Preventivka 11.4.2010

Zpráva

bojimso · #1 Příspěvek od **bojimso** » 11 dub 2010 11:39

Dobrý den, mohl bych poprosit o kontrolu jestli tam nemám nějakého zmetka?

Logfile of random's system information tool 1.06 (written by random/random)
Run by David at 2010-04-11 12:38:23
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (15%) free of 76 GB
Total RAM: 735 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:33, on 11.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\David\Plocha\RSIT.exe
C:\Documents and Settings\David\Plocha\Věci\David.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre0.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CORSAIR_PLUtil] C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\System32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [CyberLat Ram Cleaner] C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: MP3 - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &WinMp3Locator - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Files - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FileLocator - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 8337 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2007-11-29 187504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2010-02-28 2349080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
DAPIELoader Class - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2010-04-05 140880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{ecdee021-0d17-467f-a1ff-c7a115230949} - free-downloads.net Toolbar - C:\Program Files\free-downloads.net\tbfre0.dll [2010-02-28 2349080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2003-05-07 36864]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CORSAIR_PLUtil"=C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe [2004-11-11 90112]
"PLFFAP"=C:\WINDOWS\System32\HotfixQ0306270.exe [2003-08-05 45056]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-01 196608]
"ToolBoxFX"=C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2007-07-11 53248]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"CyberLat Ram Cleaner"=C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe [2006-02-10 142848]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []
"ASUS Probe"=C:\Program Files\ASUS\Asus Probe\AsusProb.exe [2002-12-06 617984]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-01-11 246504]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-03-05 1135912]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Hry\Warcraft III\Warcraft III.exe"="C:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:P2P service of Orbit Downloader"
"C:\Program Files\FreeCall\freecall.exe"="C:\Program Files\FreeCall\freecall.exe:*:Enabled:FreeCall"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-04-10 19:38:18 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-10 19:38:17 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-10 19:38:12 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-10 19:38:11 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-10 19:38:10 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-10 19:38:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-10 19:37:55 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-10 19:37:54 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-10 19:37:51 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-10 19:35:26 ----HD---- C:\WINDOWS\msdownld.tmp
2010-04-10 19:35:20 ----D---- C:\WINDOWS\Logs
2010-04-10 17:47:03 ----A---- C:\WINDOWS\Ascd_tmp.ini
2010-04-10 17:38:38 ----D---- C:\Program Files\IObit
2010-04-10 17:38:17 ----D---- C:\Program Files\GameGain
2010-04-10 15:33:05 ----D---- C:\Documents and Settings\David\Data aplikací\Auslogics
2010-04-10 15:32:22 ----D---- C:\Program Files\Auslogics
2010-04-09 23:26:26 ----D---- C:\WINDOWS\system32\oodag
2010-04-08 23:09:28 ----D---- C:\Program Files\Defraggler
2010-04-05 21:02:34 ----D---- C:\Program Files\SpeedBit Video Accelerator
2010-04-05 20:58:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2010-03-27 23:17:16 ----D---- C:\Documents and Settings\David\Data aplikací\DivX
2010-03-27 23:16:48 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-27 23:00:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-27 19:10:25 ----D---- C:\WINDOWS\Eurobattle.net
2010-03-21 15:35:47 ----D---- C:\Program Files\UBISOFT
2010-03-13 10:54:42 ----D---- C:\Program Files\GIMP-2.0
2010-03-12 00:37:33 ----D---- C:\Documents and Settings\David\Data aplikací\VoipBuster
2010-03-12 00:36:56 ----D---- C:\Program Files\VoipBuster.com

======List of files/folders modified in the last 1 months======

2010-04-11 12:38:22 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-11 08:12:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-11 08:10:53 ----D---- C:\WINDOWS\temp
2010-04-11 08:10:42 ----D---- C:\WINDOWS
2010-04-10 19:38:20 ----HD---- C:\WINDOWS\inf
2010-04-10 19:38:20 ----D---- C:\WINDOWS\system32\DirectX
2010-04-10 19:38:20 ----D---- C:\WINDOWS\system32
2010-04-10 19:29:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-10 18:01:58 ----D---- C:\WINDOWS\Help
2010-04-10 18:01:49 ----D---- C:\WINDOWS\system32\drivers
2010-04-10 17:51:27 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-10 17:51:19 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-10 17:49:50 ----D---- C:\WINDOWS\system
2010-04-10 17:49:34 ----AC---- C:\WINDOWS\system32\msssc.dll
2010-04-10 17:38:38 ----RD---- C:\Program Files
2010-04-09 23:22:44 ----SHD---- C:\WINDOWS\Installer
2010-04-09 23:22:44 ----D---- C:\Config.Msi
2010-04-09 23:11:39 ----D---- C:\Program Files\OO Software
2010-04-08 23:23:43 ----D---- C:\Hry
2010-04-08 23:21:24 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-04-08 23:21:05 ----D---- C:\WINDOWS\Prefetch
2010-04-08 23:16:44 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-08 22:49:03 ----AC---- C:\WINDOWS\win.ini
2010-04-08 22:48:22 ----AC---- C:\WINDOWS\wincmd.ini
2010-04-06 14:51:34 ----RSD---- C:\WINDOWS\assembly
2010-04-06 14:29:28 ----D---- C:\Program Files\DAP
2010-04-05 21:00:34 ----D---- C:\Program Files\Mozilla Firefox
2010-04-05 20:58:28 ----D---- C:\Documents and Settings\David\Data aplikací\Orbit
2010-04-05 09:19:36 ----D---- C:\Program Files\Opera
2010-04-02 21:56:53 ----AC---- C:\WINDOWS\system.ini
2010-04-01 13:59:28 ----D---- C:\WINDOWS\Minidump
2010-03-31 13:27:12 ----D---- C:\Program Files\WinRAR
2010-03-30 16:35:36 ----D---- C:\Program Files\BSplayer
2010-03-30 16:16:13 ----D---- C:\Documents and Settings\David\Data aplikací\WinRAR
2010-03-28 19:13:52 ----D---- C:\Documents and Settings\David\Data aplikací\BSplayer
2010-03-28 08:54:17 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 23:17:46 ----D---- C:\Program Files\DivX
2010-03-27 23:15:25 ----D---- C:\Program Files\Common Files\DivX Shared
2010-03-27 00:13:53 ----D---- C:\Documents and Settings\David\Data aplikací\Skype
2010-03-26 18:10:18 ----D---- C:\Program Files\EVEREST Ultimate Edition
2010-03-13 11:00:49 ----D---- C:\Documents and Settings\David\Data aplikací\gtk-2.0
2010-03-12 00:28:08 ----SHD---- C:\RECYCLER

