ----D---- C:\My Music
2010-01-25 19:03:01 ----D---- C:\Program Files\Hamachi
2010-01-22 10:17:17 ----A---- C:\Windows\system32\mshtml.dll
2010-01-22 10:17:17 ----A---- C:\Windows\system32\ieframe.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\wininet.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\urlmon.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\occache.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\msfeeds.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\iertutil.dll
2010-01-22 10:17:16 ----A---- C:\Windows\system32\iedkcs32.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\msfeedssync.exe
2010-01-22 10:17:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\jsproxy.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\ieUnatt.exe
2010-01-22 10:17:15 ----A---- C:\Windows\system32\ieui.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\iesysprep.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\iesetup.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\iernonce.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\iepeers.dll
2010-01-22 10:17:15 ----A---- C:\Windows\system32\ie4uinit.exe

======List of files/folders modified in the last 1 months======

2010-02-18 18:09:46 ----D---- C:\Windows\temp
2010-02-18 18:04:42 ----D---- C:\Windows\Prefetch
2010-02-18 18:04:10 ----RD---- C:\Program Files
2010-02-18 18:01:07 ----SHD---- C:\System Volume Information
2010-02-18 17:55:35 ----AD---- C:\Windows
2010-02-18 17:51:02 ----D---- C:\Windows\system32\drivers
2010-02-18 17:51:01 ----D---- C:\Windows\system32\catroot
2010-02-18 17:51:01 ----D---- C:\Windows\inf
2010-02-18 17:48:14 ----D---- C:\ProgramData
2010-02-18 17:48:14 ----AD---- C:\Windows\System32
2010-02-18 16:27:41 ----D---- C:\ProgramData\TrackMania
2010-02-17 20:17:45 ----D---- C:\OutputFolder
2010-02-17 16:35:03 ----D---- C:\Qoobox
2010-02-17 16:33:03 ----A---- C:\Windows\system.ini
2010-02-17 16:30:18 ----D---- C:\Windows\AppPatch
2010-02-17 16:30:18 ----D---- C:\Program Files\Common Files
2010-02-17 16:21:27 ----D---- C:\Windows\system32\cs-CZ
2010-02-15 15:21:26 ----D---- C:\Windows\system32\catroot2
2010-02-12 18:51:58 ----D---- C:\Users\pc\AppData\Roaming\Hamachi
2010-02-10 18:32:29 ----D---- C:\Windows\winsxs
2010-02-10 18:18:36 ----D---- C:\Program Files\Windows Mail
2010-02-10 16:03:38 ----RD---- C:\moje
2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe
2010-01-31 13:48:59 ----SHD---- C:\Windows\Installer
2010-01-31 13:48:59 ----D---- C:\Config.Msi
2010-01-31 13:48:35 ----A---- C:\Windows\system32\wrap_oal.dll
2010-01-31 13:48:35 ----A---- C:\Windows\system32\OpenAL32.dll
2010-01-31 13:48:14 ----RSD---- C:\Windows\assembly
2010-01-31 12:41:38 ----HD---- C:\Program Files\InstallShield Installation Information
2010-01-27 18:00:29 ----D---- C:\Program Files\Internet Explorer
2010-01-22 11:59:48 ----D---- C:\Windows\system32\migration
2010-01-21 17:07:34 ----D---- C:\Program Files\Mozilla Firefox
2010-01-21 15:07:35 ----D---- C:\Program Files\Microsoft Silverlight

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-11-25 23120]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-09-15 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-02-18 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-02-18 29520]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-02-18 74328]
R1 PCLEPCI;PCLEPCI; \??\C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-09-15 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-09-15 53328]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R3 3xHybrid;3xHybrid service; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-10-16 945920]
R3 ARCSOFTVIRTUALCAPTURE;Magic-i Virtual Driver; C:\Windows\system32\DRIVERS\ArcSoftVirtualCapture.sys [2006-12-07 17024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-24 2171672]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-06-02 171008]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-05 8238720]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-09-02 176128]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-23 11776]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
S3 catchme;catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys []
S3 Dot4;Ovladač MS IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2007-09-07 27672]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-02-04 26224]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-01-25 25280]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2007-11-29 16896]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 PAC207;Webcam 1200; C:\Windows\system32\DRIVERS\PFC027.SYS [2007-06-29 611584]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\DRIVERS\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-09-06 721904]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-02-18 723632]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MgiSvr;MgiSvr; C:\Program Files\ArcSoft\Magic-i 3\uMgiSvr.exe [2006-11-13 76544]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2004-02-26 49152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

-----------------EOF-----------------

#2 Příspěvek od **Caroprd111** » 18 úno 2010 18:21

Zdravím

Na logu se pracuje, prosím o strpení.

