Ahoj, mám problém s tímhle virem. V nouzovém režimu jsem udělal log z RSIT.Můžete mi to někdo prosím skouknout? Díky.
Logfile of random's system information tool 1.08 (written by random/random)
Run by TBE at 2010-10-06 17:16:34
Microsoft Windows 7 Ultimate
System drive C: has 214 GB (90%) free of 238 GB
Total RAM: 3327 MB (79% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:16:35, on 6.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Users\TBE\Desktop\RSIT.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\TBE.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = ????????????????????????????????
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: [005379354] "C:\Users\TBE\AppData\Local\005379354.exe" 3 22
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 6693 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Acrobat Update.job
C:\Windows\tasks\uhcemstogi.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-22 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"AdobeCS5ServiceManager"=C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2010-09-01 1164584]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"005379354"=C:\Users\TBE\AppData\Local\005379354.exe [2010-10-06 1159168]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-10-06 17:11:22 ----D---- C:\Program Files\trend micro
2010-10-06 17:03:32 ----A---- C:\Windows\ntbtlog.txt
2010-10-06 16:46:42 ----D---- C:\rsit
2010-10-06 16:19:37 ----D---- C:\sh4ldr
2010-10-06 16:19:37 ----D---- C:\Program Files\Enigma Software Group
2010-10-06 16:19:23 ----D---- C:\Windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-10-06 16:19:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-10-05 23:11:02 ----AD---- C:\ProgramData\TEMP
2010-10-04 17:37:21 ----D---- C:\Program Files\AviSynth 2.5
2010-10-04 17:37:09 ----D---- C:\Program Files\AVN Products
2010-10-04 17:32:28 ----N---- C:\Windows\system32\vxblock.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwma.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwave.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxsfs.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxmas.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxhpinst.exe
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxdrv.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\px.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\PxHelp20.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2010-10-04 17:32:06 ----D---- C:\Program Files\muvee Technologies
2010-10-04 17:32:06 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-10-04 17:31:23 ----D---- C:\Users\TBE\AppData\Roaming\InstallShield
2010-10-01 00:20:34 ----D---- C:\Windows\Sun
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4SMK.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4RPK.EXE
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4PTU.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4EMU.DLL
2010-09-30 16:20:21 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 6
2010-09-30 15:14:35 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-30 15:14:28 ----A---- C:\Windows\system32\mshtml.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\urlmon.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\mstime.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\ieframe.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\wininet.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\ieui.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iepeers.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-30 15:04:00 ----A---- C:\Windows\system32\tzres.dll
2010-09-29 12:15:01 ----D---- C:\Program Files\VirtualDJ
2010-09-29 12:14:56 ----RASH---- C:\Windows\system32\KBDBLR1.dll
2010-09-28 21:01:51 ----D---- C:\Program Files\MSXML 4.0
2010-09-28 15:20:04 ----D---- C:\Users\TBE\AppData\Roaming\MAGIX
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTIC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTI32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\STRING32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\MXRestore.exe
2010-09-28 15:18:39 ----A---- C:\Windows\system32\mgxcdr.txt