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-07-12 28672]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\System32\drivers\SSHDRV65.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2007-03-12 271360]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2007-03-12 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2005-07-11 19200]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-01-02 223128]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2003-06-07 258944]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\System32\drivers\AWRTPD.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\David\LOCALS~1\Temp\catchme.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\System32\DRIVERS\hamachi.sys [2008-03-05 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-08-21 11264]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-02-28 47360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-02-23 153376]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2004-09-03 53248]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2010-04-05 300656]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-06-05 561152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-23 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-09 355584]
S4 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL []

-----------------EOF-----------------

Unlimited_Killer

Dobré odpoledne, na logu se pracuje.

Unlimited_Killer

Jdeme na to. ↓

1) OTMoveit3

Stáhněte OTM3 na Plochu.
Spusťte ho dvojklikem na OTM.exe, pokud to nepůjde, zkuste to s adminskými právy.

Do levého okna 'Paste Instructions for Items to be Moved' vkopírujte následující skript:

Kód: Vybrat vše

:processes
explorer.exe

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ecdee021-0d17-467f-a1ff-c7a115230949}"=-
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=-
"UserFaultCheck"=-
"SunJavaUpdateSched"=-
"DivXUpdate"=-



:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Program Files\free-downloads.net

:services
JavaQuickStarterService

:commands
[emptytemp]
[emptyflash]
[reboot]

Poté klikněte na červené tlačítko 'MoveIt!'.
V zeleném okně vpravo by se měl zobrazit log, ten vkopírujete sem do fóra.
Pokud se zobrazí hláška k restartování, klikněte na 'Yes'.
Po restartu se log otevře sám, nebo ho najdete v C:\_OTM\MovedFiles

2) Fixnutí v HJT

Spusťte přejmenované HijackThis - C:\Program Files\Trend Micro\HijackThis\jmeno_uzivatele.exe
Následně klikněte na 'Do a system scan only'.

U níže uvedených položek udělejte fajfku do čtverečku a poté klikněte na 'Fix Checked'.

Kód: Vybrat vše

O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe

Pokud by tam nějaká položka nebyla, vynechte ji.

3) Malwarebytes' Anti-Malware

Stáhněte MbAM a postupujte podle popisu.
Zatím nic nemažte, MbAM má občas falešné detekce.
Poté mi sem vložte log ve formě textu.

bojimso · #4 Příspěvek od **bojimso** » 12 dub 2010 18:08

Omlouvám se, dostal jsem se k PC až teď.

add.1) Prikladam LOG, PC zamrzl na okne "vypinani PC" asi 10 minut tak jsem ho restartoval rucne.

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks\\{ecdee021-0d17-467f-a1ff-c7a115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ecdee021-0d17-467f-a1ff-c7a115230949}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF6C3CF0-4B15-11D1-ABED-709549C10000}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ecdee021-0d17-467f-a1ff-c7a115230949} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ecdee021-0d17-467f-a1ff-c7a115230949}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\HP Software Update deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivXUpdate deleted successfully.
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP142.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5F2.tmp folder moved successfully.
C:\WINDOWS\CSC\csc1.tmp moved successfully.
C:\WINDOWS\Installer\MSI311.tmp moved successfully.
C:\WINDOWS\Installer\MSI314.tmp moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\system folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\sysbckup folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\inf folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\help folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\drivers folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp\directx folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1.tmp folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\system folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\sysbckup folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\inf folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\help folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\drivers folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp\directx folder moved successfully.
C:\WINDOWS\system32\DirectX\DX1A.tmp folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\system folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\sysbckup folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\inf folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\help folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\drivers folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp\directx folder moved successfully.
C:\WINDOWS\system32\DirectX\DX249.tmp folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\system folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\sysbckup folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\inf folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\help folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\drivers folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp\directx folder moved successfully.
C:\WINDOWS\system32\DirectX\DX8.tmp folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\system folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\sysbckup folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\inf folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\help folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\drivers folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp\directx folder moved successfully.
C:\WINDOWS\system32\DirectX\DXB6.tmp folder moved successfully.
C:\WINDOWS\temp\SBC1.tmp moved successfully.
C:\WINDOWS\temp\SBC19.tmp moved successfully.
C:\WINDOWS\temp\SBC1D.tmp moved successfully.
C:\WINDOWS\temp\SBC2.tmp moved successfully.
C:\WINDOWS\temp\SBC23.tmp moved successfully.
C:\WINDOWS\temp\SBC27.tmp moved successfully.
C:\WINDOWS\temp\SBC28.tmp moved successfully.
C:\WINDOWS\temp\SBC2A.tmp moved successfully.
C:\WINDOWS\temp\SBC3.tmp moved successfully.
C:\WINDOWS\temp\SBC79.tmp moved successfully.
C:\WINDOWS\twain_32\hpqgnds2.tmp moved successfully.
C:\Program Files\free-downloads.net folder moved successfully.
========== SERVICES/DRIVERS ==========
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: David
->Temp folder emptied: 63644385 bytes
->Temporary Internet Files folder emptied: 282226 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 22052051 bytes
->Opera cache emptied: 40334440 bytes
->Flash cache emptied: 7462 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Dýda
->Temp folder emptied: 0 bytes

