Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu.Díky předem.

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Prosím o kontrolu logu.Díky předem.

#1 Příspěvek od digiart »

ComboFix 10-05-13.02 - digiart 13.05.2010 23:43:29.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2047.1105 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
FW: FortKnox Personal Firewall *enabled* {82117492-906E-4b02-A33A-84D42A2DD907}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
c:\program files\FunWebProducts
c:\program files\IEToolbar
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
c:\program files\MyWebSearch\bar\1.bin\F3DTACTL.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3HTmlmu.dll
c:\program files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
c:\program files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
c:\program files\MyWebSearch\bar\1.bin\F3REGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL
c:\program files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\1.bin\CHROME.MANIFEST
c:\program files\MyWebSearch\bar\1.bin\chrome\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\1.bin\INSTALL.RDF
c:\program files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL
c:\program files\MyWebSearch\bar\1.bin\M3DLGHK.DLL
c:\program files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
c:\program files\MyWebSearch\bar\1.bin\M3HTML.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IDLE.DLL
c:\program files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
c:\program files\MyWebSearch\bar\1.bin\M3MSg.dll
c:\program files\MyWebSearch\bar\1.bin\M3OUtlcn.dll
c:\program files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKIN.DLL
c:\program files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
c:\program files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSBAR.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSMLBTN.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
c:\program files\MyWebSearch\bar\1.bin\MWSSVC.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSUABTN.DLL
c:\program files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\programdata\mazuki.dll
c:\users\digiart\AppData\Local\Microsoft\Windows\Temporary Internet Files\8U_OVX30
c:\users\digiart\AppData\Local\Microsoft\Windows\Temporary Internet Files\p-t_bh_I
c:\users\digiart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Uy_vP-IYgDq
c:\users\digiart\AppData\Local\Microsoft\Windows\Temporary Internet Files\z-eXnEmh
c:\users\digiart\AppData\Roaming\Desktopicon
c:\users\digiart\AppData\Roaming\inst.exe
c:\windows\pthreadGC2.dll
c:\windows\system32\1
c:\windows\system32\1\usr1
c:\windows\system32\2
c:\windows\system32\2\usr2
c:\windows\system32\3
c:\windows\system32\3\usr3
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\vbzlib1.dll
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
C:\z.tmp

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Service_MyWebSearchService
-------\Service_NPF


((((((((((((((((((((((((( Soubory vytvořené od 2010-04-13 do 2010-05-13 )))))))))))))))))))))))))))))))
.

