Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Zpráva

frantax · #1 Příspěvek od **frantax** » 18 úno 2010 21:30

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-02-18 21:27:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 8 GB (10%) free of 76 GB
Total RAM: 2559 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:41, on 18.2.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.4\System32\smss.exe
C:\WINDOWS.4\system32\winlogon.exe
C:\WINDOWS.4\system32\services.exe
C:\WINDOWS.4\system32\lsass.exe
C:\WINDOWS.4\system32\Ati2evxx.exe
C:\WINDOWS.4\system32\svchost.exe
C:\WINDOWS.4\System32\svchost.exe
C:\WINDOWS.4\system32\Ati2evxx.exe
C:\WINDOWS.4\Explorer.EXE
C:\WINDOWS.4\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS.4\system32\ctfmon.exe
C:\WINDOWS.4\system32\PnkBstrA.exe
C:\WINDOWS.4\system32\PnkBstrB.exe
C:\Program Files\QIP Infium JadrisPack2\infium.exe
C:\Documents and Settings\Franta\Dokumenty\CHROME\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS.4\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.4\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.4\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5146903593
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C16D198-46F4-4131-8601-7085F9F73969}: NameServer = 62.84.128.6,62.84.132.6
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.4\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.4\system32\ati2sgag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS.4\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS.4\system32\PnkBstrB.exe