#3 Příspěvek od **Caroprd111** » 18 úno 2010 18:49

Vyberte si jeden antivir, zbývající odinstalujte. (COMODO Internet Security také obsahuje antivir)

Obrázek

Vidím, že jste použil ComboFix, zkopírujte sem log, který se nachází v C:\ComboFix.txt

Nedoporučuji používat ComboFix z vlastní iniciativy, může dojít k poškození systému!

Stáhněte Ccleaner http://viry.cz/forum/viewtopic.php?t=7478
Nainstalujte a v průběhu instalace odškrtněte, že chcete instalovat yahoo toolbar.

Záložka Čistič
Dejte analyzovat, po dokončení dejte Spustit Ccleaner.

Záložka Registry
Klikněte na Hledej problémy, po dokončení klikněte na Opravit problémy, zálohu dělat nemusíte, potom dejte Opravit všechny problémy.
OK Zavřít

Jsou s PC nějaké problémy

vg38 · #4 Příspěvek od **vg38** » 18 úno 2010 18:59

ComboFix 10-02-16.03 - pc 2010-02-17 16:27:27.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.3071.2027 [GMT 1:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-17 do 2010-02-17 )))))))))))))))))))))))))))))))
.

2010-02-17 15:32 . 2010-02-17 15:32 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-17 15:32 . 2010-02-17 15:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-17 15:21 . 2010-02-17 15:21 318976 ----a-w- c:\windows\system32\CF11412.exe
2010-01-31 12:55 . 2010-01-31 12:55 -------- d-----w- c:\programdata\Codemasters
2010-01-31 12:48 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
2010-01-31 12:48 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
2010-01-31 12:48 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
2010-01-31 12:48 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
2010-01-31 12:48 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
2010-01-31 12:48 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
2010-01-31 12:48 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
2010-01-31 12:48 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
2010-01-31 12:48 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll
2010-01-31 12:48 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2010-01-31 12:48 . 2010-01-31 12:48 -------- d-----w- c:\program files\BRS
2010-01-31 12:48 . 2010-01-31 12:48 -------- d-----w- c:\program files\OpenAL
2010-01-31 11:41 . 2010-01-31 11:41 -------- d-----w- c:\program files\Codemasters
2010-01-30 17:59 . 2010-01-30 17:59 -------- d-----w- C:\My Music
2010-01-25 18:03 . 2010-01-25 18:03 -------- d-----w- c:\program files\Hamachi
2010-01-25 18:03 . 2010-01-25 18:03 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-01-21 16:07 . 2010-02-17 15:33 -------- d-----w- c:\users\pc\AppData\Local\temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-17 13:43 . 2009-04-09 15:53 -------- d-----w- c:\programdata\TrackMania
2010-02-12 17:51 . 2008-12-06 15:33 -------- d-----w- c:\users\pc\AppData\Roaming\Hamachi
2010-02-10 17:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 14:12 . 2010-02-10 14:07 -------- d-----w- c:\programdata\DVD Shrink
2010-02-10 14:07 . 2010-02-10 14:07 -------- d-----w- c:\program files\DVD Shrink
2010-01-31 12:48 . 2008-11-15 15:33 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-31 12:48 . 2008-11-15 15:33 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-31 11:41 . 2008-09-16 10:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-21 14:07 . 2008-09-16 11:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 20:02 . 2009-03-24 15:26 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 10:12 . 2009-10-02 16:01 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-04 14:41 . 2008-01-21 06:46 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-01-04 14:41 . 2008-01-21 06:46 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-01-02 18:06 . 2010-01-02 18:06 40960 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\NewShortcut4_D33F3E208B034FD29F4D3753C315F5C4.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\TcwDeluxeDesktop150_3A5F46808B454D84B9EE89CFE2E40650.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\TcwDeluxe150_3A5F46808B454D84B9EE89CFE2E40650.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\ARPPRODUCTICONDesigner.exe
2010-01-02 18:05 . 2010-01-02 18:05 -------- d-----w- c:\programdata\IMSIDesign
2010-01-02 18:05 . 2010-01-02 18:05 -------- d-----w- c:\program files\IMSIDesign
2010-01-02 18:04 . 2010-01-02 18:04 -------- d-----w- c:\users\pc\AppData\Roaming\IMSIDesign
2010-01-02 18:03 . 2010-01-02 18:03 -------- d-----w- c:\program files\TurboCAD Designer 15 Setup
2010-01-02 15:54 . 2010-01-02 15:54 -------- d-----w- c:\program files\EAGLE-5.6.0
2010-01-02 15:54 . 2010-01-02 15:54 -------- d-----w- c:\users\pc\AppData\Roaming\CadSoft