User: Děda
->Temp folder emptied: 131584 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->FireFox cache emptied: 757089 bytes
->Opera cache emptied: 8358215 bytes
->Flash cache emptied: 405 bytes

User: FreewareList

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 348 bytes

User: Mamka
->Temp folder emptied: 1348039 bytes
->Temporary Internet Files folder emptied: 4509833 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 719375 bytes
->Opera cache emptied: 20844181 bytes
->Flash cache emptied: 728 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 257410 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 156,00 mb

OTM by OldTimer - Version 3.1.10.1 log created on 04122010_184032

add.2) Smazáno, mám dát i LOG?
add.3) Našlo to 2 soubory, tu je LOG:

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3981

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

12.4.2010 19:05:13
mbam-log-2010-04-12 (19-05-13).txt

Typ skenu: Rychlý sken
Skenované objekty: 134291
Uplynulý čas: 5 minuta(y), 47 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 1
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\WINDOWS\system32\nc.exe (Backdoor.NetCat) -> No action taken.

Díky za odpověď

Unlimited_Killer

Pokračujeme. ↓

1) VirusTotal

Otestujte na VirusTotal soubory:
Kód: Vybrat vše
```
C:\WINDOWS\system32\nc.exe
```
Jednoduše tam vkopírujete cesty, co jsem napsal do code.
Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
Poté sem vložíte linky (odkazy) na jednotlivé testy.

2) Nový RSIT log

bojimso · #6 Příspěvek od **bojimso** » 12 dub 2010 21:51

1)

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.04.12 -
AhnLab-V3 5.0.0.2 2010.04.12 -
AntiVir 7.10.6.64 2010.04.12 SPR/RemoteAdmin.Net
Antiy-AVL 2.0.3.7 2010.04.12 RemoteAdmin/Win32.RA
Authentium 5.2.0.5 2010.04.12 W32/Netcat
Avast 4.8.1351.0 2010.04.12 -
Avast5 5.0.332.0 2010.04.12 -
AVG 9.0.0.787 2010.04.12 Tool.HJ
BitDefender 7.2 2010.04.12 -
CAT-QuickHeal 10.00 2010.04.12 Trojan.Agent.ATV
ClamAV 0.96.0.3-git 2010.04.12 PUA.NetTool.Netcat-7
Comodo 4580 2010.04.12 ApplicUnsaf.Win32.RemoteAdmin
DrWeb 5.0.2.03300 2010.04.12 Tool.Netcat
eSafe 7.0.17.0 2010.04.12 Win32.HackTool
eTrust-Vet 35.2.7421 2010.04.12 -
F-Prot 4.5.1.85 2010.04.12 W32/Netcat
F-Secure 9.0.15370.0 2010.04.12 Riskware:W32/NetCat.D
Fortinet 4.0.14.0 2010.04.12 HackerTool/Netcat
GData 19 2010.04.12 -
Ikarus T3.1.1.80.0 2010.04.12 -
Jiangmin 13.0.900 2010.04.12 Hacktool.Nc
Kaspersky 7.0.0.125 2010.04.12 not-a-virus:RemoteAdmin.Win32.NetCat.jd
McAfee 5.400.0.1158 2010.04.12 -
McAfee-GW-Edition 6.8.5 2010.04.12 Heuristic.LooksLike.Win32.RemoteAdmin.L
Microsoft 1.5605 2010.04.12 -
NOD32 5022 2010.04.12 Win32/RemoteAdmin
Norman 6.04.11 2010.04.12 -
nProtect 2009.1.8.0 2010.04.06 -
Panda 10.0.2.2 2010.04.12 Hacktool/NetCat.B
PCTools 7.0.3.5 2010.04.12 SecurityRisk.NetCat
Prevx 3.0 2010.04.12 Medium Risk Malware
Rising 22.43.00.04 2010.04.12 Backdoor.Ncx.b
Sophos 4.52.0 2010.04.12 NetCat
Sunbelt 6167 2010.04.12 Trojan.Win32.Generic!BT
Symantec 20091.2.0.41 2010.04.12 NetCat
TheHacker 6.5.2.0.259 2010.04.12 Aplicacion/RemAdm.Netcat
TrendMicro 9.120.0.1004 2010.04.12 -
VBA32 3.12.12.4 2010.04.09 -
ViRobot 2010.4.12.2272 2010.04.12 Not_a_virus:RemoteAdmin.NetCat.59392
VirusBuster 5.0.27.0 2010.04.12 -
Rozšiřující informace
File size: 59392 bytes
MD5...: e0fb946c00b140693e3cf5de258c22a1
SHA1..: 57f0839433234285cc9df96198a6ca58248a4707
SHA256: be4211fe5c1a19ff393a2bcfa21dad8d0a687663263a63789552bda446d9421b
ssdeep: 768:pi3A+wAwcw1/GWTw8+7TAB+fThAapYgVLrORoMn+xtuHkydSsa6CvwEBRMOo
g:g3A+wAwjp+fTnlOR/+xtuHnK6p2Rog
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x4c00
timedatestamp.....: 0x34ae8eb9 (Sat Jan 03 19:17:13 1998)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x9770 0x9800 6.51 99fea9cdbf472ed6473431666c8f7286
.rdata 0xb000 0x417 0x600 4.10 7af92dc659256dfb70036de094bfbfe7
.data 0xc000 0x5244 0x3e00 2.52 8e29d3abefc4379adcd18df2e8e81ad8
.idata 0x12000 0x75c 0x800 5.00 4aa5cc552968cbb85860988cb4c9ef64