2010-05-13 22:02 . 2010-05-13 22:02 -------- d-----w- C:\Device
2010-05-13 22:01 . 2010-05-13 22:03 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-05-13 22:01 . 2010-05-13 22:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-13 16:48 . 2010-05-13 17:35 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-05-13 16:21 . 2010-05-13 17:35 -------- d-----w- c:\program files\World of Warcraft.temp
2010-05-13 16:21 . 2010-05-13 16:21 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.b2844701.temp
2010-05-13 16:06 . 2010-05-13 16:06 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.58e328d8.temp
2010-05-13 11:56 . 2010-05-13 11:56 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.a16e7856.temp
2010-05-13 09:44 . 2010-05-13 11:50 -------- d-----w- c:\program files\SETI@BOINCWatch(.NET)
2010-05-13 09:25 . 2010-05-13 11:51 -------- d-----w- c:\program files\SMV
2010-05-12 05:51 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll
2010-05-11 13:34 . 2010-05-11 13:34 -------- d-----w- c:\program files\Intel Corporation
2010-05-11 12:22 . 2010-05-13 16:19 -------- d-----w- c:\program files\Prime95
2010-05-11 11:56 . 2010-05-11 11:56 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment.temp
2010-05-10 08:58 . 2010-05-10 09:07 65536 ----a-w- c:\windows\IFinst27.exe
2010-05-09 20:48 . 2010-05-09 20:48 288263 ----a-w- C:\gb.exe
2010-05-09 16:53 . 2010-05-09 16:54 -------- d-----w- c:\programdata\Protexis
2010-05-09 16:41 . 2010-05-09 16:41 -------- d-----w- c:\program files\Microsoft SDKs
2010-05-09 16:41 . 2010-05-09 16:42 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-05-09 11:36 . 2010-05-09 11:36 -------- d-----w- c:\programdata\ElectricSheep
2010-05-09 11:36 . 2010-05-09 11:36 -------- d-----w- c:\program files\Electric Sheep
2010-05-08 21:14 . 2010-05-08 21:14 -------- d-----w- c:\users\digiart\.aladin
2010-05-07 21:42 . 2010-05-07 21:42 -------- d-----w- c:\users\digiart\AppData\Local\playlogic
2010-05-07 21:41 . 2010-05-07 21:41 -------- d-----w- c:\program files\PlayLogic
2010-05-07 21:11 . 2010-05-07 21:13 -------- d-----w- c:\program files\Road Works Simulator
2010-05-07 12:34 . 2010-05-07 12:34 -------- d-----w- c:\program files\Net Studio
2010-05-07 11:26 . 2009-08-24 19:08 28160 ----a-w- c:\windows\system32\DfSdkBt.exe
2010-05-07 11:23 . 2010-05-07 11:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Godlike
2010-05-07 11:23 . 2010-05-07 11:23 -------- d-----w- c:\program files\WinTools Software
2010-05-07 11:12 . 2010-05-07 11:38 -------- d-----w- c:\program files\WinSpeedUp
2010-05-07 10:20 . 2010-05-07 10:45 -------- d-----w- c:\program files\trend micro
2010-05-07 10:20 . 2010-05-07 10:20 -------- d-----w- C:\rsit
2010-05-07 10:19 . 2010-05-07 10:19 824681 ----a-w- C:\RSIT.exe
2010-05-04 21:24 . 2010-05-04 21:24 -------- d-----w- c:\program files\ciel
2010-05-04 20:50 . 2010-05-04 20:50 -------- d-----w- c:\users\digiart\AppData\Local\stellarium
2010-05-04 20:39 . 2010-05-04 21:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Stellarium
2010-05-04 20:39 . 2010-05-04 20:39 -------- d-----w- c:\program files\Stellarium
2010-05-04 20:29 . 2010-05-04 20:29 -------- d--h--w- c:\windows\PIF
2010-05-03 23:03 . 2010-05-03 23:07 -------- d-----w- c:\users\digiart\AppData\Roaming\SkyORB
2010-05-03 23:02 . 2010-05-03 23:02 -------- d-----w- c:\users\digiart\AppData\Roaming\realtech VR
2010-05-03 23:02 . 2010-05-07 10:51 -------- d-----w- c:\program files\realtech VR
2010-05-03 14:00 . 2010-05-03 14:00 -------- d-----w- c:\program files\Electronic Arts
2010-05-02 12:42 . 1997-01-24 15:44 1334032 ----a-w- c:\windows\system32\MSVBVM50.DLL
2010-05-02 12:41 . 2010-05-02 12:43 -------- d-----w- C:\Unreal
2010-04-30 13:38 . 2010-05-03 19:44 -------- d-----w- c:\program files\Cenega Czech
2010-04-30 08:53 . 2010-05-13 16:45 -------- d-----w- c:\program files\The Stalin Subway
2010-04-29 16:57 . 2010-04-29 17:03 -------- d-----w- c:\program files\Network Stumbler
2010-04-29 16:10 . 2010-04-29 16:10 -------- d-----w- c:\programdata\ATI
2010-04-29 16:04 . 2010-04-29 16:04 -------- d-----w- C:\ATI
2010-04-29 09:40 . 2010-04-29 17:03 -------- d-----w- c:\program files\Yahoo!
2010-04-29 09:30 . 2010-04-29 09:30 -------- d-----w- c:\program files\iWEB Studio
2010-04-29 09:30 . 2010-04-29 09:30 796672 ----a-w- c:\windows\GPInstall.exe
2010-04-28 22:42 . 2009-11-15 17:24 57808 ----a-w- c:\windows\system32\drivers\fortknoxfw.sys
2010-04-28 22:42 . 2009-09-17 06:57 23120 ----a-w- c:\windows\system32\drivers\fortknoxfw_ndisim.sys
2010-04-28 22:42 . 2010-04-28 22:42 -------- d-----w- c:\programdata\NETGATE
2010-04-28 22:42 . 2010-04-28 22:42 -------- d-----w- c:\program files\NETGATE
2010-04-28 08:59 . 2009-09-26 05:58 194488 ----a-w- c:\windows\system32\drivers\fvevol.sys
2010-04-28 08:59 . 2009-12-11 07:44 133720 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2010-04-28 08:59 . 2009-12-11 07:38 1037312 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-27 18:55 . 2010-04-27 19:43 -------- d-----w- c:\program files\Remote Network Watcher
2010-04-27 08:27 . 2010-04-27 08:27 4096 ----a-w- c:\windows\d3dx.dat
2010-04-27 08:15 . 2010-05-13 16:19 -------- d-----w- c:\program files\PC Wizard 2008
2010-04-26 19:56 . 2010-04-26 19:56 -------- d-----w- c:\program files\TopCD
2010-04-26 10:14 . 2010-04-26 10:14 -------- d-----w- c:\programdata\0LQnQhmzOli8Ir5EVfdg
2010-04-26 10:14 . 2010-04-26 10:14 -------- d-----w- c:\windows\StormPredator
2010-04-25 21:40 . 2010-04-25 21:40 -------- d-----w- c:\users\digiart\AppData\Roaming\The Creative Assembly
2010-04-22 22:25 . 2010-04-22 22:25 -------- d-----w- c:\program files\FastStone Image Viewer