2010-01-02 15:19 . 2010-01-02 15:19 -------- d-----w- c:\users\pc\AppData\Roaming\progeSOFT
2010-01-02 15:19 . 2010-01-02 15:19 -------- d-----w- c:\programdata\progeSOFT
2010-01-02 15:17 . 2010-01-02 15:17 -------- d-----w- c:\program files\progeSOFT
2010-01-02 06:38 . 2010-01-22 09:17 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 09:17 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 09:17 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 09:17 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-23 15:56 . 2009-12-23 15:52 -------- d-----w- c:\program files\FlatOut2
2009-12-11 17:21 . 2009-11-27 17:21 439816 ----a-w- c:\users\pc\AppData\Roaming\Real\Update\setup3.09\setup.exe
2009-12-11 11:43 . 2010-02-10 14:07 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 14:07 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 14:07 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 14:07 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 14:07 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 14:07 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-07 18:05 . 2009-05-17 19:20 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-04 18:30 . 2010-02-10 14:07 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 14:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 14:07 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 14:07 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 14:07 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 14:07 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 14:07 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 14:07 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 14:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 14:07 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 14:07 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-04 14:26 . 2008-11-13 09:10 122920 ----a-w- c:\users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-24 23:54 . 2009-06-05 19:31 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:49 . 2009-06-05 19:32 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-06-05 19:32 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-06-05 19:32 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-22 18:55 . 2009-11-22 16:53 78179 ----a-w- c:\windows\hpqins05.dat
.

Kód: Vybrat vše

<pre>
c:\windows\ConfigSetRoot\Nero 7 + keygen by Cweb\__INCOMPLETE__Nero-7.2.3.2b-ENG .exe
</pre>

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-09-24 6335008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-03 98304]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-05 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-09-24 1833504]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-15 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Remote Control.lnk - c:\program files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe [2008-11-26 77824]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f3,bf,22,a8,7d,fa,c9,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-06-05 114768]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-17 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-06-05 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-06-05 53328]
R3 3xHybrid;3xHybrid service;c:\windows\System32\drivers\3xHybrid.sys [2008-11-20 945920]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-10-16 26224]
S3 PAC207;Webcam 1200;c:\windows\System32\drivers\PFC027.SYS [2008-11-20 611584]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [2009-09-06 721904]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000Core.job
- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-12 22:01]

2010-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000UA.job
- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-12 22:01]

2010-02-17 c:\windows\Tasks\User_Feed_Synchronization-{BA0B0CFB-4AAE-49E7-8092-A836D42CB46A}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]

2008-11-28 c:\windows\Tasks\WebReg HP Deskjet F2200 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-10-14 19:40]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\update
Trusted Zone: windowsupdate.com\download
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\2r4lqdlx.default\
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft Silverlight\3.0.50106.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\users\pc\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 16:33
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2010-02-17 16:35:01
ComboFix-quarantined-files.txt 2010-02-17 15:34
ComboFix2.txt 2010-01-21 16:07
ComboFix3.txt 2009-10-23 12:01
ComboFix4.txt 2008-12-09 14:37