( 2 imports )
> KERNEL32.dll: ExitProcess, DisconnectNamedPipe, TerminateProcess, WaitForMultipleObjects, TerminateThread, GetLastError, CreateThread, CreatePipe, CreateProcessA, DuplicateHandle, GetCurrentProcess, ExitThread, Sleep, ReadFile, PeekNamedPipe, WriteFile, GetStdHandle, FreeConsole, VirtualFree, VirtualAlloc, LCMapStringA, SetEndOfFile, LCMapStringW, CreateFileA, GetNumberOfConsoleInputEvents, PeekConsoleInputA, HeapReAlloc, LoadLibraryA, GetStringTypeW, GetStringTypeA, GetProcAddress, SetStdHandle, SetEnvironmentVariableA, SetFilePointer, CompareStringA, GetOEMCP, CompareStringW, GetCPInfo, GetEnvironmentStringsW, GetACP, HeapFree, HeapAlloc, CloseHandle, GetTimeZoneInformation, GetSystemTime, GetLocalTime, GetCommandLineA, GetVersion, HeapDestroy, HeapCreate, RtlUnwind, FlushFileBuffers, SetHandleCount, GetFileType, GetStartupInfoA, WideCharToMultiByte, FreeEnvironmentStringsW, GetEnvironmentStrings, UnhandledExceptionFilter, GetModuleFileNameA, FreeEnvironmentStringsA, MultiByteToWideChar
> WSOCK32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: Win32 Executable MS Visual C++ (generic) (62.9%)
Win32 Executable Generic (14.2%)
Win32 Dynamic Link Library (generic) (12.6%)
Win16/32 Executable Delphi generic (3.4%)
Generic Win/DOS Executable (3.3%)
ThreatExpert info: <a href='http://www.threatexpert.com/report.aspx ... de258c22a1' target='_blank'>http://www.threatexpert.com/report.aspx ... 58c22a1</a>
packers (Antiy-AVL): InstallShield 2000 stub
<a href='http://info.prevx.com/aboutprogramtext. ... 00E859F1A1' target='_blank'>http://info.prevx.com/aboutprogramtext. ... 859F1A1</a>
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

http://www.virustotal.com/cs/analisis/b ... 1271105204

2) RSIT LOG:

Logfile of random's system information tool 1.06 (written by random/random)
Run by David at 2010-04-12 22:51:08
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (15%) free of 76 GB
Total RAM: 735 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:51:09, on 12.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\System32\HotfixQ0306270.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\David\Plocha\Věci\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\David.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CORSAIR_PLUtil] C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\System32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [CyberLat Ram Cleaner] C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: MP3 - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &WinMp3Locator - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Files - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FileLocator - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 7669 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2007-11-29 187504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
DAPIELoader Class - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2010-04-05 140880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CORSAIR_PLUtil"=C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe [2004-11-11 90112]
"PLFFAP"=C:\WINDOWS\System32\HotfixQ0306270.exe [2003-08-05 45056]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-01 196608]
"ToolBoxFX"=C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2007-07-11 53248]
"CyberLat Ram Cleaner"=C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe [2006-02-10 142848]
"ASUS Probe"=C:\Program Files\ASUS\Asus Probe\AsusProb.exe [2002-12-06 617984]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Hry\Warcraft III\Warcraft III.exe"="C:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:P2P service of Orbit Downloader"
"C:\Program Files\FreeCall\freecall.exe"="C:\Program Files\FreeCall\freecall.exe:*:Enabled:FreeCall"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-04-12 19:30:25 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\system32\SMMedia.dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\SynthCoreA.Dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\SynCor.exe
2010-04-12 19:30:24 ----D---- C:\WINDOWS\VirtualEar
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\Syncor11.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\S11thk32.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\DSndUp.exe
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\CleanUp.exe
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\Audio3d.dll
2010-04-12 18:56:49 ----D---- C:\Documents and Settings\David\Data aplikací\Malwarebytes
2010-04-12 18:56:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-12 18:56:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-12 18:40:32 ----D---- C:\_OTM
2010-04-11 16:21:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-04-11 16:19:57 ----D---- C:\Program Files\PC Drivers HeadQuarters
2010-04-11 16:01:38 ----D---- C:\Program Files\XPC Tools
2010-04-11 15:52:30 ----D---- C:\Program Files\Carambis
2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-04-10 19:38:18 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-10 19:38:17 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-10 19:38:12 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-10 19:38:11 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-10 19:38:10 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-10 19:38:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-10 19:37:55 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-10 19:37:54 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-10 19:37:51 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-10 19:35:20 ----D---- C:\WINDOWS\Logs
2010-04-10 17:47:03 ----A---- C:\WINDOWS\Ascd_tmp.ini
2010-04-10 17:38:38 ----D---- C:\Program Files\IObit
2010-04-10 17:38:17 ----D---- C:\Program Files\GameGain
2010-04-10 15:33:05 ----D---- C:\Documents and Settings\David\Data aplikací\Auslogics
2010-04-10 15:32:22 ----D---- C:\Program Files\Auslogics
2010-04-09 23:26:26 ----D---- C:\WINDOWS\system32\oodag
2010-04-08 23:09:28 ----D---- C:\Program Files\Defraggler
2010-04-05 21:02:34 ----D---- C:\Program Files\SpeedBit Video Accelerator
2010-04-05 20:58:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2010-03-27 23:17:16 ----D---- C:\Documents and Settings\David\Data aplikací\DivX
2010-03-27 23:16:48 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-27 23:00:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-27 19:10:25 ----D---- C:\WINDOWS\Eurobattle.net
2010-03-21 15:35:47 ----D---- C:\Program Files\UBISOFT
2010-03-13 10:54:42 ----D---- C:\Program Files\GIMP-2.0