2010-04-22 17:45 . 2010-04-22 17:45 -------- d-----w- c:\windows\system32\xlive
2010-04-22 17:45 . 2010-04-22 17:45 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-04-22 17:45 . 2010-04-22 17:45 -------- d-----w- c:\windows\system32\AGEIA
2010-04-22 17:45 . 2010-04-22 17:45 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-22 17:44 . 2010-05-03 23:02 -------- d--h--w- c:\windows\msdownld.tmp
2010-04-21 20:14 . 2010-04-21 20:29 -------- d-----w- c:\program files\Infogrames
2010-04-21 20:00 . 2010-04-21 20:01 -------- d-----w- c:\program files\Arcanum CZ
2010-04-21 19:58 . 2010-04-21 19:58 -------- d-----w- C:\Sierra
2010-04-21 19:55 . 2010-04-21 19:57 -------- d-----w- c:\program files\Arcanum
2010-04-20 22:25 . 2010-04-20 22:53 -------- d-----w- c:\users\digiart\AppData\Roaming\FahMon
2010-04-20 22:25 . 2010-05-01 04:34 -------- d-----w- c:\program files\FahMon
2010-04-20 22:20 . 2010-05-01 04:32 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-04-20 21:52 . 2010-05-13 21:32 -------- d-----w- c:\programdata\BOINC
2010-04-20 21:52 . 2010-05-13 10:09 -------- d-----w- c:\program files\BOINC
2010-04-19 23:25 . 2010-04-19 23:25 -------- d-----w- c:\users\digiart\.thumbnails
2010-04-19 20:39 . 2010-04-19 20:40 -------- d-----w- c:\users\digiart\AppData\Local\GPUMonitor
2010-04-19 20:31 . 2010-05-13 21:05 -------- d-----w- c:\program files\MSI Afterburner
2010-04-19 11:21 . 2010-04-19 11:21 -------- d-----w- c:\program files\RivaTuner v2.23
2010-04-18 21:03 . 2010-04-22 11:40 -------- d-----w- c:\program files\Ubisoft
2010-04-16 19:26 . 2010-04-16 19:27 -------- d-----w- c:\program files\German Truck Simulator
2010-04-16 18:30 . 2010-04-16 18:30 -------- d-----w- c:\program files\Common Files\BioWare
2010-04-16 11:32 . 2010-04-16 11:51 -------- d-----w- c:\program files\Celestia
2010-04-16 10:36 . 2010-04-16 10:36 -------- d-----w- c:\windows\Sun
2010-04-15 09:55 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-15 09:55 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-15 09:55 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-15 09:55 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-15 09:55 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-15 09:55 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 17:36 . 2010-04-27 08:22 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2010-04-14 17:36 . 2010-04-27 08:22 262144 ----a-w- c:\windows\system32\wrap_oal.dll
2010-04-14 17:34 . 2010-04-14 17:34 -------- d-----w- c:\windows\system32\Futuremark
2010-04-14 17:34 . 2004-10-25 18:02 21664 ----a-w- c:\windows\system32\drivers\Entech.sys
2010-04-14 17:34 . 2004-06-22 13:44 5632 ----a-w- c:\windows\system32\drivers\Entech64.sys
2010-04-14 17:34 . 2001-11-19 17:05 3972 ----a-w- c:\windows\system32\drivers\PciBus.sys
2010-04-14 17:32 . 2010-04-14 17:32 -------- d-----w- c:\program files\Futuremark
2010-04-13 23:04 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-13 23:04 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-13 16:16 . 2010-03-07 23:52 -------- d-----w- c:\program files\eFMer
2010-05-13 08:00 . 2010-05-13 08:00 0 ----a-w- c:\programdata\xml2D28.tmp
2010-05-13 08:00 . 2010-05-13 08:00 0 ----a-w- c:\programdata\xmlDAE3.tmp
2010-05-13 07:59 . 2010-05-13 07:59 0 ----a-w- c:\programdata\xml888E.tmp
2010-05-13 07:59 . 2010-05-13 07:59 0 ----a-w- c:\programdata\xml15DE.tmp
2010-05-13 01:00 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-12 05:53 . 2010-03-08 13:45 -------- d-----w- c:\programdata\Microsoft Help
2010-05-11 13:34 . 2010-03-08 13:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-11 13:34 . 2010-03-30 11:51 -------- d-----w- c:\program files\Common Files\InstallShield
2010-05-11 13:26 . 2010-04-01 12:00 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-05-10 16:32 . 2010-03-08 13:28 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-05-09 20:48 . 2010-05-09 20:48 220234 ----a-w- C:\w.tmp
2010-05-09 16:53 . 2010-03-07 23:03 75256 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-09 16:53 . 2010-04-01 12:00 -------- d-----w- c:\users\digiart\AppData\Roaming\Corel
2010-05-09 16:40 . 2010-04-01 11:59 -------- d-----w- c:\programdata\Corel
2010-05-09 16:35 . 2010-04-01 11:52 -------- d-----w- c:\program files\Corel
2010-05-07 12:33 . 2010-04-13 09:36 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-05-07 12:12 . 2010-03-07 23:20 -------- d-----w- c:\programdata\NVIDIA
2010-05-07 12:09 . 2010-04-02 14:51 -------- d-----w- c:\program files\Inpaint
2010-05-07 11:26 . 2010-03-21 11:24 -------- d-----w- c:\program files\Ashampoo
2010-05-06 20:59 . 2010-03-11 19:05 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-05-06 20:39 . 2010-03-11 19:06 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-05-06 20:39 . 2010-03-11 19:06 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-05-06 20:34 . 2010-03-11 19:06 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-05-06 20:34 . 2010-03-11 19:06 51792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-05-06 20:33 . 2010-03-11 19:06 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-05-06 08:36 . 2010-03-07 23:12 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-03 16:09 . 2010-03-16 11:19 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-05-02 12:34 . 2009-07-14 08:44 652200 ----a-w- c:\windows\system32\perfh005.dat
2010-05-02 12:34 . 2009-07-14 08:44 132430 ----a-w- c:\windows\system32\perfc005.dat
2010-04-29 16:11 . 2010-04-08 11:53 -------- d-----w- c:\program files\ATI
2010-04-29 16:07 . 2010-04-08 11:53 -------- d-----w- c:\program files\ATI Technologies
2010-04-26 08:10 . 2010-03-17 00:34 -------- d-----w- c:\program files\Process Lasso