--
End of file - 4149 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll [2010-02-04 1160704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2006-11-27 1582616]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"MSConfig"=C:\WINDOWS.4\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS.4\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"idsvc"=3
"gupdate"=2
"JavaQuickStarterService"=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS.4\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.4\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\WINDOWS.4\system32\sessmgr.exe"="C:\WINDOWS.4\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-02-18 21:24:39 ----D---- C:\rsit
2010-02-14 20:28:47 ----HDC---- C:\WINDOWS.4\$NtUninstallKB977165$
2010-02-14 19:52:05 ----D---- C:\Program Files\JRE
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\javaws.exe
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\javaw.exe
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\java.exe
2010-02-14 15:26:38 ----A---- C:\WINDOWS.4\system32\PnkBstrB.exe
2010-02-14 15:24:26 ----A---- C:\WINDOWS.4\system32\PnkBstrA.exe
2010-02-14 09:41:47 ----A---- C:\WINDOWS.4\d3xp.ini
2010-02-14 09:36:11 ----A---- C:\WINDOWS.4\doom3.ini
2010-02-14 09:32:37 ----D---- C:\Program Files\Doom 3
2010-02-13 15:15:27 ----D---- C:\Program Files\BfSV
2010-02-12 21:37:30 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\VitySoft
2010-02-12 19:13:37 ----D---- C:\Program Files\QIP Infium JadrisPack2
2010-02-12 18:47:50 ----HDC---- C:\WINDOWS.4\$NtUninstallKB978262$
2010-02-12 18:47:45 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971468$
2010-02-12 18:47:40 ----HDC---- C:\WINDOWS.4\$NtUninstallKB978037$
2010-02-12 18:47:34 ----HDC---- C:\WINDOWS.4\$NtUninstallKB975713$
2010-02-12 18:47:30 ----HDC---- C:\WINDOWS.4\$NtUninstallKB978251$
2010-02-12 18:47:24 ----HDC---- C:\WINDOWS.4\$NtUninstallKB975560$
2010-02-12 18:47:17 ----HDC---- C:\WINDOWS.4\$NtUninstallKB977914$
2010-02-12 18:47:07 ----HDC---- C:\WINDOWS.4\$NtUninstallKB978706$
2010-02-05 03:35:20 ----D---- C:\Program Files\Fraps
2010-02-05 03:33:54 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\TEMP
2010-02-05 02:27:34 ----D---- C:\Program Files\EA GAMES
2010-02-05 02:27:34 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\InstallShield Installation Information
2010-02-04 21:49:30 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Spybot - Search & Destroy
2010-02-04 21:37:31 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\ATI
2010-02-04 21:37:31 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\ATI
2010-02-04 14:10:08 ----D---- C:\Program Files\Google
2010-02-03 22:49:52 ----A---- C:\WINDOWS.4\system32\wmpns.dll
2010-02-03 21:55:37 ----HDC---- C:\WINDOWS.4\$NtUninstallKB970430$
2010-02-03 21:55:28 ----HDC---- C:\WINDOWS.4\$NtUninstallKB951978$
2010-02-03 21:55:09 ----HDC---- C:\WINDOWS.4\$NtUninstallKB968816_WM9$
2010-02-03 21:54:42 ----HDC---- C:\WINDOWS.4\$NtUninstallKB961118$
2010-02-03 21:54:36 ----HDC---- C:\WINDOWS.4\$NtUninstallKB954155_WM9$
2010-02-03 21:54:30 ----HDC---- C:\WINDOWS.4\$NtUninstallKB956744$
2010-02-03 21:46:36 ----HDC---- C:\WINDOWS.4\$NtUninstallKB941569$
2010-02-03 21:45:55 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973540_WM9$
2010-02-03 21:45:48 ----HDC---- C:\WINDOWS.4\$NtUninstallKB929399$
2010-02-03 21:45:20 ----HDC---- C:\WINDOWS.4\$NtUninstallKB939683$
2010-02-03 21:42:54 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971737$
2010-02-03 21:42:31 ----HDC---- C:\WINDOWS.4\$NtUninstallKB952069_WM9$
2010-02-03 21:40:52 ----HDC---- C:\WINDOWS.4\$NtUninstallKB954154_WM11$
2010-02-03 20:38:09 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\OpenOffice.org
2010-02-03 19:09:21 ----D---- C:\WINDOWS.4\system32\NtmsData
2010-02-03 17:28:22 ----D---- C:\Program Files\Common Files\Logitech
2010-02-03 13:37:54 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\ICQ
2010-02-03 12:54:28 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\ImgBurn
2010-02-03 12:45:04 ----D---- C:\Program Files\DAEMON Tools Lite
2010-02-03 12:44:30 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\DAEMON Tools Lite
2010-02-03 12:44:28 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\DAEMON Tools Lite
2010-02-03 12:00:26 ----A---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\coreavc.ini
2010-02-03 11:47:26 ----D---- C:\Program Files\Haali
2010-02-03 03:21:37 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Media Player Classic
2010-02-03 03:21:32 ----D---- C:\Program Files\MPC HomeCinema
2010-02-03 02:56:58 ----N---- C:\WINDOWS.4\system32\spmsg2.dll
2010-02-03 02:56:57 ----HDC---- C:\WINDOWS.4\$NtUninstallXPSEPSCLP$
2010-02-03 02:53:59 ----D---- C:\WINDOWS.4\system32\XPSViewer
2010-02-03 02:53:55 ----D---- C:\WINDOWS.4\system32\en-US
2010-02-03 02:53:14 ----N---- C:\WINDOWS.4\system32\xpssvcs.dll
2010-02-03 02:53:14 ----N---- C:\WINDOWS.4\system32\xpsshhdr.dll
2010-02-03 02:53:14 ----N---- C:\WINDOWS.4\system32\prntvpt.dll
2010-02-03 02:53:13 ----D---- C:\9ae8400a375d821d221f6e
2010-02-03 02:52:21 ----RSD---- C:\WINDOWS.4\assembly
2010-02-03 02:51:35 ----D---- C:\WINDOWS.4\Microsoft.NET
2010-02-03 02:51:17 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Mozilla
2010-02-03 02:43:16 ----A---- C:\WINDOWS.4\system32\XAudio2_5.dll
2010-02-03 02:43:15 ----A---- C:\WINDOWS.4\system32\xactengine3_5.dll
2010-02-03 02:43:15 ----A---- C:\WINDOWS.4\system32\D3DCompiler_42.dll
2010-02-03 02:43:14 ----A---- C:\WINDOWS.4\system32\d3dx11_42.dll
2010-02-03 02:43:14 ----A---- C:\WINDOWS.4\system32\d3dcsx_42.dll
2010-02-03 02:43:13 ----A---- C:\WINDOWS.4\system32\D3DX9_42.dll
2010-02-03 02:43:13 ----A---- C:\WINDOWS.4\system32\d3dx10_42.dll
2010-02-03 02:43:13 ----A---- C:\WINDOWS.4\system32\d3dx10_41.dll
2010-02-03 02:43:13 ----A---- C:\WINDOWS.4\system32\D3DCompiler_41.dll
2010-02-03 02:43:12 ----A---- C:\WINDOWS.4\system32\D3DX9_41.dll
2010-02-03 02:43:11 ----A---- C:\WINDOWS.4\system32\XAudio2_4.dll
2010-02-03 02:43:11 ----A---- C:\WINDOWS.4\system32\XAPOFX1_3.dll
2010-02-03 02:43:11 ----A---- C:\WINDOWS.4\system32\xactengine3_4.dll
2010-02-03 02:43:11 ----A---- C:\WINDOWS.4\system32\X3DAudio1_6.dll
2010-02-03 02:43:10 ----A---- C:\WINDOWS.4\system32\D3DX9_40.dll
2010-02-03 02:43:10 ----A---- C:\WINDOWS.4\system32\d3dx10_40.dll
2010-02-03 02:43:10 ----A---- C:\WINDOWS.4\system32\D3DCompiler_40.dll
2010-02-03 02:43:09 ----A---- C:\WINDOWS.4\system32\XAudio2_3.dll
2010-02-03 02:43:09 ----A---- C:\WINDOWS.4\system32\XAPOFX1_2.dll
2010-02-03 02:43:09 ----A---- C:\WINDOWS.4\system32\xactengine3_3.dll
2010-02-03 02:43:08 ----A---- C:\WINDOWS.4\system32\XAudio2_2.dll
2010-02-03 02:43:08 ----A---- C:\WINDOWS.4\system32\XAPOFX1_1.dll
2010-02-03 02:43:08 ----A---- C:\WINDOWS.4\system32\X3DAudio1_5.dll
2010-02-03 02:43:07 ----A---- C:\WINDOWS.4\system32\xactengine3_2.dll
2010-02-03 02:43:07 ----A---- C:\WINDOWS.4\system32\d3dx10_39.dll
2010-02-03 02:43:07 ----A---- C:\WINDOWS.4\system32\D3DCompiler_39.dll
2010-02-03 02:43:06 ----A---- C:\WINDOWS.4\system32\XAudio2_1.dll
2010-02-03 02:43:06 ----A---- C:\WINDOWS.4\system32\XAPOFX1_0.dll
2010-02-03 02:43:06 ----A---- C:\WINDOWS.4\system32\xactengine3_1.dll
2010-02-03 02:43:06 ----A---- C:\WINDOWS.4\system32\D3DX9_39.dll
2010-02-03 02:43:05 ----A---- C:\WINDOWS.4\system32\X3DAudio1_4.dll
2010-02-03 02:43:05 ----A---- C:\WINDOWS.4\system32\d3dx10_38.dll
2010-02-03 02:43:05 ----A---- C:\WINDOWS.4\system32\D3DCompiler_38.dll
2010-02-03 02:43:04 ----A---- C:\WINDOWS.4\system32\XAudio2_0.dll
2010-02-03 02:43:04 ----A---- C:\WINDOWS.4\system32\D3DX9_38.dll
2010-02-03 02:43:03 ----A---- C:\WINDOWS.4\system32\xactengine3_0.dll
2010-02-03 02:43:03 ----A---- C:\WINDOWS.4\system32\X3DAudio1_3.dll
2010-02-03 02:43:02 ----A---- C:\WINDOWS.4\system32\D3DX9_37.dll
2010-02-03 02:43:02 ----A---- C:\WINDOWS.4\system32\d3dx10_37.dll
2010-02-03 02:43:02 ----A---- C:\WINDOWS.4\system32\D3DCompiler_37.dll
2010-02-03 02:43:01 ----A---- C:\WINDOWS.4\system32\xactengine2_10.dll
2010-02-03 02:43:01 ----A---- C:\WINDOWS.4\system32\d3dx10_36.dll
2010-02-03 02:43:00 ----A---- C:\WINDOWS.4\system32\d3dx9_36.dll
2010-02-03 02:43:00 ----A---- C:\WINDOWS.4\system32\D3DCompiler_36.dll
2010-02-03 02:42:59 ----A---- C:\WINDOWS.4\system32\xactengine2_9.dll
2010-02-03 02:42:59 ----A---- C:\WINDOWS.4\system32\d3dx9_35.dll