Před spuštěním: Volných bajtů: 66,096,816,128
Po spuštění: Volných bajtů: 66,478,145,536

- - End Of File - - 463A8FDFDE1DA1D015F93AD5149142C2

jediný problém je, že se při startu tak na minutu objeví jenom černá obrazovka, pak se všechno normálně rozjede

#5 Příspěvek od **Caroprd111** » 18 úno 2010 19:10

Stáhněte na plochu CKScanner http://downloads.malwareremoval.com/CKScanner.exe

Spusťte a klikněte na "Search For Files", po dokončení skenu klikněte na "Save List to File" -> "OK"
Log s názvem ckfiles.txt bude uložený na ploše, obsah tohoto souboru sem vložte.

vg38 · #6 Příspěvek od **vg38** » 18 úno 2010 19:14

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\pinnacle\studio 10\plugins\rtfx\3dserver\filtersplus3d\crackedslab3d.xml
c:\program files\pinnacle\studio 10\plugins\rtfx\studioxml\rtfx volume 2\crackedslab-gpu.xml
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetail.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetail.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-5769-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetailcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_2\rashaderstmbasedetaildirtcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetail.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackparallaxdetailshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetailcrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrack.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncracklightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetail.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatest.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestlightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailalphatestshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmap.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetaillightmapshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackparallaxdetailshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackndetailncrackshadow.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackpointlight.cfx
c:\users\pc\documents\battlefield 2\mods\bf2\cache\{d7b71e3e-4761-11cf-db6c-6b2901c2ca35}_2442_3\rashaderstmbasedetaildirtcrackshadow.cfx
c:\windows\configsetroot\bs player pro v2.12.942 pro + keygen\bsplayer_pro212.941.exe
c:\windows\configsetroot\nero 7 + keygen by cweb\__incomplete__nero-7.2.3.2b-eng .exe
c:\windows\configsetroot\nero 7 + keygen by cweb\__incomplete__nero_7_keygen.exe
c:\windows\configsetroot\nero 7 + keygen by cweb\__incomplete__ukb.txt
c:\windows\configsetroot\pdvd6\key\keygen.nfo
scanner sequence 3.ZZ.11
----- EOF -----

#7 Příspěvek od **Caroprd111** » 18 úno 2010 19:27

Pokud nemáte, přesuňte Combofix na plochu

otevřete si Poznámkový blok a zkopírujte do něj text z bílého okénka.

Kód: Vybrat vše

Folder::
c:\windows\configsetroot\nero 7 + keygen by cweb
c:\windows\configsetroot\pdvd6\key

uložte Vámi vytvořený TXT soubor jako CFScript.txt na plochu
po uložení uchopte vámi vytvořený skript levým myšítkem a přesuňte ho nad ikonu Combofixu, kde ho upustíte:
po aplikaci na Vás vypadne další log,vložte ho sem

Může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou, v tom případě znovu restartujte a přitom mačkejte F8, pak zvolte Poslední známou funkční konfiguraci

vg38 · #8 Příspěvek od **vg38** » 18 úno 2010 19:48

ComboFix 10-02-18.03 - pc 2010-02-18 19:33:14.7.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.1.1029.18.3071.1865 [GMT 1:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pc\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\configsetroot\nero 7 + keygen by cweb
c:\windows\configsetroot\nero 7 + keygen by cweb\__INCOMPLETE__Nero-7.2.3.2b-ENG .exe
c:\windows\configsetroot\nero 7 + keygen by cweb\__INCOMPLETE__Nero_7_Keygen.exe
c:\windows\configsetroot\nero 7 + keygen by cweb\__INCOMPLETE__Ukb.txt
c:\windows\configsetroot\pdvd6\key
c:\windows\configsetroot\pdvd6\key\file_id.diz
c:\windows\configsetroot\pdvd6\key\keygen.nfo
c:\windows\configsetroot\pdvd6\key\Paradox.nfo
c:\windows\configsetroot\pdvd6\key\pdx-cpd6.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-01-18 do 2010-02-18 )))))))))))))))))))))))))))))))
.