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLTPO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRES32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRD32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPTL32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRJ32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPNT32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLMSC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIX.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLISO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIMG32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDRV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDIR32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDEV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCPY32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDA32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLAV32.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4r.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4a.dll
2010-09-28 15:18:13 ----D---- C:\ProgramData\MAGIX
2010-09-28 15:17:51 ----A---- C:\Windows\system32\DLLDEV32i.dll
2010-09-28 15:17:40 ----D---- C:\Program Files\Common Files\MAGIX Services
2010-09-27 12:12:34 ----A---- C:\Windows\system32\WNASPINT.DLL
2010-09-26 22:18:37 ----D---- C:\Users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 22:15:06 ----D---- C:\ProgramData\muvee Technologies
2010-09-26 21:52:50 ----D---- C:\Windows\system32\appmgmt
2010-09-26 10:51:15 ----D---- C:\Program Files\DIFX
2010-09-26 10:42:24 ----D---- C:\Users\TBE\AppData\Roaming\DivX
2010-09-26 10:42:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-09-26 10:41:52 ----D---- C:\Program Files\Common Files\DivX Shared
2010-09-26 10:39:43 ----D---- C:\Program Files\DivX
2010-09-26 10:39:18 ----D---- C:\ProgramData\DivX
2010-09-24 13:11:25 ----A---- C:\Windows\system32\REX Shared Library.dll
2010-09-24 13:11:25 ----A---- C:\Windows\system32\ReWire.dll
2010-09-24 13:08:17 ----D---- C:\Users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 13:08:17 ----D---- C:\ProgramData\Propellerhead Software
2010-09-24 13:06:52 ----D---- C:\Program Files\Propellerhead
2010-09-23 19:50:47 ----D---- C:\Program Files\QIP
2010-09-23 19:09:40 ----D---- C:\Program Files\VideoLAN
2010-09-23 10:53:18 ----RASH---- C:\MSDOS.SYS
2010-09-23 10:53:18 ----RASH---- C:\IO.SYS
2010-09-23 07:08:56 ----D---- C:\Windows\Panther
2010-09-23 07:08:33 ----D---- C:\Windows\system32\OEM
2010-09-23 05:29:44 ----A---- C:\ProgramData\mazuki.dll
2010-09-23 05:18:55 ----A---- C:\Windows\system32\msv1_0.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHost.exe
2010-09-23 05:18:08 ----A---- C:\Windows\system32\netfxperf.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\mscoree.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\dfshim.dll
2010-09-23 05:14:40 ----A---- C:\Windows\system32\MRT.exe
2010-09-23 05:13:39 ----A---- C:\Windows\system32\wmp.dll
2010-09-23 05:13:37 ----A---- C:\Windows\system32\winload.exe
2010-09-23 05:13:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-09-23 05:13:37 ----A---- C:\Windows\system32\CertEnroll.dll
2010-09-23 05:13:36 ----A---- C:\Windows\system32\wmploc.DLL
2010-09-23 05:13:36 ----A---- C:\Windows\system32\winresume.exe
2010-09-23 05:13:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\lsasrv.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-09-23 05:13:10 ----A---- C:\Windows\system32\msdri.dll
2010-09-23 05:13:10 ----A---- C:\Windows\system32\CPFilters.dll
2010-09-23 05:13:09 ----A---- C:\Windows\system32\psisdecd.dll
2010-09-23 05:13:08 ----A---- C:\Windows\system32\rtutils.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\wintrust.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\ntdll.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\ir32_32.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\iccvid.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv.sys
2010-09-23 05:12:58 ----A---- C:\Windows\system32\asycfilt.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\tsbyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\quartz.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msvidc32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msrle32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\mciavi32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\iyuv_32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\avifil32.dll
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-09-23 05:11:58 ----A---- C:\Windows\system32\vbscript.dll
2010-09-23 05:11:57 ----A---- C:\Windows\system32\winlogon.exe