2010-02-03 02:42:59 ----A---- C:\WINDOWS.4\system32\d3dx10_35.dll
2010-02-03 02:42:59 ----A---- C:\WINDOWS.4\system32\D3DCompiler_35.dll
2010-02-03 02:42:58 ----A---- C:\WINDOWS.4\system32\xactengine2_8.dll
2010-02-03 02:42:58 ----A---- C:\WINDOWS.4\system32\X3DAudio1_2.dll
2010-02-03 02:42:58 ----A---- C:\WINDOWS.4\system32\d3dx10_34.dll
2010-02-03 02:42:58 ----A---- C:\WINDOWS.4\system32\D3DCompiler_34.dll
2010-02-03 02:42:57 ----A---- C:\WINDOWS.4\system32\xinput1_3.dll
2010-02-03 02:42:57 ----A---- C:\WINDOWS.4\system32\xactengine2_7.dll
2010-02-03 02:42:57 ----A---- C:\WINDOWS.4\system32\d3dx9_34.dll
2010-02-03 02:42:56 ----A---- C:\WINDOWS.4\system32\d3dx10_33.dll
2010-02-03 02:42:56 ----A---- C:\WINDOWS.4\system32\D3DCompiler_33.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\xactengine2_6.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\xactengine2_5.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\xactengine2_4.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\x3daudio1_1.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\d3dx9_33.dll
2010-02-03 02:42:46 ----A---- C:\WINDOWS.4\system32\d3dx9_32.dll
2010-02-03 02:42:45 ----A---- C:\WINDOWS.4\system32\xinput1_2.dll
2010-02-03 02:42:45 ----A---- C:\WINDOWS.4\system32\xinput1_1.dll
2010-02-03 02:42:45 ----A---- C:\WINDOWS.4\system32\xactengine2_3.dll
2010-02-03 02:42:45 ----A---- C:\WINDOWS.4\system32\xactengine2_2.dll
2010-02-03 02:42:45 ----A---- C:\WINDOWS.4\system32\d3dx9_31.dll
2010-02-03 02:42:44 ----A---- C:\WINDOWS.4\system32\xactengine2_1.dll
2010-02-03 02:42:44 ----A---- C:\WINDOWS.4\system32\xactengine2_0.dll
2010-02-03 02:42:44 ----A---- C:\WINDOWS.4\system32\x3daudio1_0.dll
2010-02-03 02:42:44 ----A---- C:\WINDOWS.4\system32\d3dx9_30.dll
2010-02-03 02:42:44 ----A---- C:\WINDOWS.4\system32\d3dx9_29.dll
2010-02-03 02:42:43 ----A---- C:\WINDOWS.4\system32\xinput9_1_0.dll
2010-02-03 02:42:43 ----A---- C:\WINDOWS.4\system32\d3dx9_28.dll
2010-02-03 02:42:43 ----A---- C:\WINDOWS.4\system32\d3dx9_27.dll
2010-02-03 02:42:43 ----A---- C:\WINDOWS.4\system32\d3dx9_26.dll
2010-02-03 02:42:42 ----A---- C:\WINDOWS.4\system32\d3dx9_25.dll
2010-02-03 02:42:42 ----A---- C:\WINDOWS.4\system32\d3dx9_24.dll
2010-02-03 02:35:14 ----HD---- C:\WINDOWS.4\msdownld.tmp
2010-02-03 02:34:45 ----D---- C:\WINDOWS.4\Logs
2010-02-03 02:27:43 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\DAEMON Tools
2010-02-03 02:22:07 ----D---- C:\WINDOWS.4\Sun
2010-02-03 02:20:50 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Sun
2010-02-03 02:20:49 ----D---- C:\Program Files\Common Files\Java
2010-02-03 02:20:19 ----A---- C:\WINDOWS.4\system32\deploytk.dll
2010-02-03 02:17:52 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Sun
2010-02-03 01:39:50 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Adobe
2010-02-03 01:00:43 ----D---- C:\Program Files\QIP Infium JadrisPack
2010-02-03 00:57:09 ----N---- C:\WINDOWS.4\system32\spmsg.dll
2010-02-03 00:57:08 ----HDC---- C:\WINDOWS.4\$NtUninstallMSCompPackV1$
2010-02-03 00:56:41 ----HDC---- C:\WINDOWS.4\$NtUninstallwmp11$
2010-02-03 00:55:38 ----HDC---- C:\WINDOWS.4\$NtUninstallWMFDist11$
2010-02-03 00:55:06 ----D---- C:\WINDOWS.4\system32\LogFiles
2010-02-03 00:54:59 ----HDC---- C:\WINDOWS.4\$NtUninstallWudf01000$
2010-02-03 00:41:56 ----A---- C:\WINDOWS.4\system32\ksuser.dll
2010-02-03 00:41:46 ----A---- C:\WINDOWS.4\CMISETUP.INI
2010-02-03 00:41:45 ----A---- C:\WINDOWS.4\CMCDPLAY.INI
2010-02-03 00:41:42 ----A---- C:\WINDOWS.4\Wininit.ini
2010-02-03 00:41:42 ----A---- C:\WINDOWS.4\system32\udaprop.dll
2010-02-03 00:41:42 ----A---- C:\WINDOWS.4\system32\cmuda.dll
2010-02-03 00:41:42 ----A---- C:\WINDOWS.4\system32\cmirmdrv.exe
2010-02-03 00:41:42 ----A---- C:\WINDOWS.4\system32\cmirmdrv.dll
2010-02-03 00:41:41 ----D---- C:\Program Files\C-Media 3D Audio
2010-02-03 00:41:41 ----A---- C:\WINDOWS.4\system32\Audio3D.dll
2010-02-03 00:41:41 ----A---- C:\WINDOWS.4\system32\a3d.dll
2010-02-03 00:41:41 ----A---- C:\WINDOWS.4\CMIUninstall.exe
2010-02-03 00:41:41 ----A---- C:\WINDOWS.4\CmiRmRedundDir.exe
2010-02-03 00:41:41 ----A---- C:\WINDOWS.4\CMIRmDriver.dll
2010-02-03 00:31:23 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\uTorrent
2010-02-03 00:22:24 ----HDC---- C:\WINDOWS.4\$NtUninstallKB951376-v2$
2010-02-03 00:22:17 ----HDC---- C:\WINDOWS.4\$NtUninstallKB952954$
2010-02-03 00:22:11 ----HDC---- C:\WINDOWS.4\$NtUninstallKB959426$
2010-02-03 00:22:05 ----HDC---- C:\WINDOWS.4\$NtUninstallKB946648$
2010-02-03 00:22:00 ----HDC---- C:\WINDOWS.4\$NtUninstallKB956803$
2010-02-03 00:21:54 ----HDC---- C:\WINDOWS.4\$NtUninstallKB960859$
2010-02-03 00:21:43 ----HDC---- C:\WINDOWS.4\$NtUninstallKB978207$
2010-02-03 00:21:36 ----HDC---- C:\WINDOWS.4\$NtUninstallKB958869$
2010-02-03 00:21:29 ----HDC---- C:\WINDOWS.4\$NtUninstallKB976098-v2$
2010-02-03 00:21:23 ----HDC---- C:\WINDOWS.4\$NtUninstallKB955759$
2010-02-03 00:21:17 ----HDC---- C:\WINDOWS.4\$NtUninstallKB974318$
2010-02-03 00:21:11 ----HDC---- C:\WINDOWS.4\$NtUninstallKB969059$
2010-02-03 00:21:05 ----HDC---- C:\WINDOWS.4\$NtUninstallKB961503$
2010-02-03 00:20:00 ----D---- C:\WINDOWS.4\ie8updates
2010-02-03 00:19:27 ----D---- C:\WINDOWS.4\WBEM
2010-02-03 00:17:42 ----HDC---- C:\WINDOWS.4\ie8
2010-02-03 00:15:39 ----A---- C:\WINDOWS.4\system32\MRT.exe
2010-02-03 00:11:12 ----HDC---- C:\WINDOWS.4\$NtUninstallKB950974$
2010-02-03 00:11:07 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971657$
2010-02-03 00:11:02 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971557$
2010-02-03 00:10:57 ----HDC---- C:\WINDOWS.4\$NtUninstallKB960225$
2010-02-03 00:10:53 ----HDC---- C:\WINDOWS.4\$NtUninstallKB972270$
2010-02-03 00:10:47 ----HDC---- C:\WINDOWS.4\$NtUninstallKB974112$
2010-02-03 00:10:37 ----HDC---- C:\WINDOWS.4\$NtUninstallKB956572$
2010-02-03 00:10:29 ----HDC---- C:\WINDOWS.4\$NtUninstallKB956844$
2010-02-03 00:10:22 ----HDC---- C:\WINDOWS.4\$NtUninstallKB961501$
2010-02-03 00:09:59 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971633$
2010-02-03 00:09:50 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973869$
2010-02-03 00:09:36 ----HDC---- C:\WINDOWS.4\$NtUninstallKB975025$
2010-02-03 00:09:28 ----HDC---- C:\WINDOWS.4\$NtUninstallKB952004$
2010-02-03 00:09:17 ----HDC---- C:\WINDOWS.4\$NtUninstallKB974571$
2010-02-03 00:09:07 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973507$
2010-02-03 00:08:57 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973687$
2010-02-03 00:08:50 ----HDC---- C:\WINDOWS.4\$NtUninstallKB950762$
2010-02-03 00:08:44 ----HDC---- C:\WINDOWS.4\$NtUninstallKB957097$
2010-02-03 00:08:39 ----HDC---- C:\WINDOWS.4\$NtUninstallKB958687$
2010-02-03 00:08:31 ----HDC---- C:\WINDOWS.4\$NtUninstallKB952287$
2010-02-03 00:08:22 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973354$
2010-02-03 00:08:14 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973904$
2010-02-03 00:08:04 ----HDC---- C:\WINDOWS.4\$NtUninstallKB967715$
2010-02-03 00:07:58 ----HDC---- C:\WINDOWS.4\$NtUninstallKB951066$
2010-02-03 00:07:50 ----HDC---- C:\WINDOWS.4\$NtUninstallKB974392$
2010-02-03 00:07:44 ----HDC---- C:\WINDOWS.4\$NtUninstallKB951748$
2010-02-03 00:07:37 ----HDC---- C:\WINDOWS.4\$NtUninstallKB970238$
2010-02-03 00:07:28 ----HDC---- C:\WINDOWS.4\$NtUninstallKB971486$
2010-02-03 00:07:21 ----HDC---- C:\WINDOWS.4\$NtUninstallKB960803$
2010-02-03 00:07:15 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973815$
2010-02-03 00:07:08 ----HDC---- C:\WINDOWS.4\$NtUninstallKB973525$
2010-02-03 00:07:01 ----HDC---- C:\WINDOWS.4\$NtUninstallKB958644$
2010-02-03 00:06:48 ----HDC---- C:\WINDOWS.4\$NtUninstallKB955069$
2010-02-03 00:06:23 ----HDC---- C:\WINDOWS.4\$NtUninstallKB956802$
2010-02-03 00:06:13 ----HDC---- C:\WINDOWS.4\$NtUninstallKB923561$
2010-02-03 00:06:08 ----HDC---- C:\WINDOWS.4\$NtUninstallKB975467$
2010-02-03 00:06:01 ----HDC---- C:\WINDOWS.4\$NtUninstallKB968389$
2010-02-03 00:05:53 ----HDC---- C:\WINDOWS.4\$NtUninstallKB969947$
2010-02-02 23:58:05 ----D---- C:\WINDOWS.4\Prefetch
2010-02-02 23:49:21 ----D---- C:\WINDOWS.4\system32\cs-cz
2010-02-02 23:49:19 ----D---- C:\WINDOWS.4\system32\cs
2010-02-02 23:49:19 ----D---- C:\WINDOWS.4\system32\bits
2010-02-02 23:49:19 ----D---- C:\WINDOWS.4\l2schemas
2010-02-02 23:46:33 ----D---- C:\WINDOWS.4\ServicePackFiles
2010-02-02 23:44:20 ----D---- C:\WINDOWS.4\network diagnostic