======List of files/folders modified in the last 1 months======

2010-04-12 20:17:20 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-12 20:10:33 ----D---- C:\WINDOWS\temp
2010-04-12 19:33:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-12 19:32:52 ----D---- C:\WINDOWS
2010-04-12 19:31:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-12 19:30:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-12 19:30:31 ----D---- C:\WINDOWS\system32\drivers
2010-04-12 19:30:31 ----D---- C:\WINDOWS\system32
2010-04-12 19:30:30 ----HD---- C:\WINDOWS\inf
2010-04-12 19:30:30 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-12 19:30:24 ----D---- C:\WINDOWS\system
2010-04-12 19:30:23 ----AC---- C:\WINDOWS\system32\msssc.dll
2010-04-12 18:56:42 ----RD---- C:\Program Files
2010-04-12 18:40:53 ----D---- C:\WINDOWS\twain_32
2010-04-12 18:40:53 ----D---- C:\WINDOWS\system32\DirectX
2010-04-12 18:40:46 ----SHD---- C:\WINDOWS\Installer
2010-04-12 18:40:43 ----SHD---- C:\WINDOWS\CSC
2010-04-11 17:05:26 ----D---- C:\Config.Msi
2010-04-11 17:05:24 ----D---- C:\WINDOWS\Help
2010-04-11 16:49:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-11 16:21:14 ----RSD---- C:\WINDOWS\assembly
2010-04-11 16:19:38 ----D---- C:\WINDOWS\system32\config
2010-04-11 16:10:13 ----AC---- C:\WINDOWS\system32\BASSMOD.dll
2010-04-09 23:11:39 ----D---- C:\Program Files\OO Software
2010-04-08 23:23:43 ----D---- C:\Hry
2010-04-08 23:21:24 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-04-08 23:21:05 ----D---- C:\WINDOWS\Prefetch
2010-04-08 22:49:03 ----AC---- C:\WINDOWS\win.ini
2010-04-08 22:48:22 ----AC---- C:\WINDOWS\wincmd.ini
2010-04-06 14:29:28 ----D---- C:\Program Files\DAP
2010-04-05 21:00:34 ----D---- C:\Program Files\Mozilla Firefox
2010-04-05 20:58:28 ----D---- C:\Documents and Settings\David\Data aplikací\Orbit
2010-04-05 09:19:36 ----D---- C:\Program Files\Opera
2010-04-02 21:56:53 ----AC---- C:\WINDOWS\system.ini
2010-04-01 13:59:28 ----D---- C:\WINDOWS\Minidump
2010-03-31 13:27:12 ----D---- C:\Program Files\WinRAR
2010-03-30 16:35:36 ----D---- C:\Program Files\BSplayer
2010-03-30 16:16:13 ----D---- C:\Documents and Settings\David\Data aplikací\WinRAR
2010-03-28 19:13:52 ----D---- C:\Documents and Settings\David\Data aplikací\BSplayer
2010-03-28 08:54:17 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 23:17:46 ----D---- C:\Program Files\DivX
2010-03-27 23:15:25 ----D---- C:\Program Files\Common Files\DivX Shared
2010-03-27 00:13:53 ----D---- C:\Documents and Settings\David\Data aplikací\Skype
2010-03-26 18:10:18 ----D---- C:\Program Files\EVEREST Ultimate Edition
2010-03-13 11:00:49 ----D---- C:\Documents and Settings\David\Data aplikací\gtk-2.0

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-07-12 28672]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\System32\drivers\SSHDRV65.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2007-03-12 271360]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2007-03-12 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2005-07-11 19200]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-01-02 223128]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2005-03-08 172544]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\System32\drivers\AWRTPD.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\David\LOCALS~1\Temp\catchme.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\System32\DRIVERS\hamachi.sys [2008-03-05 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-08-21 11264]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-02-28 47360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2004-09-03 53248]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2010-04-05 300656]
S3 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-06-05 561152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-23 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-09 355584]
S4 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL []

-----------------EOF-----------------

Unlimited_Killer

Pokračujeme. ↓

1) Položky nalezené MbAMem nechte smazat.