2010-09-23 05:11:57 ----A---- C:\Windows\explorer.exe
2010-09-23 05:11:55 ----A---- C:\Windows\system32\jscript.dll
2010-09-23 05:11:51 ----A---- C:\Windows\system32\shell32.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\fontsub.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmlib.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmfd.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\kernel32.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\apphelp.dll
2010-09-23 05:11:48 ----A---- C:\Windows\system32\t2embed.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msxml3.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msasn1.dll
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-09-23 05:11:40 ----A---- C:\Windows\system32\win32k.sys
2010-09-23 05:11:39 ----A---- C:\Windows\system32\schannel.dll
2010-09-23 05:11:39 ----A---- C:\Windows\system32\cabview.dll
2010-09-23 01:07:54 ----A---- C:\Windows\mixerdef.ini
2010-09-23 00:25:11 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2010-09-23 00:16:11 ----D---- C:\ProgramData\Logitech
2010-09-23 00:16:04 ----D---- C:\Users\TBE\AppData\Roaming\Leadertech
2010-09-23 00:15:39 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2010-09-23 00:15:13 ----D---- C:\ProgramData\Logishrd
2010-09-23 00:15:12 ----D---- C:\Program Files\Logitech
2010-09-23 00:14:56 ----D---- C:\Program Files\Common Files\LogiShrd
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logitech
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logishrd
2010-09-22 23:58:16 ----D---- C:\Users\TBE\AppData\Roaming\ATI
2010-09-22 23:58:16 ----D---- C:\ProgramData\ATI
2010-09-22 23:52:32 ----D---- C:\Users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 23:17:37 ----A---- C:\Windows\system32\unrar.dll
2010-09-22 23:17:37 ----A---- C:\Windows\avisplitter.ini
2010-09-22 23:17:35 ----A---- C:\Windows\system32\yv12vfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidvfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidcore.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll
2010-09-22 23:17:31 ----D---- C:\Program Files\K-Lite Codec Pack
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 22:51:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-09-22 22:44:57 ----D---- C:\ProgramData\ALM
2010-09-22 22:40:51 ----D---- C:\Program Files\Adobe Media Player
2010-09-22 22:38:28 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-09-22 22:38:27 ----D---- C:\Program Files\Adobe
2010-09-22 22:34:39 ----D---- C:\ProgramData\Adobe
2010-09-22 22:34:02 ----D---- C:\Program Files\Common Files\Adobe
2010-09-22 22:13:10 ----N---- C:\Windows\system32\Cmeaupci.exe
2010-09-22 22:13:10 ----A---- C:\Windows\Cmicnfg3.ini.cfl
2010-09-22 22:12:51 ----N---- C:\Windows\system32\CmiInstallResAll.dll
2010-09-22 22:12:51 ----N---- C:\Windows\cmudax3.ini
2010-09-22 22:12:51 ----N---- C:\Windows\Cmicnfg3.ini.cfg
2010-09-22 22:12:51 ----A---- C:\Windows\difxapi.dll
2010-09-22 22:12:51 ----A---- C:\Windows\Cmicnfg3.ini.imi
2010-09-22 22:12:50 ----A---- C:\Windows\system32\cmudax3.DLL
2010-09-22 22:02:48 ----D---- C:\Users\TBE\AppData\Roaming\ESET
2010-09-22 22:02:10 ----D---- C:\ProgramData\ESET
2010-09-22 22:02:10 ----D---- C:\Program Files\ESET
2010-09-22 22:00:05 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-09-22 21:59:53 ----D---- C:\Program Files\DAEMON Tools Lite
2010-09-22 21:59:41 ----D---- C:\Users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 21:59:39 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-09-22 21:59:04 ----D---- C:\Users\TBE\AppData\Roaming\Ahead
2010-09-22 21:58:28 ----D---- C:\Program Files\Nero
2010-09-22 21:58:28 ----D---- C:\Program Files\Common Files\Ahead
2010-09-22 21:51:52 ----D---- C:\Program Files\JPEG Resampler
2010-09-22 21:49:51 ----D---- C:\Program Files\uTorrent
2010-09-22 21:49:26 ----D---- C:\Users\TBE\AppData\Roaming\uTorrent
2010-09-22 21:49:06 ----D---- C:\Users\TBE\AppData\Roaming\WinRAR
2010-09-22 21:46:56 ----A---- C:\Windows\system32\BASSMOD.dll
2010-09-22 21:46:47 ----D---- C:\Program Files\WinRAR
2010-09-22 21:46:20 ----A---- C:\Windows\system32\msonpmon.dll
2010-09-22 21:45:36 ----D---- C:\Program Files\Microsoft Works
2010-09-22 21:45:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-09-22 21:45:24 ----D---- C:\Program Files\Common Files\DESIGNER
2010-09-22 21:45:14 ----D---- C:\Windows\PCHEALTH