2010-04-25 19:47 . 2010-03-08 18:49 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-04-22 22:25 . 2010-03-08 23:34 -------- d-----w- c:\users\digiart\AppData\Roaming\FastStone
2010-04-22 11:51 . 2010-03-12 13:33 -------- d-----w- c:\program files\FreeTime
2010-04-22 11:50 . 2010-04-05 18:09 -------- d-----w- c:\users\digiart\AppData\Roaming\COWON
2010-04-22 11:37 . 2010-04-12 21:06 -------- d-----w- c:\program files\Atari
2010-04-20 19:57 . 2010-03-18 19:31 -------- d-----w- c:\programdata\Ubisoft
2010-04-16 11:53 . 2010-03-07 23:20 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-16 11:52 . 2010-04-06 12:08 -------- d-----w- c:\program files\SpaceShuttleMission2007
2010-04-14 16:47 . 2010-03-11 19:05 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-14 12:33 . 2010-04-13 14:41 -------- d-----w- c:\programdata\Blasting and Demolition Simulator
2010-04-13 08:58 . 2010-04-13 08:58 -------- d-----w- c:\program files\Lavalys
2010-04-12 21:59 . 2010-04-12 21:59 -------- d-----w- c:\program files\Kalypso
2010-04-11 23:18 . 2010-04-11 23:18 -------- d-----w- c:\users\digiart\AppData\Roaming\Ambient Design
2010-04-10 11:06 . 2010-04-10 11:06 3530752 ----a-w- c:\windows\es.scr
2010-04-09 12:31 . 2010-03-22 12:34 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-04-08 12:56 . 2010-04-08 12:55 -------- d-----w- c:\program files\Lexmark X1100 Series
2010-04-08 11:57 . 2010-04-08 11:57 -------- d-----w- c:\users\digiart\AppData\Roaming\ATI
2010-04-08 11:56 . 2010-04-08 11:56 -------- d-----w- c:\program files\Common Files\ATI Technologies
2010-04-08 11:48 . 2010-04-08 11:48 0 ----a-w- c:\windows\ativpsrm.bin
2010-04-07 10:37 . 2010-04-07 10:37 -------- d-----w- c:\program files\Common Files\Java
2010-04-07 10:36 . 2010-04-05 16:14 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-04-07 10:36 . 2010-04-07 10:36 -------- d-----w- c:\program files\Java
2010-04-07 02:43 . 2010-04-07 02:43 5430272 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-04-07 02:16 . 2010-04-07 02:16 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-04-07 02:16 . 2010-04-07 02:16 489472 ----a-w- c:\windows\system32\aticfx32.dll
2010-04-07 02:13 . 2010-04-07 02:13 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-04-07 02:12 . 2010-04-07 02:12 372736 ----a-w- c:\windows\system32\atieclxx.exe
2010-04-07 02:12 . 2010-04-07 02:12 14321664 ----a-w- c:\windows\system32\atioglxx.dll
2010-04-07 02:12 . 2010-04-07 02:12 172032 ----a-w- c:\windows\system32\atiesrxx.exe
2010-04-07 02:10 . 2010-04-07 02:10 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-04-07 02:10 . 2010-04-07 02:10 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-04-07 02:10 . 2010-04-07 02:10 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-04-07 02:10 . 2010-04-07 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-04-07 02:06 . 2009-08-18 00:31 3164160 ----a-w- c:\windows\system32\atidxx32.dll
2010-04-07 01:46 . 2010-04-07 01:46 50176 ----a-w- c:\windows\system32\coinst.dll
2010-04-07 01:40 . 2009-08-18 00:20 3707904 ----a-w- c:\windows\system32\atiumdag.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalrt.dll
2010-04-07 01:40 . 2010-04-07 01:40 53248 ----a-w- c:\windows\system32\aticalcl.dll
2010-04-07 01:38 . 2010-04-07 01:38 4018176 ----a-w- c:\windows\system32\aticaldd.dll
2010-04-07 01:23 . 2009-11-25 02:25 237568 ----a-w- c:\windows\system32\atiadlxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 14848 ----a-w- c:\windows\system32\atigktxx.dll
2010-04-07 01:23 . 2010-04-07 01:23 157184 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-04-07 01:22 . 2010-04-07 01:22 28160 ----a-w- c:\windows\system32\atiuxpag.dll
2010-04-07 01:22 . 2010-04-07 01:22 20480 ----a-w- c:\windows\system32\atiu9pag.dll
2010-04-07 01:22 . 2010-04-07 01:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-04-07 01:21 . 2009-08-18 00:05 2983936 ----a-w- c:\windows\system32\atiumdva.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\atimpc32.dll
2010-04-07 01:08 . 2010-04-07 01:08 52224 ----a-w- c:\windows\system32\amdpcom32.dll
2010-04-06 19:07 . 2010-04-06 19:07 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-05 12:36 . 2010-03-26 21:40 -------- d-----w- c:\programdata\Sony
2010-04-04 22:19 . 2010-03-31 22:55 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-04-04 22:15 . 2010-03-31 22:56 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-04-04 21:07 . 2010-04-04 21:07 -------- d-----w- c:\users\digiart\AppData\Roaming\Publish Providers
2010-04-02 16:09 . 2010-04-02 16:09 2023 ----a-w- c:\windows\system32\atipblag.dat
2010-04-02 15:15 . 2010-04-02 11:48 -------- d-----w- c:\program files\DynamicPhotoHDR4
2010-04-02 14:56 . 2010-03-21 11:25 -------- d-----w- c:\users\digiart\AppData\Roaming\Ashampoo Cover Studio 2
2010-04-02 11:54 . 2010-04-02 11:54 -------- d-----w- c:\users\digiart\AppData\Roaming\Ashampoo
2010-04-02 11:52 . 2010-04-02 11:52 -------- d-----w- c:\programdata\ashampoo
2010-04-02 08:37 . 2010-03-08 13:28 -------- d-----w- c:\program files\ICQ7.0
2010-04-01 12:00 . 2010-04-01 12:00 8 --sh--r- c:\programdata\0B1135A687.sys
2010-04-01 11:59 . 2010-04-01 11:59 -------- d-----w- c:\program files\Common Files\Protexis
2010-04-01 11:57 . 2010-04-01 11:57 -------- d-----w- c:\program files\Common Files\Corel
2010-04-01 11:03 . 2010-03-08 18:46 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-04-01 00:14 . 2010-03-31 23:48 -------- d-----w- c:\program files\ZebraNetworkSystems
2010-03-31 23:48 . 2010-03-31 23:48 -------- d-----w- c:\users\digiart\AppData\Roaming\ZebraNetworkSystems
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2009-10-19 187192]