2) OTCleaner

Stáhněte OTC a dvojklikem ho spusťte.
Vyskočí okénko, kde kliknete na 'CleanUp!'.
Potvrdíte kliknutím na 'Yes'.
Poté se ještě zeptá, zda chcete restartovat PC - to proveďte opět kliknutím na 'Yes'.

3) CCleaner

Stáhněte si program jménem CCleaner.
Normálně nainstalujte, jen dávejte pozor a odškrtněte položku 'Instalovat Yahoo! Toolbar'.
Spusťte ho.
- Záložka Čistič → nechte zatrženo vše, jak je, a klikněte na 'Spustit CCleaner'.
- Záložka Registry → klikněte na 'Hledej problémy'. Vyhledá problémy v registru, až dokončí analyzování, klikněte na 'Opravit vybrané problémy'. Nabídne Vám vytvoření zálohy - pro jistotu ji vytvořte a uložte například na Plochu.
CCleaner doporučuji používat pravidelně, celkem rapidně dokáže zrychlit PC.

4) Defragmentace

Defragmentujte disk.
Lze to udělat několika způsoby ↓
- Přes defragmentaci integrovanou ve Windows [Start → Spustit → dfrg.msc → Enter]. Toto není příliš účinný způsob.
- Přes jednoduchý a přehledný program jménem Defraggler.
- Přes geniální program, který se nemusí instalovat a je hodně jednoduchý - JKDefrag.

5) FileHippo.com UpdateChecker

Abyste měl/a přehled o aktualizacích, doporučuji stáhnout program FileHippo.com UpdateChecker.
- Běžně ho nainstalujte.
- Spouštějte ho například jednou až dvakrát týdně.
- Přehledně zobrazí všechny programy, které jsou neaktualizované, nabídne stažení novější verze (což doporučuji).
- Dávejte si pozor,co dané aplikace instalují 's sebou' → například zbytečné toolbary (lišty).
  - Proto se nevyplatí bezmyšlenkovitě klikat na 'Next', popřípadě 'Další'.

6) Nový RSIT log

bojimso · #8 Příspěvek od **bojimso** » 13 dub 2010 13:14

Nový LOG RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by David at 2010-04-13 14:13:23
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 12 GB (16%) free of 76 GB
Total RAM: 735 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:24, on 13.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
C:\WINDOWS\System32\HotfixQ0306270.exe
C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe
C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
C:\Program Files\ASUS\Asus Probe\AsusProb.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\David\Plocha\Věci\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\David.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~1\DAP\DAPIEL~1.DLL
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CORSAIR_PLUtil] C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\System32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [CyberLat Ram Cleaner] C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe
O4 - HKLM\..\Run: [ASUS Probe] C:\Program Files\ASUS\Asus Probe\AsusProb.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout obsah FLV videa s IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout všechny odkazy s IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: MP3 - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &WinMp3Locator - {1537E842-0000-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Files - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &FileLocator - {1537E842-0001-11D2-8059-111111111111} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O10 - Unknown file in Winsock LSP: c:\progra~1\speedb~1\sblsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\wbsys.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe

--
End of file - 7817 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000123B4-9B42-4900-B3F7-F4B073EFC214}]
Octh Class - C:\Program Files\Orbitdownloader\orbitcth.dll [2007-11-29 187504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll [2003-05-12 50376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2005-05-31 853672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-02-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
DAPIELoader Class - C:\PROGRA~1\DAP\DAPIEL~1.DLL [2010-04-05 140880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2005-03-08 53248]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"CORSAIR_PLUtil"=C:\Program Files\Corsair\Corsair Flash Voyager Utility\PLBkMon.exe [2004-11-11 90112]
"PLFFAP"=C:\WINDOWS\System32\HotfixQ0306270.exe [2003-08-05 45056]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe [2001-11-01 196608]
"ToolBoxFX"=C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe [2007-07-11 53248]
"CyberLat Ram Cleaner"=C:\Program Files\CyberLat\CyberLat RAM Cleaner 2,0\CLRamCleaner.exe [2006-02-10 142848]
"ASUS Probe"=C:\Program Files\ASUS\Asus Probe\AsusProb.exe [2002-12-06 617984]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"Smapp"=C:\Program Files\Analog Devices\SoundMAX\SMTray.exe [2003-05-05 143360]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2004-08-17 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\wbsys.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB]
C:\Program Files\Stardock\Object Desktop\ThemeManager\fastload.dll [2001-12-20 24576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GrooveShellExtensions.dll [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoStartMenuPinnedList"=0
"NoStartMenuMFUprogramsList"=0
"NoUserNameInStartMenu"=0
"NoStartMenuSubFolders"=0
"NoCommonGroups"=0
"NoPrinterTabs"=0
"NoDeletePrinter"=0
"NoAddPrinter"=0
"NoPrinters"=0
"NoFavoritesMenu"=0
"NoRecentDocsNetHood"=0
"NoChangeAnimation"=0
"NoChangeKeyboardNavigationIndicators"=0
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Hry\Warcraft III\Warcraft III.exe"="C:\Hry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Orbitdownloader\orbitnet.exe"="C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:P2P service of Orbit Downloader"
"C:\Program Files\FreeCall\freecall.exe"="C:\Program Files\FreeCall\freecall.exe:*:Enabled:FreeCall"
"C:\Program Files\BitLord\BitLord.exe"="C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe"="C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount"
"C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe:*:Enabled:VoipBuster"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2010-04-13 14:12:06 ----D---- C:\rsit
2010-04-12 23:29:21 ----D---- C:\Program Files\FileHippo.com
2010-04-12 19:30:25 ----A---- C:\WINDOWS\system32\wdmioctl.dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\system32\SMMedia.dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\SynthCoreA.Dll
2010-04-12 19:30:25 ----A---- C:\WINDOWS\SynCor.exe
2010-04-12 19:30:24 ----D---- C:\WINDOWS\VirtualEar
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\SynthCore11Resources.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\Syncor11.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\S11thk32.dll
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\DSndUp.exe
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\CleanUp.exe
2010-04-12 19:30:24 ----A---- C:\WINDOWS\system32\Audio3d.dll
2010-04-12 18:56:49 ----D---- C:\Documents and Settings\David\Data aplikací\Malwarebytes
2010-04-12 18:56:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-12 18:56:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-11 16:21:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Drivers HeadQuarters
2010-04-11 16:19:57 ----D---- C:\Program Files\PC Drivers HeadQuarters
2010-04-11 16:01:38 ----D---- C:\Program Files\XPC Tools
2010-04-11 15:52:30 ----D---- C:\Program Files\Carambis
2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-04-10 19:38:20 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-04-10 19:38:19 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-04-10 19:38:18 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-04-10 19:38:17 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-04-10 19:38:13 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2010-04-10 19:38:12 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-04-10 19:38:11 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-04-10 19:38:10 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-04-10 19:38:09 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-04-10 19:38:08 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-04-10 19:38:07 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-04-10 19:38:06 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-04-10 19:38:05 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-04-10 19:38:04 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-04-10 19:38:03 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-04-10 19:38:02 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-04-10 19:38:01 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-04-10 19:38:00 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-04-10 19:37:59 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-10 19:37:58 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2010-04-10 19:37:57 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-10 19:37:56 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2010-04-10 19:37:55 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-10 19:37:54 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-10 19:37:52 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2010-04-10 19:37:51 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-10 19:35:20 ----D---- C:\WINDOWS\Logs
2010-04-10 17:47:03 ----A---- C:\WINDOWS\Ascd_tmp.ini
2010-04-10 17:38:38 ----D---- C:\Program Files\IObit
2010-04-10 17:38:17 ----D---- C:\Program Files\GameGain
2010-04-10 15:33:05 ----D---- C:\Documents and Settings\David\Data aplikací\Auslogics
2010-04-10 15:32:22 ----D---- C:\Program Files\Auslogics
2010-04-09 23:26:26 ----D---- C:\WINDOWS\system32\oodag
2010-04-08 23:09:28 ----D---- C:\Program Files\Defraggler
2010-04-05 21:02:34 ----D---- C:\Program Files\SpeedBit Video Accelerator
2010-04-05 20:58:49 ----D---- C:\Documents and Settings\All Users\Data aplikací\SpeedBit
2010-03-27 23:17:16 ----D---- C:\Documents and Settings\David\Data aplikací\DivX
2010-03-27 23:16:48 ----N---- C:\WINDOWS\system32\pxcpyi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxinsi64.exe
2010-03-27 23:16:47 ----N---- C:\WINDOWS\system32\pxafs.dll
2010-03-27 23:00:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2010-03-27 19:10:25 ----D---- C:\WINDOWS\Eurobattle.net
2010-03-21 15:35:47 ----D---- C:\Program Files\UBISOFT