2010-02-02 23:38:13 ----HDC---- C:\WINDOWS.4\$NtServicePackUninstall$
2010-02-02 23:38:10 ----D---- C:\WINDOWS.4\EHome
2010-02-02 23:07:29 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Windows Genuine Advantage
2010-02-02 23:04:26 ----D---- C:\WINDOWS.4\system32\PreInstall
2010-02-02 23:04:26 ----A---- C:\WINDOWS.4\system32\spupdsvc.exe
2010-02-02 23:04:24 ----HDC---- C:\WINDOWS.4\$NtUninstallKB898461$
2010-02-02 23:04:24 ----HD---- C:\WINDOWS.4\$hf_mig$
2010-02-02 23:03:54 ----HDC---- C:\WINDOWS.4\$MSI31Uninstall_KB893803v2$
2010-02-02 23:03:18 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Hagel Technologies
2010-02-02 22:57:49 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Macromedia
2010-02-02 22:57:49 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Adobe
2010-02-02 22:57:42 ----D---- C:\WINDOWS.4\system32\Macromed
2010-02-02 22:46:38 ----D---- C:\WINDOWS.4\pss
2010-02-02 22:41:56 ----A---- C:\WINDOWS.4\system32\mucltui.dll.mui
2010-02-02 22:41:56 ----A---- C:\WINDOWS.4\system32\mucltui.dll
2010-02-02 22:41:10 ----A---- C:\WINDOWS.4\SET1B.tmp
2010-02-02 22:41:09 ----RA---- C:\WINDOWS.4\SET18.tmp
2010-02-02 22:34:25 ----A---- C:\WINDOWS.4\system32\PerfStringBackup.INI
2010-02-02 22:34:24 ----SHD---- C:\WINDOWS.4\Installer
2010-02-02 22:34:23 ----A---- C:\WINDOWS.4\ODBCINST.INI
2010-02-02 22:34:16 ----RA---- C:\WINDOWS.4\system32\kbdazel.dll
2010-02-02 22:34:15 ----RA---- C:\WINDOWS.4\system32\kbdtuq.dll
2010-02-02 22:34:15 ----RA---- C:\WINDOWS.4\system32\kbdtuf.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdycc.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbduzb.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdur.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdtat.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdru1.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdru.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdmon.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdkyr.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdkaz.dll
2010-02-02 22:34:14 ----RA---- C:\WINDOWS.4\system32\kbdaze.dll
2010-02-02 22:34:13 ----RA---- C:\WINDOWS.4\system32\kbdbu.dll
2010-02-02 22:34:13 ----RA---- C:\WINDOWS.4\system32\kbdblr.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhept.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhela3.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhela2.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhe319.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhe220.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdhe.dll
2010-02-02 22:34:12 ----RA---- C:\WINDOWS.4\system32\kbdgkl.dll
2010-02-02 22:34:11 ----RA---- C:\WINDOWS.4\system32\kbdlt1.dll
2010-02-02 22:34:10 ----RA---- C:\WINDOWS.4\system32\kbdlv1.dll
2010-02-02 22:34:10 ----RA---- C:\WINDOWS.4\system32\kbdlv.dll
2010-02-02 22:34:10 ----RA---- C:\WINDOWS.4\system32\kbdlt.dll
2010-02-02 22:34:10 ----RA---- C:\WINDOWS.4\system32\kbdest.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdsl1.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdsl.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdro.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdpl1.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdpl.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdhu1.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdhu.dll
2010-02-02 22:34:07 ----A---- C:\WINDOWS.4\system32\kbdcr.dll
2010-02-02 22:34:06 ----A---- C:\WINDOWS.4\system32\kbdycl.dll
2010-02-02 22:34:06 ----A---- C:\WINDOWS.4\system32\KBDAL.DLL
2010-02-02 22:34:05 ----A---- C:\WINDOWS.4\system32\spxcoins.dll
2010-02-02 22:34:05 ----A---- C:\WINDOWS.4\system32\irclass.dll
2010-02-02 22:34:05 ----A---- C:\WINDOWS.4\system32\EqnClass.Dll
2010-02-02 22:34:05 ----A---- C:\WINDOWS.4\system32\dgsetup.dll
2010-02-02 22:34:05 ----A---- C:\WINDOWS.4\system32\dgrpsetu.dll
2010-02-02 22:34:03 ----A---- C:\WINDOWS.4\TASKMAN.EXE
2010-02-02 22:34:02 ----N---- C:\WINDOWS.4\system32\CONFIG.TMP
2010-02-02 22:34:02 ----A---- C:\WINDOWS.4\system32\batt.dll
2010-02-02 22:34:02 ----A---- C:\WINDOWS.4\notepad.exe
2010-02-02 22:34:01 ----A---- C:\WINDOWS.4\system32\storprop.dll
2010-02-02 22:33:43 ----RA---- C:\WINDOWS.4\SET8.tmp
2010-02-02 22:33:40 ----RA---- C:\WINDOWS.4\SET4.tmp
2010-02-02 22:33:39 ----RA---- C:\WINDOWS.4\SET3.tmp
2010-02-02 22:33:33 ----D---- C:\WINDOWS.4\system32\CatRoot2
2010-02-02 22:33:33 ----D---- C:\WINDOWS.4\system32\CatRoot
2010-02-02 22:25:09 ----RSHDC---- C:\WINDOWS.4\system32\dllcache
2010-02-02 22:25:09 ----RSD---- C:\WINDOWS.4\Fonts
2010-02-02 22:25:09 ----RD---- C:\WINDOWS.4\Web
2010-02-02 22:25:09 ----HD---- C:\WINDOWS.4\inf
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\WinSxS
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\twain_32
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Temp
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\wins
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\wbem
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\usmt
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\spool
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\ShellExt
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\Setup
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\ras
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\oobe
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\npp
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\mui
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\inetsrv
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\IME
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\icsxml
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\ias
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\export
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\drivers
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\dhcp
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\config
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\3com_dmi
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\3076
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\2052
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1054
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1042
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1041
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1037
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1033
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1031
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1029
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1028
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32\1025
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system32
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\system
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\security
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Resources
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\repair
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Provisioning
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\pchealth
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\PeerNet
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\mui
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\msapps
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\msagent
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Media
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\java
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\ime
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Help
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Driver Cache
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Debug
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Cursors
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Connection Wizard
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\Config
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\AppPatch
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4\addins
2010-02-02 22:25:09 ----D---- C:\WINDOWS.4
2010-02-02 21:25:24 ----D---- C:\WINDOWS.3
2010-02-02 21:15:05 ----D---- C:\WINDOWS.2
2010-02-02 20:45:51 ----D---- C:\Program Files\Online Services
2010-01-31 02:17:34 ----D---- C:\Program Files\ImgBurn
2010-01-30 21:25:48 ----D---- C:\Program Files\Simpli Software
2010-01-25 19:35:41 ----D---- C:\Program Files\ICQ7.0