[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2009-10-19 15:15 1345336 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2009-10-19 1345336]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-05-06 2815192]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"FortKnoxPersonalFirewall"="c:\program files\NETGATE\FortKnox Personal Firewall\FortKnoxGUI.exe" [2010-04-23 1776280]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-04-19 44344]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-04-06 102400]
"USBFW"="c:\program files\Net Studio\USB FireWall\USB FireWall.exe" [2008-09-01 1330688]

c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-1-15 393216]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2010-3-8 3444008]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

R2 RNWService;RNWService;c:\program files\Remote Network Watcher\rnwservice.exe [x]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe [2009-08-24 406016]
R3 WinRing0_1_1_1;WinRing0_1_1_1;c:\users\digiart\Desktop\RealTemp_2.70\WinRing0.sys [2008-01-27 13904]
R3 zebratap;NeoRouter Network Interface;c:\windows\system32\DRIVERS\zebratap.sys [2009-03-29 25216]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-08 691696]
S1 aswSP;aswSP; [x]
S1 fortknox_drv;fortknox_drv;c:\windows\system32\drivers\fortknoxfw.sys [2009-11-15 57808]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-07 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 fortknox;FortKnox Personal Firewall;c:\program files\NETGATE\FortKnox Personal Firewall\FortKnox.exe [2010-02-04 514640]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-01-03 246520]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-04-07 5430272]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-07 157184]
S3 Fkndisf;FortKnox Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\fortknoxfw_ndisim.sys [2009-09-17 23120]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-04-19 12088]