2010-09-22 21:45:14 ----D---- C:\Program Files\Microsoft.NET
2010-09-22 21:44:24 ----A---- C:\Windows\system32\TURegOpt.exe
2010-09-22 21:44:21 ----A---- C:\Windows\system32\uxtuneup.dll
2010-09-22 21:44:21 ----A---- C:\Windows\system32\authuitu.dll
2010-09-22 21:44:14 ----D---- C:\Users\TBE\AppData\Roaming\TuneUp Software
2010-09-22 21:44:10 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-09-22 21:43:32 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-09-22 21:43:25 ----D---- C:\ProgramData\TuneUp Software
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-09-22 21:43:16 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-22 21:42:53 ----D---- C:\ProgramData\Microsoft Help
2010-09-22 21:42:53 ----D---- C:\Program Files\Microsoft Office
2010-09-22 21:42:35 ----RHD---- C:\MSOCache
2010-09-22 21:41:17 ----A---- C:\Windows\system32\CNAB4LMK.DLL
2010-09-22 21:40:52 ----D---- C:\Program Files\Canon
2010-09-22 21:40:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-22 21:40:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-22 21:40:47 ----D---- C:\ProgramData\AVerTV
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib22.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib21.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib12.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib11.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib03.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib02.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib01.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\pthreadVC.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\CardID.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.sys
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.dll
2010-09-22 21:40:09 ----D---- C:\Program Files\Common Files\AVerMedia
2010-09-22 21:40:07 ----D---- C:\ProgramData\AVerMedia
2010-09-22 21:39:45 ----D---- C:\Windows\Driver Cache
2010-09-22 21:39:45 ----D---- C:\Program Files\AVerMedia
2010-09-22 21:39:45 ----A---- C:\Windows\system32\TVRate.dll
2010-09-22 21:39:45 ----A---- C:\Windows\system32\drivers\AVerA706.sys
2010-09-22 21:39:45 ----A---- C:\Windows\system32\34CoInstaller.dll
2010-09-22 21:39:22 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-09-22 21:37:36 ----D---- C:\Program Files\Intel
2010-09-22 21:37:36 ----A---- C:\Windows\system32\CSVer.dll
2010-09-22 21:37:29 ----D---- C:\Intel
2010-09-22 21:36:50 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-22 21:31:26 ----D---- C:\Program Files\ATI
2010-09-22 21:31:06 ----D---- C:\Program Files\ATI Technologies
2010-09-22 21:30:40 ----D---- C:\ATI
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Macromedia
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Adobe
2010-09-22 21:26:40 ----D---- C:\ProgramData\Sun
2010-09-22 21:26:40 ----D---- C:\Program Files\Common Files\Java
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaws.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaw.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\java.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\deployJava1.dll
2010-09-22 21:26:26 ----D---- C:\Program Files\Java
2010-09-22 21:26:13 ----SHD---- C:\Windows\Installer
2010-09-22 21:25:30 ----D---- C:\Windows\system32\Macromed
2010-09-22 21:24:19 ----D---- C:\Users\TBE\AppData\Roaming\Mozilla
2010-09-22 21:24:16 ----D---- C:\Program Files\Mozilla Firefox
2010-09-22 21:22:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-22 21:18:48 ----D---- C:\Users\TBE\AppData\Roaming\Identities
2010-09-22 21:18:39 ----SD---- C:\Users\TBE\AppData\Roaming\Microsoft
2010-09-22 21:18:39 ----D---- C:\Users\TBE\AppData\Roaming\Media Center Programs
2010-09-22 21:16:46 ----SHD---- C:\Recovery
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Šablony
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Plocha
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Oblíbené položky
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Nabídka Start
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Dokumenty
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Data aplikací
2010-09-22 21:12:35 ----D---- C:\Windows\SoftwareDistribution
2010-09-22 21:09:58 ----D---- C:\Windows\Prefetch
2010-09-22 21:09:47 ----ASH---- C:\pagefile.sys
2010-09-22 21:09:46 ----SHD---- C:\System Volume Information
2010-09-22 21:09:46 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2010-10-07 02:02:23 ----D---- C:\Windows\system32\LogFiles