2010-02-18 18:41 . 2010-02-18 18:41 -------- d-----w- c:\users\pc\AppData\Local\temp
2010-02-18 18:41 . 2010-02-18 18:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-18 18:41 . 2010-02-18 18:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-18 17:04 . 2010-02-18 17:09 -------- d-----w- c:\program files\trend micro
2010-02-18 17:04 . 2010-02-18 17:04 -------- d-----w- C:\rsit
2010-02-18 16:48 . 2010-02-18 16:53 -------- d-----w- c:\programdata\Comodo
2010-02-18 16:48 . 2010-02-18 16:47 74328 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-02-18 16:48 . 2010-02-18 16:47 171552 ----a-w- c:\windows\system32\guard32.dll
2010-02-18 16:48 . 2010-02-18 16:47 29520 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-02-18 16:48 . 2010-02-18 16:47 130960 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2010-02-18 16:47 . 2010-02-18 16:47 -------- d-----w- c:\program files\COMODO
2010-02-17 15:21 . 2010-02-17 15:21 318976 ----a-w- c:\windows\system32\CF11412.exe
2010-01-31 12:55 . 2010-01-31 12:55 -------- d-----w- c:\programdata\Codemasters
2010-01-31 12:48 . 2009-07-13 18:04 839680 ----a-w- c:\windows\system32\mkl_vml_p4.dll
2010-01-31 12:48 . 2009-07-13 18:04 532480 ----a-w- c:\windows\system32\mkl_vml_p3.dll
2010-01-31 12:48 . 2009-07-13 18:04 512000 ----a-w- c:\windows\system32\mkl_vml_def.dll
2010-01-31 12:48 . 2009-07-13 18:04 3485696 ----a-w- c:\windows\system32\mkl_p4.dll
2010-01-31 12:48 . 2009-07-13 18:04 2793472 ----a-w- c:\windows\system32\mkl_p3.dll
2010-01-31 12:48 . 2009-07-13 18:04 2441216 ----a-w- c:\windows\system32\mkl_def.dll
2010-01-31 12:48 . 2009-07-13 18:04 2174976 ----a-w- c:\windows\system32\mkl_lapack32.dll
2010-01-31 12:48 . 2009-07-13 18:04 2125824 ----a-w- c:\windows\system32\mkl_lapack64.dll
2010-01-31 12:48 . 2009-07-13 18:04 184320 ----a-w- c:\windows\system32\libguide40.dll
2010-01-31 12:48 . 2009-10-16 10:19 872448 ----a-w- c:\windows\system32\rapture3d_oal.dll
2010-01-31 12:48 . 2010-01-31 12:48 -------- d-----w- c:\program files\BRS
2010-01-31 12:48 . 2010-01-31 12:48 -------- d-----w- c:\program files\OpenAL
2010-01-31 11:41 . 2010-01-31 11:41 -------- d-----w- c:\program files\Codemasters
2010-01-30 17:59 . 2010-01-30 17:59 -------- d-----w- C:\My Music
2010-01-25 18:03 . 2010-01-25 18:03 -------- d-----w- c:\program files\Hamachi
2010-01-25 18:03 . 2010-01-25 18:03 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 15:27 . 2009-04-09 15:53 -------- d-----w- c:\programdata\TrackMania
2010-02-12 17:51 . 2008-12-06 15:33 -------- d-----w- c:\users\pc\AppData\Roaming\Hamachi
2010-02-10 17:18 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 14:12 . 2010-02-10 14:07 -------- d-----w- c:\programdata\DVD Shrink
2010-02-10 14:07 . 2010-02-10 14:07 -------- d-----w- c:\program files\DVD Shrink
2010-01-31 12:48 . 2008-11-15 15:33 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-01-31 12:48 . 2008-11-15 15:33 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-01-31 11:41 . 2008-09-16 10:50 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-21 14:07 . 2008-09-16 11:04 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-14 20:02 . 2009-03-24 15:26 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-14 10:12 . 2009-10-02 16:01 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-04 14:41 . 2008-01-21 06:46 598594 ----a-w- c:\windows\system32\perfh005.dat
2010-01-04 14:41 . 2008-01-21 06:46 114786 ----a-w- c:\windows\system32\perfc005.dat
2010-01-02 18:06 . 2010-01-02 18:06 40960 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\NewShortcut4_D33F3E208B034FD29F4D3753C315F5C4.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\TcwDeluxeDesktop150_3A5F46808B454D84B9EE89CFE2E40650.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\TcwDeluxe150_3A5F46808B454D84B9EE89CFE2E40650.exe
2010-01-02 18:06 . 2010-01-02 18:06 278528 ----a-r- c:\users\pc\AppData\Roaming\Microsoft\Installer\{330DED45-0E5A-4092-8127-F643B5E7913C}\ARPPRODUCTICONDesigner.exe