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a812029a-4174-11df-a42e-002185051c96}]
\shell\AutoRun\command - I:\setup.exe
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://gb.iamwired.net/
mStart Page = hxxp://home.sweetim.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files\CentrumczToolbar\IEToolbar.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{285A148E-524F-4C90-9BE5-5EDFAE1A0ED6} - (no file)
HKCU-Run-Canaveral - c:\windows\system32\sshnas21.dll



**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll >>UNKNOWN [0x84A761F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.amr"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.apd"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.bmp"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bwf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cel"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcr"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.dib"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.emf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.erf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.fff"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.flc"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fli"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.gif"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.ico"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.iff"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.j2k"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.jp2"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.jpc"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.jpe"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.jpeg"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.jpg"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m15"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m1a"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m2a"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.m75"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.mef"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mpv"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pbm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pcd"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.pcx"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pgm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pics"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.png"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.ppm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.psp"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.pspimage"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.qcp"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.qtpf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.raw"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.rle"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sfil"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.smi"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.smil"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sml"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.sr2"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.swa"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.tga"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.thm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.tif"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.tiff"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ulw"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10o"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10p"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v10pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.v10pf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.vfw"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.wbm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.wbmp"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-892537856-3220669736-248375626-1000)
"Progid"="ACDSee 10.0.wmf"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xmp"

[HKEY_USERS\S-1-5-21-892537856-3220669736-248375626-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'Explorer.exe'(4264)
c:\program files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\program files\NETGATE\FortKnox Personal Firewall\protect.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Hard Disk Sentinel\HDSentinel.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\MSI Afterburner\MSIAfterburner.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Celkový čas: 2010-05-14 00:11:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-05-13 22:11

Před spuštěním: Volných bajtů: 256 884 510 720
Po spuštění: Volných bajtů: 256 396 533 760

- - End Of File - - 12C07B09635AA06B3A6079B505A13DC0
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Prosím o kontrolu logu.Díky předem.

#2 Příspěvek od riffman »

zdravim

stahnete GMER , rozbalte a spustte

probehne sken, po jehoz ukonceni na vas bafnou vysledky

pote kliknete na Save a ulozite tak log, jehoz obsah sem vlozte

pote dle tohoto navodu absolvujte druhy sken a opet obsah logu sem :)
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prosím o kontrolu logu.Díky předem.

#3 Příspěvek od digiart »

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-05-14 09:23:17
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\digiart\AppData\Local\Temp\ufrdifod.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x8E0DBAC6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x8E0DB8EA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0x8E0DBA24]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 84A781F8

AttachedDevice \Driver\tdx \Device\Ip fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Tcp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-05-14 10:10:15
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\digiart\AppData\Local\Temp\ufrdifod.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E30AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E30104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E303F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E18634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E18898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E301DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E30958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E306F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E30F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 82E311A8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0x8E8DBAC6]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0x8E8DB8EA]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0x8E8DBA24]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A49599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A6DF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
PAGE ntkrnlpa.exe!ZwLoadDriver 82BA7279 7 Bytes JMP 8E8DBA28 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 82C0EFA7 5 Bytes JMP 8E8D7536 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObInsertObject + 27 82C28CA7 5 Bytes JMP 8E8D8F28 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!NtCreateSection 82C36D23 7 Bytes JMP 8E8DB8EE \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 82CE0EAA 7 Bytes JMP 8E8DBACA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
? System32\Drivers\speq.sys Systém nemůže nalézt uvedenou cestu. !
.text USBPORT.SYS!DllUnload 8E97DCA0 5 Bytes JMP 85FF61D8
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8EA02000, 0x2F786C, 0xE8000020]
.text af3t5vga.SYS 8E766000 12 Bytes [44, B8, E1, 82, EE, B6, E1, ...]
.text af3t5vga.SYS 8E76600D 9 Bytes [97, E1, 82, 48, BB, E1, 82, ...] {XCHG EDI, EAX; LOOPZ 0xffffffffffffff85; DEC EAX; MOV EBX, 0x82e1}
.text af3t5vga.SYS 8E766017 170 Bytes [00, DE, 17, B8, 88, E6, 15, ...]
.text af3t5vga.SYS 8E7660C3 8 Bytes [00, 00, 00, 00, 00, 00, 00, ...] {ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL}
.text af3t5vga.SYS 8E7660CE 4 Bytes [00, 00, 00, 00] {ADD [EAX], AL; ADD [EAX], AL}
.text ...
.text peauth.sys 9CF6EC9D 28 Bytes [CF, F6, D9, BB, 36, 6E, 32, ...]
.text peauth.sys 9CF6ECC1 28 Bytes [CF, F6, D9, BB, 36, 6E, 32, ...]
.text kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 003D000C
.text kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 003E000C