2010-10-06 17:16:34 ----D---- C:\Windows\Temp
2010-10-06 17:11:22 ----RD---- C:\Program Files
2010-10-06 17:07:50 ----D---- C:\Windows\System32
2010-10-06 17:07:50 ----D---- C:\Windows\inf
2010-10-06 17:05:12 ----D---- C:\Windows\system32\drivers
2010-10-06 17:04:59 ----D---- C:\Windows\system32\Tasks
2010-10-06 17:03:32 ----D---- C:\Windows
2010-10-06 16:39:56 ----D---- C:\Windows\system32\config
2010-10-06 16:19:23 ----D---- C:\Program Files\Common Files
2010-10-06 16:10:30 ----D---- C:\Windows\Tasks
2010-10-05 23:17:34 ----D---- C:\Windows\winsxs
2010-10-05 23:11:02 ----HD---- C:\ProgramData
2010-10-04 17:32:35 ----A---- C:\autoexec.bat
2010-10-04 17:32:24 ----RSD---- C:\Windows\Fonts
2010-10-02 19:23:58 ----D---- C:\Windows\Microsoft.NET
2010-10-02 19:23:48 ----RSD---- C:\Windows\assembly
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot2
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot
2010-09-30 17:22:46 ----D---- C:\Windows\system32\DriverStore
2010-09-30 15:50:08 ----D---- C:\Windows\rescache
2010-09-30 15:19:19 ----D---- C:\Windows\Downloaded Program Files
2010-09-30 15:14:56 ----D---- C:\Windows\system32\migration
2010-09-30 15:14:56 ----D---- C:\Program Files\Internet Explorer
2010-09-30 15:04:06 ----D---- C:\Windows\system32\sk-SK
2010-09-30 15:04:06 ----D---- C:\Windows\system32\en-US
2010-09-30 15:04:06 ----D---- C:\Windows\system32\cs-CZ
2010-09-28 16:50:20 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-28 15:20:00 ----D---- C:\Windows\Help
2010-09-28 15:19:07 ----SHD---- C:\$Recycle.Bin
2010-09-25 20:17:33 ----D---- C:\Windows\system32\wdi
2010-09-24 13:14:23 ----SD---- C:\ProgramData\Microsoft
2010-09-23 09:36:24 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-23 05:39:28 ----D---- C:\Windows\debug
2010-09-23 05:20:02 ----D---- C:\Windows\AppPatch
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Media Player
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Mail
2010-09-23 05:20:01 ----D---- C:\Windows\system32\Boot
2010-09-23 05:20:01 ----D---- C:\Windows\ehome
2010-09-23 01:57:48 ----D---- C:\Windows\Logs
2010-09-23 01:11:49 ----D---- C:\Windows\system
2010-09-22 21:45:28 ----D---- C:\Program Files\MSBuild
2010-09-22 21:45:23 ----D---- C:\Windows\ShellNew
2010-09-22 21:43:09 ----D---- C:\Program Files\Common Files\System
2010-09-22 21:43:09 ----A---- C:\Windows\win.ini
2010-09-22 21:40:04 ----RD---- C:\Users
2010-09-22 21:28:01 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-22 21:26:14 ----D---- C:\Windows\system32\restore
2010-09-22 21:22:39 ----D---- C:\Windows\system32\wbem
2010-09-22 21:17:21 ----D---- C:\Windows\Setup
2010-09-22 21:16:46 ----D---- C:\Program Files\Windows NT
2010-09-22 21:13:57 ----D---- C:\Windows\system32\sysprep
2010-09-22 21:10:21 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-08-30 36528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-14 47104]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-03-18 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-03-18 37328]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-22 691696]
S1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
S2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 AVerA706;AVerMedia A706 BDA Service; C:\Windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-12-01 1872192]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 176128]
S2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-31 348160]
S2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
S2 SpyHunter 4 Service;SpyHunter 4 Service; C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [2010-07-14 326488]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-22 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Tool security - log
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Tool security - log
Zdravim a pekny den preji 
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
ComboFix 10-10-05.06 - TBE 06.10.2010 18:12:30.1.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2702 [GMT 2:00]
Spuštěný z: c:\users\TBE\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\mazuki.dll
c:\users\TBE\AppData\Local\005379354.exe
c:\users\TBE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk
c:\windows\system32\pthreadVC.dll
c:\windows\Tasks\Acrobat Update.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.