2010-01-02 18:05 . 2010-01-02 18:05 -------- d-----w- c:\programdata\IMSIDesign
2010-01-02 18:05 . 2010-01-02 18:05 -------- d-----w- c:\program files\IMSIDesign
2010-01-02 18:04 . 2010-01-02 18:04 -------- d-----w- c:\users\pc\AppData\Roaming\IMSIDesign
2010-01-02 18:03 . 2010-01-02 18:03 -------- d-----w- c:\program files\TurboCAD Designer 15 Setup
2010-01-02 15:54 . 2010-01-02 15:54 -------- d-----w- c:\program files\EAGLE-5.6.0
2010-01-02 15:54 . 2010-01-02 15:54 -------- d-----w- c:\users\pc\AppData\Roaming\CadSoft
2010-01-02 15:19 . 2010-01-02 15:19 -------- d-----w- c:\users\pc\AppData\Roaming\progeSOFT
2010-01-02 15:19 . 2010-01-02 15:19 -------- d-----w- c:\programdata\progeSOFT
2010-01-02 15:17 . 2010-01-02 15:17 -------- d-----w- c:\program files\progeSOFT
2010-01-02 06:38 . 2010-01-22 09:17 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 09:17 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 09:17 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 09:17 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-23 15:56 . 2009-12-23 15:52 -------- d-----w- c:\program files\FlatOut2
2009-12-11 17:21 . 2009-11-27 17:21 439816 ----a-w- c:\users\pc\AppData\Roaming\Real\Update\setup3.09\setup.exe
2009-12-11 11:43 . 2010-02-10 14:07 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 11:43 . 2010-02-10 14:07 98816 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:01 . 2010-02-10 14:07 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 20:01 . 2010-02-10 14:07 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:01 . 2010-02-10 14:07 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 17:26 . 2010-02-10 14:07 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-12-07 18:05 . 2009-05-17 19:20 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-04 18:30 . 2010-02-10 14:07 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-04 18:29 . 2010-02-10 14:07 1314816 ----a-w- c:\windows\system32\quartz.dll
2009-12-04 18:28 . 2010-02-10 14:07 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-04 18:28 . 2010-02-10 14:07 31744 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-04 18:28 . 2010-02-10 14:07 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-04 18:28 . 2010-02-10 14:07 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-04 18:28 . 2010-02-10 14:07 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-04 18:28 . 2010-02-10 14:07 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-04 18:27 . 2010-02-10 14:07 91136 ----a-w- c:\windows\system32\avifil32.dll
2009-12-04 15:56 . 2010-02-10 14:07 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-12-04 15:56 . 2010-02-10 14:07 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-04 14:26 . 2008-11-13 09:10 122920 ----a-w- c:\users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2009-11-30 17:02 . 2009-11-30 17:02 171144 ----a-w- c:\windows\system32\xliveinstall.dll
2009-11-30 17:02 . 2009-11-30 17:02 72840 ----a-w- c:\windows\system32\xliveinstallhost.exe
2009-11-24 23:54 . 2009-06-05 19:31 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 23:49 . 2009-06-05 19:32 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2009-06-05 19:32 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2009-06-05 19:32 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-22 18:55 . 2009-11-22 16:53 78179 ----a-w- c:\windows\hpqins05.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Center Agent"="c:\program files\KWorld Multimedia\HyperMedia\DTVR\Scheduled.exe" [2009-08-18 1520128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-09-24 6335008]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2007-07-03 64000]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-12-03 98304]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-12-05 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-09-24 1833504]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-15 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-02-18 1800464]