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\Dwm.exe[1576] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0379000C
.text C:\Windows\system32\Dwm.exe[1576] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0410000C
.text C:\Windows\Explorer.EXE[1600] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 03B4000C
.text C:\Windows\Explorer.EXE[1600] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 03C3000C
.text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[1716] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 01D7000C
.text C:\Program Files\Alwil Software\Avast5\AvastUI.exe[1716] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0224000C
.text C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe[1724] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0018000C
.text C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe[1724] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0019000C
.text C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[1748] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0017000C
.text C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe[1748] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0018000C
.text C:\Program Files\Net Studio\USB FireWall\USB FireWall.exe[1756] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 01E6000C
.text C:\Program Files\Net Studio\USB FireWall\USB FireWall.exe[1756] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 01E7000C
.text C:\Program Files\Windows Sidebar\sidebar.exe[1764] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 030F000C
.text C:\Program Files\Windows Sidebar\sidebar.exe[1764] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 03A8000C
.text C:\Program Files\DAEMON Tools Lite\DTLite.exe[1796] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0277000C
.text C:\Program Files\DAEMON Tools Lite\DTLite.exe[1796] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0278000C
.text C:\Windows\system32\taskhost.exe[1868] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0152000C
.text C:\Windows\system32\taskhost.exe[1868] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0153000C
.text C:\Program Files\MSI Afterburner\MSIAfterburner.exe[1872] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 01FE000C
.text C:\Program Files\MSI Afterburner\MSIAfterburner.exe[1872] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 01FF000C
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1932] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 076C000C
.text C:\Program Files\OpenOffice.org 3\program\soffice.bin[1932] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0A76000C
.text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[1988] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 024A000C
.text C:\Program Files\Stardock\ObjectDock\ObjectDock.exe[1988] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 024B000C
.text C:\Windows\system32\taskeng.exe[2256] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0156000C
.text C:\Windows\system32\taskeng.exe[2256] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0157000C
.text C:\Program Files\Hard Disk Sentinel\HDSentinel.exe[2396] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 021A000C
.text C:\Program Files\Hard Disk Sentinel\HDSentinel.exe[2396] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 021F000C
.text C:\Windows\System32\mobsync.exe[2584] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0153000C
.text C:\Windows\System32\mobsync.exe[2584] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0154000C
.text C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe[3828] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 0055000C
.text C:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe[3828] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0056000C
.text C:\Users\digiart\AppData\Local\Temp\7zO147.tmp\gmer.exe[5220] kernel32.dll!OpenProcess 776973E4 5 Bytes JMP 003D000C
.text C:\Users\digiart\AppData\Local\Temp\7zO147.tmp\gmer.exe[5220] kernel32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 003E000C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] KERNEL32.dll!OpenProcess 776973E4 5 Bytes JMP 0031000C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] KERNEL32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 0044000C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] KERNEL32.dll!OpenProcess 776973E4 5 Bytes JMP 0037000C
.text C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] KERNEL32.dll!WriteProcessMemory 776B85C1 5 Bytes JMP 003F000C

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [88A85042] \SystemRoot\System32\Drivers\speq.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [88A856D6] \SystemRoot\System32\Drivers\speq.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [88A85800] \SystemRoot\System32\Drivers\speq.sys
IAT \SystemRoot\system32\DRIVERS\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [88A8513E] \SystemRoot\System32\Drivers\speq.sys
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortNotification] 00147880
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortQuerySystemTime] 78800C75
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortReadPortUchar] 06750015
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortStallExecution] C25DC033
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortWritePortUchar] 458B0008
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortWritePortUlong] 6A006A08
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 50056A24
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 005AB7E8
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortGetScatterGatherList] 0001B800
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortGetParentBusType] C25D0000
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortRequestCallback] CCCC0008
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortWritePortBufferUshort] CCCCCCCC
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortGetUnCachedExtension] CCCCCCCC
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortCompleteRequest] CCCCCCCC
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortCopyMemory] 53EC8B55
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortEtwTraceLog] 800C5D8B
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] 7500117B
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] 127B806A
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 80647500
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7500137B
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortInitialize] 157B805E
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortGetDeviceBase] 56587500
IAT \SystemRoot\System32\Drivers\af3t5vga.SYS[ataport.SYS!AtaPortDeviceStateChange] 8008758B