======List of files/folders modified in the last 1 months======

2010-04-13 14:05:54 ----D---- C:\WINDOWS\temp
2010-04-13 00:50:15 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-13 00:48:38 ----RSD---- C:\WINDOWS\Fonts
2010-04-13 00:48:38 ----D---- C:\WINDOWS\system32\drivers
2010-04-13 00:18:31 ----D---- C:\WINDOWS
2010-04-12 23:42:16 ----D---- C:\WINDOWS\system32
2010-04-12 23:30:23 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-12 23:29:21 ----RD---- C:\Program Files
2010-04-12 23:26:26 ----D---- C:\Program Files\CCleaner
2010-04-12 19:33:06 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-12 19:30:37 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-12 19:30:30 ----HD---- C:\WINDOWS\inf
2010-04-12 19:30:30 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-12 19:30:24 ----D---- C:\WINDOWS\system
2010-04-12 19:30:23 ----AC---- C:\WINDOWS\system32\msssc.dll
2010-04-12 18:40:53 ----D---- C:\WINDOWS\twain_32
2010-04-12 18:40:53 ----D---- C:\WINDOWS\system32\DirectX
2010-04-12 18:40:46 ----SHD---- C:\WINDOWS\Installer
2010-04-12 18:40:43 ----SHD---- C:\WINDOWS\CSC
2010-04-11 17:05:26 ----D---- C:\Config.Msi
2010-04-11 17:05:24 ----D---- C:\WINDOWS\Help
2010-04-11 16:49:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-11 16:21:14 ----RSD---- C:\WINDOWS\assembly
2010-04-11 16:19:38 ----D---- C:\WINDOWS\system32\config
2010-04-11 16:10:13 ----AC---- C:\WINDOWS\system32\BASSMOD.dll
2010-04-09 23:11:39 ----D---- C:\Program Files\OO Software
2010-04-08 23:23:43 ----D---- C:\Hry
2010-04-08 23:21:24 ----AC---- C:\WINDOWS\NeroDigital.ini
2010-04-08 23:21:05 ----D---- C:\WINDOWS\Prefetch
2010-04-08 22:49:03 ----AC---- C:\WINDOWS\win.ini
2010-04-08 22:48:22 ----AC---- C:\WINDOWS\wincmd.ini
2010-04-06 14:29:28 ----D---- C:\Program Files\DAP
2010-04-05 21:00:34 ----D---- C:\Program Files\Mozilla Firefox
2010-04-05 20:58:28 ----D---- C:\Documents and Settings\David\Data aplikací\Orbit
2010-04-05 09:19:36 ----D---- C:\Program Files\Opera
2010-04-02 21:56:53 ----AC---- C:\WINDOWS\system.ini
2010-04-01 13:59:28 ----D---- C:\WINDOWS\Minidump
2010-03-31 13:27:12 ----D---- C:\Program Files\WinRAR
2010-03-30 16:35:36 ----D---- C:\Program Files\BSplayer
2010-03-30 16:16:13 ----D---- C:\Documents and Settings\David\Data aplikací\WinRAR
2010-03-28 19:13:52 ----D---- C:\Documents and Settings\David\Data aplikací\BSplayer
2010-03-28 08:54:17 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 23:17:46 ----D---- C:\Program Files\DivX
2010-03-27 23:15:25 ----D---- C:\Program Files\Common Files\DivX Shared
2010-03-27 00:13:53 ----D---- C:\Documents and Settings\David\Data aplikací\Skype
2010-03-26 18:10:18 ----D---- C:\Program Files\EVEREST Ultimate Edition

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\System32\DRIVERS\amdk7.sys [2004-08-17 41216]
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-07-12 28672]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-08-07 33052]
R1 SSHDRV65;SSHDRV65; \??\C:\WINDOWS\System32\drivers\SSHDRV65.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [2007-03-12 271360]
R2 cpuz132;cpuz132; \??\C:\WINDOWS\system32\drivers\cpuz132_x32.sys []
R2 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2005-04-21 10624]
R2 enodpl;enodpl; C:\WINDOWS\System32\drivers\enodpl.sys [2003-03-02 7552]
R2 lirsgt;lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [2007-03-12 18048]
R2 tandpl;tandpl; C:\WINDOWS\System32\drivers\tandpl.sys [2003-04-19 4736]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 AnyDVD;AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [2005-07-11 19200]
R3 dtscsi;dtscsi; C:\WINDOWS\System32\Drivers\dtscsi.sys [2007-01-02 223128]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2003-04-24 41984]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 viagfx;viagfx; C:\WINDOWS\System32\DRIVERS\vtmini.sys [2005-03-08 172544]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S3 Ad-Watch Real-Time Scanner;AW Real-Time Scanner; \??\C:\WINDOWS\System32\drivers\AWRTPD.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\System32\DRIVERS\hamachi.sys [2008-03-05 17480]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 HPFXBULK;HPFXBULK; C:\WINDOWS\system32\drivers\hpfxbulk.sys [2007-08-21 11264]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 NTSIM;NTSIM; \??\C:\WINDOWS\System32\ntsim.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2007-02-28 47360]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Třída USB Printer; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2004-09-03 53248]
R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\System32\wdfmgr.exe [2004-08-10 38912]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2004-08-17 14336]
R2 VideoAcceleratorService;VideoAcceleratorService; C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2010-04-05 300656]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
S3 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-06-05 561152]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-07-23 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2010-01-09 355584]
S4 MySQL;MySQL; C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt --defaults-file=C:\Program Files\MySQL\MySQL Server 5.0\my.ini MySQL []

-----------------EOF-----------------

Jinak bych mel otazku k defragmentaci: je mozne pri defragmentaci normalne pracovat?(surfovat po internetu atd.) nebo by se nemelo nic delat?

Unlimited_Killer

Můžete i normálně pracovat, ale lepší je nechat běžet například přes noc.

1) VirusTotal

Otestujte na VirusTotal soubory:
Kód: Vybrat vše
```
C:\WINDOWS\System32\shdocvw.dll
```
Jednoduše tam vkopírujete cesty, co jsem napsal do code.
Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
Poté sem vložíte linky (odkazy) na jednotlivé testy.

2) Jak se chová PC?

bojimso · #10 Příspěvek od **bojimso** » 13 dub 2010 15:21

http://www.virustotal.com/cs/analisis/2 ... 1271168203

PC je o dost rychlejsi zkusim jeste tu defragmentaci

Unlimited_Killer

Log vypadá 0K, jak se chová PC?

bojimso · #12 Příspěvek od **bojimso** » 15 dub 2010 12:12

Díky za vycisteni PC, PC je opet rychle jak ma byt

Unlimited_Killer

Není zač, děkuji za spolupráci a na shledanou.

VIRY.CZ

Preventivka 11.4.2010

Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010

Re: Preventivka 11.4.2010