c:\users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Remote Control.lnk - c:\program files\KWorld Multimedia\TV Tuner Card Utilities\HMCP3XCtl.exe [2008-11-26 77824]
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f3,bf,22,a8,7d,fa,c9,01

R1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-06-05 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [2010-02-18 130960]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [2010-02-18 29520]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-05-17 108289]
R2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-06-05 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-06-05 53328]
R3 3xHybrid;3xHybrid service;c:\windows\System32\drivers\3xHybrid.sys [2008-11-20 945920]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2009-10-16 26224]
S3 PAC207;Webcam 1200;c:\windows\System32\drivers\PFC027.SYS [2008-11-20 611584]
S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [2009-09-06 721904]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - CMDGUARD
*NewlyCreated* - CMDHLP

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'

2010-01-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000Core.job
- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-12 22:01]

2010-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-672602829-956867591-2749669852-1000UA.job
- c:\users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-12 22:01]

2010-02-18 c:\windows\Tasks\User_Feed_Synchronization-{BA0B0CFB-4AAE-49E7-8092-A836D42CB46A}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]

2008-11-28 c:\windows\Tasks\WebReg HP Deskjet F2200 series.job
- c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2007-10-14 19:40]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\update
Trusted Zone: windowsupdate.com\download
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\2r4lqdlx.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - http://www.google.com/search?ie=UTF-8&o ... =navclient& gfns=1&q=
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\Microsoft Silverlight\3.0.50106.0\npctrl.1.0.20926.0.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\users\pc\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 19:41
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(744)
c:\windows\system32\guard32.dll
.
Celkový čas: 2010-02-18 19:43:55
ComboFix-quarantined-files.txt 2010-02-18 18:43
ComboFix2.txt 2010-02-17 15:35
ComboFix3.txt 2010-01-21 16:07
ComboFix4.txt 2009-10-23 12:01
ComboFix5.txt 2010-02-18 18:32

Před spuštěním: Volných bajtů: 68,053,897,216
Po spuštění: Volných bajtů: 68,035,919,872

- - End Of File - - F9843DB9655748CC6CD4A0A89D226F8C

#9 Příspěvek od **Caroprd111** » 18 úno 2010 19:50

Stahněte MBAM http://www.viry.cz/forum/viewtopic.php?f=29&t=67229

Podle návodu v odkazu nainstalujte, poté dejte úplný sken.
Nic nemažte MBAM má občas falešné detekce a mohl by smazat např. systémové soubory.
Log vložte sem.

vg38 · #10 Příspěvek od **vg38** » 18 úno 2010 21:01

Malwarebytes' Anti-Malware 1.44
Verze databáze: 3756
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

2010-02-18 21:00:58
mbam-log-2010-02-18 (21-00-58).txt

Typ kontroly: Kompletní kontrola (C:\|)
Zkontrolované objekty: 343013
Uplynulý čas: 1 hour(s), 1 minute(s), 32 second(s)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované adresáře: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované moduly v paměti:
(Nebyly nalezeny žádné škodlivé položky)

Infikované klíče registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované hodnoty registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované datové položky registru:
(Nebyly nalezeny žádné škodlivé položky)

Infikované adresáře:
(Nebyly nalezeny žádné škodlivé položky)

Infikované soubory:
(Nebyly nalezeny žádné škodlivé položky)

#11 Příspěvek od **Caroprd111** » 18 úno 2010 21:16

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

vg38 · #12 Příspěvek od **vg38** » 18 úno 2010 21:26

první část, druhá bude za chvílu

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-02-18 21:18:29
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\pc\AppData\Local\Temp\pxldapoc.sys

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Ip cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