======List of files/folders modified in the last 1 months======

2010-02-18 21:27:40 ----D---- C:\Program Files\Trend Micro
2010-02-18 21:20:20 ----N---- C:\WINDOWS.4\win.ini
2010-02-18 21:20:20 ----N---- C:\WINDOWS.4\system.ini
2010-02-18 21:20:20 ----ASH---- C:\boot.ini
2010-02-18 21:00:22 ----D---- C:\Program Files\SpeedFan
2010-02-18 18:57:21 ----D---- C:\Program Files\Steam
2010-02-18 17:29:17 ----A---- C:\WINDOWS.4\SchedLgU.Txt
2010-02-18 14:42:21 ----SHD---- C:\Config.Msi
2010-02-18 14:42:21 ----D---- C:\Program Files\SystemRequirementsLab
2010-02-16 19:16:53 ----SD---- C:\WINDOWS.4\Tasks
2010-02-14 19:52:05 ----RAD---- C:\Program Files
2010-02-14 19:52:01 ----D---- C:\Program Files\OpenOffice.org 3
2010-02-14 19:51:15 ----D---- C:\Program Files\Java
2010-02-14 11:27:33 ----SD---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Microsoft
2010-02-14 09:41:57 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-14 09:26:58 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-05 20:50:21 ----D---- C:\Program Files\DivX
2010-02-05 02:37:05 ----D---- C:\WINDOWS.4\system32\DirectX
2010-02-04 21:03:03 ----D---- C:\Program Files\ATI Technologies
2010-02-03 17:28:22 ----D---- C:\Program Files\Common Files
2010-02-03 17:28:21 ----D---- C:\Program Files\Logitech
2010-02-03 12:33:14 ----D---- C:\WINDOWS.1
2010-02-03 11:34:44 ----D---- C:\Program Files\WinRAR
2010-02-03 11:27:46 ----D---- C:\Program Files\Combined Community Codec Pack
2010-02-03 02:02:17 ----D---- C:\Program Files\Microsoft Kalkulačka+
2010-02-03 00:56:50 ----D---- C:\Program Files\Windows Media Player
2010-02-03 00:31:45 ----D---- C:\Program Files\uTorrent
2010-02-03 00:24:50 ----D---- C:\Program Files\Internet Explorer
2010-02-03 00:22:07 ----D---- C:\Program Files\Messenger
2010-02-03 00:08:24 ----D---- C:\Program Files\Outlook Express
2010-02-02 23:53:34 ----D---- C:\Program Files\FLVPlayer4Free
2010-02-02 23:49:19 ----D---- C:\Program Files\Movie Maker
2010-02-02 23:46:28 ----D---- C:\WINDOWS.4\system32\Restore
2010-02-02 23:46:25 ----D---- C:\WINDOWS.4\srchasst
2010-02-02 23:46:24 ----D---- C:\Program Files\NetMeeting
2010-02-02 23:46:23 ----D---- C:\WINDOWS.4\system32\Com
2010-02-02 23:46:20 ----D---- C:\Program Files\Windows NT
2010-02-02 23:46:16 ----D---- C:\Program Files\Common Files\System
2010-02-02 23:11:44 ----SHD---- C:\RECYCLER
2010-02-02 23:00:58 ----SHD---- C:\System Volume Information
2010-02-02 22:52:29 ----D---- C:\Program Files\QIP 2005
2010-02-02 22:41:49 ----SD---- C:\WINDOWS.4\Downloaded Program Files
2010-02-02 22:40:50 ----D---- C:\WINDOWS.4\SoftwareDistribution
2010-02-02 14:44:18 ----D---- C:\Program Files\Common Files\Adobe
2010-01-25 20:39:38 ----D---- C:\Program Files\Mozilla Firefox 3.1 Beta 2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS.4\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS.4\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS.4\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R3 ati2mtag;ati2mtag; C:\WINDOWS.4\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS.4\system32\drivers\cmuda.sys [2004-08-23 821760]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS.4\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HSF_DP;HSF_DP; C:\WINDOWS.4\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS.4\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS.4\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS.4\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS.4\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS.4\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS.4\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS.4\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS.4\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS.4\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 az2cnmmo;az2cnmmo; C:\WINDOWS.4\system32\drivers\az2cnmmo.sys []
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS.4\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS.4\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS.4\system32\drivers\PnkBstrK.sys []
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS.4\system32\drivers\WmFilter.sys [2009-09-11 35592]
S3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS.4\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS.4\system32\drivers\WmVirHid.sys [2009-09-11 14984]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.4\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.4\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS.4\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS.4\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS.4\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS.4\system32\Ati2evxx.exe [2009-09-30 602112]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS.4\system32\PnkBstrA.exe [2010-02-16 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS.4\system32\PnkBstrB.exe [2010-02-18 215128]
S2 ATI Smart;ATI Smart; C:\WINDOWS.4\system32\ati2sgag.exe [2009-09-29 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS.4\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.4\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.4\system32\svchost.exe [2008-04-14 14336]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-03 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

MiliNess · #2 Příspěvek od **MiliNess** » 18 úno 2010 21:53

Na www.leteckaposta.cz upněte soubory ze složky Windows\Minidump (zabalte je do archivu)
Podíváme se na to.

frantax · #3 Příspěvek od **frantax** » 19 úno 2010 13:41

Žádnou takovou složku jsem tam já ani počítač nenašel

a tenhle log z RSIT je v pořádku prosím ?

MiliNess · #4 Příspěvek od **MiliNess** » 20 úno 2010 01:18

Ve vašem případě to bude složka WINDOWS.4\Minidump. Pokud nebude ani tam, udělejte toto nastavení:
Start->Tento počítač->Vlastnosti->Upřesnit->Spouštění a zotavení systému->Nastavení->pod "Zapsat ladící" informace zvolte "Omezený výpis stavu paměti"->OK. Pak vám nezbyde než čekat na další BSOD, po kterém by se složka Minidump s výpisem paměti měla vytvořit.

Kolegyně vám zítra zkontroluje ten log

#5 Příspěvek od **motji** » 20 úno 2010 07:18

Dobré ranko

Log vypadá v pořádku, ale chybí antivir a firewall, doinstalujte

(ale až s kolegou vyřešíte tu modrou smrt

)

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
-nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
-po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

frantax · #6 Příspěvek od **frantax** » 27 úno 2010 12:46

Ten minidump se nejspise nevytvoril kvuli toho ze jsem mel vypnuty strankovaci soubor. Ale dnes nez jsem jej zapl sem mel modrou smrt neco malo sem si opsal bylo tam ze chybu spusobuje :win32k.sys a potom jeste PAGE_FAULT_IN_NONPAGED_AREA jakmile budu mít minidump , poslu jej.

MiliNess · #7 Příspěvek od **MiliNess** » 28 úno 2010 18:42

To rozhodně, bez stránkovacího souboru se dump nevytvoří. Až ho budete mít, upněte ho.

frantax · #8 Příspěvek od **frantax** » 12 bře 2010 17:53

tak opet byla bsod.. upnul jsem minidump tady : http://rapidshare.com/files/362456607/M ... 1.dmp.html
a tady : http://leteckaposta.cz/971327977 pro jistotu 2 krat, dekuji.

MiliNess · #9 Příspěvek od **MiliNess** » 12 bře 2010 19:34

Mrknu na to

frantax · #10 Příspěvek od **frantax** » 12 bře 2010 19:39

děkuji moc bohuzel predchvili dalsi modra

achjo http://leteckaposta.cz/863208626 doufam ze nebude potreba reinstalovat system nez to clovek da znova do kupy to trva :/

frantax · #11 Příspěvek od **frantax** » 12 bře 2010 20:06

přidávám další log z RSIT

Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2010-03-12 20:05:23
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 2559 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:05:32, on 12.3.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS.4\System32\smss.exe
C:\WINDOWS.4\system32\winlogon.exe
C:\WINDOWS.4\system32\services.exe
C:\WINDOWS.4\system32\lsass.exe
C:\WINDOWS.4\system32\Ati2evxx.exe
C:\WINDOWS.4\system32\svchost.exe
C:\WINDOWS.4\System32\svchost.exe
C:\WINDOWS.4\system32\Ati2evxx.exe
C:\WINDOWS.4\Explorer.EXE
C:\WINDOWS.4\system32\spoolsv.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\WINDOWS.4\system32\ctfmon.exe
C:\WINDOWS.4\system32\PnkBstrA.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\QIP Infium JadrisPack2\infium.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\Java\jre6\launch4j-tmp\frd.exe
C:\Program Files\Combined Community Codec Pack\MPC\mpc-hc.exe
C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Franta\Dokumenty\CHROME\RSIT.exe
C:\Program Files\trend micro\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll
O4 - HKLM\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS.4\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS.4\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.4\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.4\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 5146903593
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C16D198-46F4-4131-8601-7085F9F73969}: NameServer = 62.84.128.6,62.84.132.6
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS.4\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.4\system32\ati2sgag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS.4\system32\PnkBstrA.exe