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [74A72494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [74A55624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74A556E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74A7250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [74A68573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [74A64D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [74A650CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [74A651A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [74A666D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [74A682CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74A68819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [74A6907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [74A6E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1600] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [74A64C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5512] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5512] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5512] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5512] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Windows\system32\msiexec.exe[5512] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe[5596] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)
IAT C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe[5696] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75C35E25] C:\Windows\system32\apphelp.dll (Application Compatibility client library/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 84A971F8
Device \FileSystem\udfs \UdfsCdRom 870B01F8
Device \FileSystem\udfs \UdfsDisk 870B01F8
Device \Driver\volmgr \Device\VolMgrControl 84A921F8
Device \Driver\usbohci \Device\USBPDO-0 85FF71F8
Device \Driver\ACPI_HAL \Device\00000052 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 85FF91F8

AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Tcp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)

Device \Driver\volmgr \Device\HarddiskVolume1 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\sptd \Device\908302816 speq.sys
Device \Driver\volmgr \Device\HarddiskVolume2 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\cdrom \Device\CdRom0 85F191F8
Device \Driver\cdrom \Device\CdRom1 85F191F8
Device \Driver\volmgr \Device\HarddiskVolume3 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\atapi \Device\Ide\IdePort0 84A941F8
Device \Driver\atapi \Device\Ide\IdePort1 84A941F8
Device \Driver\volmgr \Device\HarddiskVolume4 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\volmgr \Device\HarddiskVolume5 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000075 85FAF1F8
Device \Driver\volmgr \Device\HarddiskVolume6 84A921F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000076 85FAF1F8
Device \Driver\USBSTOR \Device\00000077 85FAF1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 85ED61F8
Device \Driver\USBSTOR \Device\00000078 85FAF1F8
Device \Driver\USBSTOR \Device\00000079 85FAF1F8
Device \Driver\nvstor \Device\RaidPort0 84A951F8
Device \Driver\PCI_PNP4816 \Device\0000005c speq.sys

AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\tdx \Device\Udp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp fortknoxfw.sys (FortKnox Personal Firewall/NETGATE Technologies s.r.o.)

Device \Driver\nvstor \Device\0000006c 84A951F8
Device \Driver\usbohci \Device\USBFDO-0 85FF71F8
Device \Driver\nvstor \Device\0000006d 84A951F8
Device \Driver\usbehci \Device\USBFDO-1 85FF91F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{03B929D0-D2F9-4096-A194-14060A1F3819} 85ED61F8
Device \Driver\af3t5vga \Device\Scsi\af3t5vga1 85A6D468
Device \Driver\af3t5vga \Device\Scsi\af3t5vga1Port4Path0Target0Lun0 85A6D468
Device \FileSystem\cdfs \Cdfs 86A931F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?DfSdk
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x36 0x45 0x13 0xF6 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC1 0x25 0x13 0x66 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x2A 0x87 0x5F 0x83 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x98 0x40 0x9D 0x87 ...
Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?DfSdk
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x36 0x45 0x13 0xF6 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xC1 0x25 0x13 0x66 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x2A 0x87 0x5F 0x83 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x98 0x40 0x9D 0x87 ...

---- EOF - GMER 1.0.15 ----
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Prosím o kontrolu logu.Díky předem.

#4 Příspěvek od riffman »

Combofix smazal hromadu bordelu, podezreni se nepotvrdilo, log je OK
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Uživatelský avatar
digiart
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 136
Registrován: 22 zář 2006 21:56
Bydliště: Jablonec nad Nisou
Kontaktovat uživatele:
Kontaktovat uživatele digiart

Re: Prosím o kontrolu logu.Díky předem.

#5 Příspěvek od digiart »

Díky moc. :worship:
Jsem zapojen do systému BOINC
Preferuji Obrázek a Obrázek, Obrázek
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.


----------------------------------------------------------------------------------------------------------------------------------

Obrázek
Nahoru
Uživatelský avatar
riffman
VIP
VIP
Příspěvky: 3203
Registrován: 20 říj 2004 07:00
Bydliště: České Budějovice
Kontaktovat uživatele:
Kontaktovat uživatele riffman

Re: Prosím o kontrolu logu.Díky předem.

#6 Příspěvek od riffman »

nemate vubec zac a bacha na zada ;) :D
Give us a chance to live
Give us a chance to die
Give us a chance to be free
Without fire from the sky
Give us a chance to love
Give us a chance to hate
Give us a chance, before you kill us all
Nahoru
Odpovědět

Zpět na „Sekce pouze pro Vzorné návštěvníky“