---- EOF - GMER 1.0.15 ----

#13 Příspěvek od **Caroprd111** » 18 úno 2010 21:27

vg38 · #14 Příspěvek od **vg38** » 18 úno 2010 23:01

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-18 23:00:48
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\pc\AppData\Local\Temp\pxldapoc.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAdjustPrivilegesToken [0x8F66DF8E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcConnectPort [0x8F66EF5C]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwAlpcCreatePort [0x8F66E174]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwConnectPort [0x8F66D3FA]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateFile [0x8F66DBF4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreatePort [0x8F66D2DC]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSection [0x8F66DA82]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateSymbolicLinkObject [0x8F66EC16]
SSDT 9BD9EE5C ZwCreateThread
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwDuplicateObject [0x8F66CCD4]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwLoadDriver [0x8F66E898]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwMakeTemporaryObject [0x8F66D67E]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenFile [0x8F66DDD0]
SSDT 9BD9EE48 ZwOpenProcess
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwOpenSection [0x8F66D90E]
SSDT 9BD9EE4D ZwOpenThread
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwRequestWaitReplyPort [0x8F66F3C6]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSecureConnectPort [0x8F66E634]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSetSystemInformation [0x8F66EA46]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwShutdownSystem [0x8F66D618]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwSystemDebugControl [0x8F66D802]
SSDT 9BD9EE57 ZwTerminateProcess
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwTerminateThread [0x8F66D074]
SSDT \SystemRoot\System32\DRIVERS\cmdguard.sys (COMODO Internet Security Sandbox Driver/COMODO) ZwCreateThreadEx [0x8F66E280]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 119 822E487C 4 Bytes [8E, DF, 66, 8F]
.text ntkrnlpa.exe!KeSetEvent + 13D 822E48A0 8 Bytes [5C, EF, 66, 8F, 74, E1, 66, ...]
.text ntkrnlpa.exe!KeSetEvent + 1C1 822E4924 4 Bytes [FA, D3, 66, 8F] {CLI ; SHL DWORD [ESI-0x71], CL}
.text ntkrnlpa.exe!KeSetEvent + 1D9 822E493C 4 Bytes [F4, DB, 66, 8F]
.text ntkrnlpa.exe!KeSetEvent + 205 822E4968 4 Bytes [DC, D2, 66, 8F]
.text ...
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8E802340, 0x39DB57, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1084] ntdll.dll!NtAllocateVirtualMemory 76FB4134 5 Bytes JMP 0040FD50 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO Internet Security/COMODO)
.text C:\Program Files\COMODO\COMODO Internet Security\cfp.exe[3812] ntdll.dll!NtAllocateVirtualMemory 76FB4134 5 Bytes JMP 0050E060 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO Internet Security/COMODO)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\services.exe[664] @ C:\Windows\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 001F0002
IAT C:\Windows\system32\services.exe[664] @ C:\Windows\system32\services.exe [KERNEL32.dll!CreateProcessW] 001F0000
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73D07817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73D5A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73D0BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73CFF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73D075E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73CFE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73D38395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73D0DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73CFFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73CFFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73CF71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73D8CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73D2C8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73CFD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73CF6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73CF687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[2120] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73D02AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\Udp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)
AttachedDevice \Driver\tdx \Device\RawIp cmdhlp.sys (COMODO Internet Security Helper Driver/COMODO)

Device \FileSystem\cdfs \Cdfs A01B805C

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD7 0xE5 0xAE 0x28 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB0 0x72 0x9D 0xDE ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x30 0x99 0xEB 0xB0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xD7 0xE5 0xAE 0x28 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB0 0x72 0x9D 0xDE ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x30 0x99 0xEB 0xB0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0x2E 0xE8 0xE1 0x00 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x46 0x47 0x15 0xB0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xDF 0x20 0x58 0x62 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0xFB 0xA7 0x78 0xE6 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x01 0x3A 0x48 0xFC ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xF6 0x0F 0x4E 0x58 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0xE3 0x0E 0x66 0xD5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\Windows\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- EOF - GMER 1.0.15 ----

#15 Příspěvek od **Caroprd111** » 19 úno 2010 06:26

Pokračujte podle návodu http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

VIRY.CZ

Prosím překontrolovat log

Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log

Re: Prosím překontrolovat log