--
End of file - 4957 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-03 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files\Google\Chrome Frame\Application\5.0.317.0\npchrome_frame.dll [2010-02-04 1160704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2006-11-27 1582616]
"Cmaudio"=RunDll32 cmicnfg.cpl,CMICtrlWnd []
"NeroFilterCheck"=C:\WINDOWS.4\system32\NeroCheck.exe [2001-07-09 155648]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"KernelFaultCheck"=C:\WINDOWS.4\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS.4\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2009-09-16 153608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3
"idsvc"=3
"gupdate"=2
"JavaQuickStarterService"=2
"TermService"=3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS.4\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS.4\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\WINDOWS.4\system32\sessmgr.exe"="C:\WINDOWS.4\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\EA GAMES\Battlefield 2\BF2.exe"="C:\Program Files\EA GAMES\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-03-12 20:05:23 ----D---- C:\rsit
2010-03-12 19:52:19 ----D---- C:\Program Files\Microsoft Bootvis
2010-03-12 17:44:31 ----D---- C:\WINDOWS.4\Minidump
2010-03-10 22:13:45 ----HDC---- C:\WINDOWS.4\$NtUninstallKB975561$
2010-03-02 15:56:08 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Xfire
2010-03-02 15:56:03 ----D---- C:\Program Files\Xfire
2010-03-01 20:20:46 ----D---- C:\Program Files\TeamSpeak 3 Client
2010-02-28 13:00:41 ----A---- C:\WINDOWS.4\system32\TwnLib20.dll
2010-02-28 13:00:35 ----N---- C:\WINDOWS.4\system32\ImagXRA7.dll
2010-02-28 13:00:34 ----N---- C:\WINDOWS.4\system32\ImagXR7.dll
2010-02-28 13:00:34 ----N---- C:\WINDOWS.4\system32\ImagXpr7.dll
2010-02-28 13:00:34 ----N---- C:\WINDOWS.4\system32\ImagX7.dll
2010-02-28 13:00:32 ----D---- C:\Program Files\Common Files\Ahead
2010-02-28 13:00:32 ----A---- C:\WINDOWS.4\system32\NeroCheck.exe
2010-02-28 13:00:27 ----D---- C:\Program Files\Ahead
2010-02-24 13:56:53 ----HDC---- C:\WINDOWS.4\$NtUninstallKB979306$
2010-02-21 18:17:38 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\TuneUp Software
2010-02-21 18:10:52 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\WinRAR
2010-02-21 18:00:13 ----D---- C:\Program Files\FileHippo.com
2010-02-21 10:22:27 ----A---- C:\WINDOWS.4\IsUn0405.exe
2010-02-20 19:14:52 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Thunderbird
2010-02-20 19:14:24 ----D---- C:\Program Files\Mozilla Thunderbird
2010-02-14 20:28:47 ----HDC---- C:\WINDOWS.4\$NtUninstallKB977165$
2010-02-14 19:52:05 ----D---- C:\Program Files\JRE
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\javaws.exe
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\javaw.exe
2010-02-14 19:51:30 ----A---- C:\WINDOWS.4\system32\java.exe
2010-02-14 15:26:38 ----A---- C:\WINDOWS.4\system32\PnkBstrB.exe
2010-02-14 15:24:26 ----A---- C:\WINDOWS.4\system32\PnkBstrA.exe
2010-02-14 09:41:47 ----A---- C:\WINDOWS.4\d3xp.ini
2010-02-14 09:36:11 ----A---- C:\WINDOWS.4\doom3.ini
2010-02-14 09:32:37 ----D---- C:\Program Files\Doom 3
2010-02-13 15:15:27 ----D---- C:\Program Files\BfSV

======List of files/folders modified in the last 1 months======

2010-03-12 20:05:26 ----D---- C:\Program Files\Trend Micro
2010-03-12 19:52:19 ----SHD---- C:\WINDOWS.4\Installer
2010-03-12 19:52:19 ----SHD---- C:\Config.Msi
2010-03-12 19:52:19 ----RAD---- C:\Program Files
2010-03-12 19:35:31 ----D---- C:\WINDOWS.4\Temp
2010-03-12 19:35:12 ----D---- C:\WINDOWS.4
2010-03-12 18:29:18 ----D---- C:\Program Files\Steam
2010-03-11 22:22:43 ----A---- C:\WINDOWS.4\SchedLgU.Txt
2010-03-11 16:35:21 ----HD---- C:\WINDOWS.4\inf
2010-03-11 16:35:20 ----D---- C:\WINDOWS.4\system32\CatRoot2
2010-03-10 22:13:47 ----RSHDC---- C:\WINDOWS.4\system32\dllcache
2010-03-10 22:13:47 ----D---- C:\Program Files\Movie Maker
2010-03-10 22:13:46 ----D---- C:\WINDOWS.4\system32
2010-03-10 22:13:41 ----HD---- C:\WINDOWS.4\$hf_mig$
2010-03-07 14:13:13 ----SD---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\Microsoft
2010-03-07 13:04:22 ----D---- C:\WINDOWS.4\system32\drivers
2010-03-06 20:26:59 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\uTorrent
2010-03-06 13:29:15 ----D---- C:\Program Files\SpeedFan
2010-03-02 13:14:11 ----D---- C:\WINDOWS.4\WinSxS
2010-02-28 14:25:50 ----D---- C:\WINDOWS.4\Prefetch
2010-02-28 13:00:32 ----D---- C:\Program Files\Common Files
2010-02-27 13:27:41 ----ASH---- C:\boot.ini
2010-02-27 13:27:29 ----A---- C:\WINDOWS.4\win.ini
2010-02-27 13:27:29 ----A---- C:\WINDOWS.4\system.ini
2010-02-21 18:25:39 ----D---- C:\Program Files\Defraggler
2010-02-21 18:17:44 ----D---- C:\Program Files\uTorrent
2010-02-21 18:09:49 ----D---- C:\Program Files\WinRAR
2010-02-21 17:57:35 ----D---- C:\Documents and Settings\All Users.WINDOWS.4\Data aplikací\Spybot - Search & Destroy
2010-02-20 12:01:41 ----D---- C:\Program Files\Fraps
2010-02-19 22:44:37 ----D---- C:\Program Files\ICQ7.0
2010-02-19 19:48:27 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-19 19:29:29 ----D---- C:\WINDOWS.4\system32\DirectX
2010-02-18 14:42:21 ----D---- C:\Program Files\SystemRequirementsLab
2010-02-16 19:16:53 ----SD---- C:\WINDOWS.4\Tasks
2010-02-14 19:52:39 ----RSD---- C:\WINDOWS.4\Fonts
2010-02-14 19:52:01 ----D---- C:\Program Files\OpenOffice.org 3
2010-02-14 19:51:15 ----D---- C:\Program Files\Java
2010-02-14 15:24:27 ----D---- C:\WINDOWS.4\system32\LogFiles
2010-02-14 09:26:58 ----D---- C:\Program Files\Common Files\InstallShield
2010-02-14 09:25:43 ----D---- C:\Documents and Settings\Owner.A-5A34B8B1C8E24\Data aplikací\DAEMON Tools Lite
2010-02-13 17:10:23 ----D---- C:\WINDOWS.4\Debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Řadič procesoru Intel; C:\WINDOWS.4\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS.4\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS.4\system32\DRIVERS\mdmxsdk.sys [2004-08-03 11868]
R3 ati2mtag;ati2mtag; C:\WINDOWS.4\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 cmuda;C-Media WDM Audio Interface; C:\WINDOWS.4\system32\drivers\cmuda.sys [2004-08-23 821760]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS.4\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS.4\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS.4\system32\DRIVERS\HSFDPSP2.sys [2004-08-03 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS.4\system32\DRIVERS\HSFBS2S2.sys [2004-08-03 220032]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS.4\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS.4\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS.4\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS.4\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS.4\system32\DRIVERS\HSFCXTS2.sys [2004-08-03 685056]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\WINDOWS.4\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmFilter;Logitech Gaming HID Filter Driver; C:\WINDOWS.4\system32\drivers\WmFilter.sys [2009-09-11 35592]
R3 WmHidLo;Logitech Gaming USB Filter Driver; C:\WINDOWS.4\system32\drivers\WmHidLo.sys [2009-09-11 31752]
R3 WmXlCore;Logitech Translation Layer Driver; C:\WINDOWS.4\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS.4\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 aj61xb66;aj61xb66; C:\WINDOWS.4\system32\drivers\aj61xb66.sys []
S3 esihdrv;esihdrv; \??\C:\DOCUME~1\OWNER~1.A-5\LOCALS~1\Temp\esihdrv.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS.4\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS.4\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\WINDOWS.4\system32\drivers\WmVirHid.sys [2009-09-11 14984]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS.4\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS.4\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS.4\system32\drivers\IntelIde.sys []
S4 sr;Ovladač filtru Obnovy systému; C:\WINDOWS.4\system32\DRIVERS\sr.sys [2008-04-14 73344]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS.4\system32\svchost.exe [2008-04-14 14336]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS.4\system32\Ati2evxx.exe [2009-09-30 602112]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS.4\system32\PnkBstrA.exe [2010-02-16 75064]
S2 ATI Smart;ATI Smart; C:\WINDOWS.4\system32\ati2sgag.exe [2009-09-29 593920]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS.4\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS.4\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS.4\system32\svchost.exe [2008-04-14 14336]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S4 idsvc;Služba Windows CardSpace; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S4 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-03 153376]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS.4\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

#12 Příspěvek od **motji** » 12 bře 2010 20:48

Vy nemáte antivir a firewall? Pak doinstalujte, počkejte ještě na rozbor těch minidumpů.
Máte tam rootkita.

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\DOCUME~1\OWNER~1.A-5\LOCALS~1\Temp\esihdrv.sys

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"=-
"KernelFaultCheck"=-

:Services
esihdrv

:commands
[Reboot]

-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

frantax · #13 Příspěvek od **frantax** » 12 bře 2010 21:18

Tady je ten LOG
========== PROCESSES ==========
Process explorer.exe killed successfully!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\*.tmp not found.
File/Folder C:\DOCUME~1\OWNER~1.A-5\LOCALS~1\Temp\esihdrv.sys not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Cmaudio deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
========== SERVICES/DRIVERS ==========
Service esihdrv stopped successfully!
Service esihdrv deleted successfully!
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.10.0 log created on 03122010_211131

jenom bych chtel dodat ze mam system ve slozce windows.4 ! kdezto v logu je zminka o C:\WINDOWS ...
A taky ze po startu systemu je po dobu asi 2 minut nejaky divny nepouzitelny bych rekl dost divne na to ze tma je 2,5 gb ram nejde zapnout ani spravce uloh

#14 Příspěvek od **motji** » 12 bře 2010 21:23

Combofix stahněte takto:
- pravým myšítkem klikněte na odkaz combofixu --uložit jako.. ,a teď ho přejmenujte na Potvora.com a uložte.

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

frantax · #15 Příspěvek od **frantax** » 12 bře 2010 21:50

log z combofix

ComboFix 10-03-11.06 - Owner 12.03.2010 21:37:47.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2559.2247 [GMT 1:00]
Spuštěný z: c:\documents and settings\Owner.A-5A34B8B1C8E24\Plocha\potvora.com
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Franta.DOMA-AA5EAFBDFE\Local Settings\Temporary Internet Files\MAILTRAN.INI
c:\documents and settings\Franta.DOMA-AA5EAFBDFE\Local Settings\Temporary Internet Files\SLOVA.WAV
c:\documents and settings\Franta.DOMA-AA5EAFBDFE\Local Settings\Temporary Internet Files\TRNCOM.INI
c:\documents and settings\Franta\Dokumenty\cc_20100204_160354.reg
c:\documents and settings\Franta\Local Settings\Temporary Internet Files\MAILTRAN.INI
c:\documents and settings\Franta\Local Settings\Temporary Internet Files\SLOVA.WAV
c:\documents and settings\Franta\Local Settings\Temporary Internet Files\TRNCOM.INI
c:\recycler\S-1-5-21-108425924-2562857793-138426748-1005
c:\recycler\S-1-5-21-117609710-1364589140-725345543-1004
c:\recycler\S-1-5-21-1217631438-2487600481-3713030709-1003
c:\recycler\S-1-5-21-1454471165-1275210071-839522115-1003
c:\recycler\S-1-5-21-1801674531-527237240-725345543-1001
c:\recycler\S-1-5-21-1993962763-1383384898-725345543-1003

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-02-12 do 2010-03-12 )))))))))))))))))))))))))))))))
.

2010-03-12 20:11 . 2010-03-12 20:11 -------- d-----w- C:\_OTM
2010-03-12 19:05 . 2010-03-12 19:05 -------- d-----w- C:\rsit
2010-03-12 18:52 . 2010-03-12 18:52 -------- d-----w- c:\program files\Microsoft Bootvis
2010-03-10 12:33 . 2009-10-23 15:28 3558912 -c----w- c:\windows.4\system32\dllcache\moviemk.exe
2010-03-02 14:56 . 2010-03-06 14:09 -------- d-----w- c:\program files\Xfire
2010-03-01 19:20 . 2010-03-01 19:20 -------- d-----w- c:\program files\TeamSpeak 3 Client
2010-02-28 12:00 . 2000-06-26 09:45 106496 ----a-w- c:\windows.4\system32\TwnLib20.dll
2010-02-28 12:00 . 2004-07-26 15:16 471040 ------w- c:\windows.4\system32\ImagXRA7.dll
2010-02-28 12:00 . 2004-07-26 15:16 476320 ------w- c:\windows.4\system32\ImagXpr7.dll
2010-02-28 12:00 . 2004-07-26 15:16 262144 ------w- c:\windows.4\system32\ImagXR7.dll
2010-02-28 12:00 . 2004-07-26 15:16 1568768 ------w- c:\windows.4\system32\ImagX7.dll
2010-02-28 12:00 . 2010-02-28 12:00 -------- d-----w- c:\program files\Common Files\Ahead
2010-02-28 12:00 . 2001-07-09 09:50 155648 ----a-w- c:\windows.4\system32\NeroCheck.exe
2010-02-28 12:00 . 2010-02-28 12:00 -------- d-----w- c:\program files\Ahead
2010-02-21 17:00 . 2010-02-21 17:00 -------- d-----w- c:\program files\FileHippo.com
2010-02-21 09:28 . 2010-02-21 09:28 4096 ----a-w- c:\windows.4\d3dx.dat
2010-02-21 09:22 . 1998-10-09 17:04 327168 ----a-w- c:\windows.4\IsUn0405.exe
2010-02-20 18:14 . 2010-03-07 12:45 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-02-14 18:52 . 2010-02-14 18:52 -------- d-----w- c:\program files\JRE
2010-02-14 14:26 . 2010-03-11 16:59 138384 ----a-w- c:\windows.4\system32\drivers\PnkBstrK.sys
2010-02-14 14:26 . 2010-03-11 16:57 215128 ----a-w- c:\windows.4\system32\PnkBstrB.exe
2010-02-14 14:24 . 2010-02-16 16:57 75064 ----a-w- c:\windows.4\system32\PnkBstrA.exe
2010-02-14 08:32 . 2010-02-14 08:41 -------- d-----w- c:\program files\Doom 3
2010-02-13 14:15 . 2010-02-13 14:15 -------- d-----w- c:\program files\BfSV
2010-02-12 18:13 . 2010-02-12 18:13 -------- d-----w- c:\program files\QIP Infium JadrisPack2
2010-02-11 03:19 . 2010-02-11 03:19 41872 ----a-w- c:\windows.4\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-12 19:05 . 2010-01-09 18:07 -------- d-----w- c:\program files\Trend Micro
2010-03-12 17:29 . 2007-11-06 16:52 -------- d-----w- c:\program files\Steam
2010-03-06 12:29 . 2009-10-10 18:46 -------- d-----w- c:\program files\SpeedFan
2010-02-21 17:25 . 2010-01-07 14:22 -------- d-----w- c:\program files\Defraggler
2010-02-21 17:17 . 2007-03-26 13:24 -------- d-----w- c:\program files\uTorrent
2010-02-20 11:01 . 2010-02-05 02:35 -------- d-----w- c:\program files\Fraps
2010-02-19 21:44 . 2010-01-25 18:35 -------- d-----w- c:\program files\ICQ7.0
2010-02-19 18:48 . 2005-03-10 10:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-02-18 13:42 . 2008-06-07 12:26 -------- d-----w- c:\program files\SystemRequirementsLab
2010-02-14 18:52 . 2009-05-12 16:28 -------- d-----w- c:\program files\OpenOffice.org 3
2010-02-14 18:51 . 2007-01-24 18:43 -------- d-----w- c:\program files\Java
2010-02-14 08:26 . 2010-01-09 11:47 -------- d-----w- c:\program files\Common Files\InstallShield
2010-02-12 17:32 . 2004-08-18 14:00 78030 ----a-w- c:\windows.4\system32\perfc005.dat
2010-02-12 17:32 . 2004-08-18 14:00 429018 ----a-w- c:\windows.4\system32\perfh005.dat
2010-02-05 19:50 . 2007-07-08 22:03 -------- d-----w- c:\program files\DivX
2010-02-05 01:27 . 2010-02-05 01:27 -------- d-----w- c:\program files\EA GAMES
2010-02-04 20:03 . 2008-11-22 14:24 -------- d-----w- c:\program files\ATI Technologies
2010-02-04 13:14 . 2010-02-04 13:10 -------- d-----w- c:\program files\Google
2010-02-03 16:28 . 2010-02-03 16:28 -------- d-----w- c:\program files\Common Files\Logitech
2010-02-03 16:28 . 2006-12-02 18:09 -------- d-----w- c:\program files\Logitech
2010-02-03 12:42 . 2010-02-03 00:00 -------- d-----w- c:\program files\QIP Infium JadrisPack
2010-02-03 11:54 . 2010-01-31 01:17 -------- d-----w- c:\program files\ImgBurn
2010-02-03 11:45 . 2010-02-03 11:45 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-02-03 11:45 . 2010-02-03 11:45 691696 ----a-w- c:\windows.4\system32\drivers\sptd.sys
2010-02-03 10:47 . 2010-02-03 10:47 -------- d-----w- c:\program files\Haali
2010-02-03 10:27 . 2010-01-10 10:43 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-02-03 02:21 . 2010-02-03 02:21 -------- d-----w- c:\program files\MPC HomeCinema
2010-02-03 01:51 . 2010-02-03 01:51 0 ----a-w- c:\windows.4\nsreg.dat
2010-02-03 01:20 . 2010-02-03 01:20 -------- d-----w- c:\program files\Common Files\Java
2010-02-03 01:20 . 2010-02-03 01:20 411368 ----a-w- c:\windows.4\system32\deploytk.dll
2010-02-03 01:02 . 2009-07-22 13:59 -------- d-----w- c:\program files\Microsoft Kalkulačka+
2010-02-02 23:41 . 2010-02-02 23:41 -------- d-----w- c:\program files\C-Media 3D Audio
2010-02-02 22:54 . 2004-10-27 22:16 76499 ----a-w- c:\windows.4\pchealth\helpctr\OfflineCache\index.dat
2010-02-02 22:54 . 2004-10-27 22:16 2708 ----a-w- c:\windows.4\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-02 22:53 . 2007-07-30 13:08 -------- d-----w- c:\program files\FLVPlayer4Free
2010-02-02 22:52 . 2004-10-27 22:17 8972 ----a-w- c:\windows.4\pchealth\helpctr\Config\Cntstore.bin
2010-02-02 21:52 . 2008-12-12 12:40 -------- d-----w- c:\program files\QIP 2005
2010-02-02 21:41 . 2010-02-02 21:41 0 ----a-w- c:\windows.4\SET1B.tmp
2010-02-02 13:44 . 2008-03-28 14:43 -------- d-----w- c:\program files\Common Files\Adobe
2010-01-30 20:25 . 2010-01-30 20:25 -------- d-----w- c:\program files\Simpli Software
2010-01-25 19:39 . 2008-12-12 13:31 -------- d-----w- c:\program files\Mozilla Firefox 3.1 Beta 2
2010-01-16 16:42 . 2007-04-01 08:41 -------- d-----w- c:\program files\Microsoft
2010-01-16 16:41 . 2010-01-16 16:40 -------- d-----w- c:\program files\Windows Live
2010-01-16 16:41 . 2010-01-16 16:41 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-01-16 16:27 . 2010-01-16 16:27 -------- d-----w- c:\program files\Common Files\Windows Live
2010-01-14 17:54 . 2009-06-12 20:52 -------- d-----w- c:\program files\Microsoft Synchronization Services
2010-01-13 16:08 . 2010-01-13 16:06 -------- d-----w- c:\program files\Windows Live Safety Center
2010-01-12 18:36 . 2009-06-12 20:53 -------- d-----w- c:\program files\Microsoft SQL Server
2010-01-12 18:14 . 2007-02-11 09:55 -------- d-----w- c:\program files\Microsoft.NET
2009-12-31 16:50 . 2004-08-18 14:00 353792 ----a-w- c:\windows.4\system32\drivers\srv.sys
2009-12-22 05:09 . 2009-12-22 05:09 81920 ------w- c:\windows.4\system32\ieencode.dll
2009-12-21 19:08 . 2004-08-18 14:00 916480 ----a-w- c:\windows.4\system32\wininet.dll
2009-12-17 07:42 . 2004-10-27 22:12 343552 ----a-w- c:\windows.4\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 14:00 33280 ----a-w- c:\windows.4\system32\csrsrv.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 -c--a-w- c:\program files\opera\program\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 -c--a-w- c:\program files\opera\program\plugins\ssldivx.dll
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows.4\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows.4\system32\dllcache\tcpip.sys
[-] 2008-06-20 . CBEEBEB899E31EF52B962CB31FC8CA5C . 361600 . . [5.1.2600.5625] . . c:\windows.4\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.4\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows.4\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-18 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows.4\$NtServicePackUninstall$\tcpip.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2006-11-27 1582616]
"NeroFilterCheck"="c:\windows.4\system32\NeroCheck.exe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows.4\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 14:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 00:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
2009-09-16 20:14 153608 ----a-w- c:\program files\Logitech\Gaming Software\LWEMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2009-09-29 21:13 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 03:17 149280 -c--a-w- c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"idsvc"=3 (0x3)
"gupdate"=2 (0x2)
"JavaQuickStarterService"=2 (0x2)
"TermService"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS.4\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Owner.A-5A34B8B1C8E24\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

S0 sptd;sptd;c:\windows.4\system32\drivers\sptd.sys [3.2.2010 12:45 691696]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4.2.2010 14:10 135664]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
TCP: {1C16D198-46F4-4131-8601-7085F9F73969} = 62.84.128.6,62.84.132.6
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-12 21:45
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS.4\\system32\\Macromed\\Flash\\FlashUtil10e_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS.4\\system32\\Macromed\\Flash\\FlashUtil10e_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(736)
c:\windows.4\system32\Ati2evxx.dll
.
Celkový čas: 2010-03-12 21:48:30
ComboFix-quarantined-files.txt 2010-03-12 20:48

Před spuštěním: Volných bajtů: 12 754 542 592
Po spuštění: Volných bajtů: 15 186 771 968

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.4
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS.4="Microsoft Windows XP Home Edition" /NoExecute=AlwaysOff /fastdetect

- - End Of File - - C32616823C938E7BF12F95160CC03012

VIRY.CZ

Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt

Re: Prosím o kontrolu logu, před chvíli jsem tu měl modrou smrt