2010-10-06 16:15 . 2010-10-06 16:15 -------- d-----w- c:\users\TBE\AppData\Local\temp
2010-10-06 16:15 . 2010-10-06 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-06 15:11 . 2010-10-06 15:16 -------- d-----w- c:\program files\trend micro
2010-10-06 14:46 . 2010-10-06 15:11 -------- d-----w- C:\rsit
2010-10-06 14:38 . 2010-10-06 14:38 171 ----a-w- c:\users\TBE\AppData\Local\08T5MQEO.bat
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconF7A21AF7.exe
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconD7F16134.exe
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- C:\sh4ldr
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Enigma Software Group
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AviSynth 2.5
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AVN Products
2010-10-04 15:31 . 2010-10-04 15:31 -------- d-----w- c:\users\TBE\AppData\Roaming\InstallShield
2010-09-30 22:20 . 2010-09-30 22:20 -------- d-----w- c:\windows\Sun
2010-09-30 15:22 . 2008-09-04 13:00 69632 ----a-w- c:\windows\system32\CNAB4SMK.DLL
2010-09-30 15:22 . 2008-08-31 22:50 62848 ----a-w- c:\windows\system32\CNAB4RPK.EXE
2010-09-30 15:22 . 2007-09-27 13:00 135168 ----a-w- c:\windows\system32\CNAB4EMU.DLL
2010-09-30 15:22 . 2007-01-10 13:00 28672 ----a-w- c:\windows\system32\CNAB4PTU.DLL
2010-09-30 14:20 . 2010-09-30 14:20 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-30 14:05 . 2010-09-30 14:05 0 ----a-w- c:\windows\nsreg.dat
2010-09-30 13:14 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-30 13:14 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-30 13:04 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 10:15 . 2010-09-29 10:16 -------- d-----w- c:\program files\VirtualDJ
2010-09-29 10:14 . 2010-09-29 10:14 60416 --sha-r- c:\windows\system32\KBDBLR1.dll
2010-09-28 21:16 . 2010-09-28 21:16 -------- d-----w- c:\users\TBE\AppData\Local\Speedchecker
2010-09-28 19:01 . 2010-09-28 19:01 -------- d-----w- c:\program files\MSXML 4.0
2010-09-28 13:20 . 2010-09-28 13:20 -------- d-----w- c:\users\TBE\AppData\Roaming\MAGIX
2010-09-28 13:17 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-09-28 13:17 . 2010-09-28 14:48 -------- d-----w- c:\program files\Common Files\MAGIX Services
2010-09-27 10:12 . 2002-11-02 07:53 57344 ----a-w- c:\windows\system32\WNASPINT.DLL
2010-09-26 20:18 . 2010-10-05 21:11 -------- d-----w- c:\users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 20:15 . 2010-10-04 15:31 -------- d-----w- c:\programdata\muvee Technologies
2010-09-26 08:51 . 2010-09-26 08:51 -------- d-----w- c:\program files\DIFX
2010-09-26 08:48 . 2010-09-26 08:48 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-26 08:41 . 2010-09-26 08:41 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-09-26 08:41 . 2010-09-26 08:41 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-09-26 08:41 . 2010-09-26 08:41 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\program files\DivX
2010-09-26 08:39 . 2010-09-26 08:39 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\programdata\DivX
2010-09-24 11:11 . 2010-09-24 11:11 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-09-24 11:11 . 2010-09-24 11:11 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\programdata\Propellerhead Software
2010-09-24 11:06 . 2010-09-24 11:19 -------- d-----w- c:\program files\Propellerhead
2010-09-23 17:50 . 2010-09-23 17:50 -------- d-----w- c:\program files\QIP
2010-09-23 17:09 . 2010-09-23 17:09 -------- d-----w- c:\program files\VideoLAN
2010-09-23 05:08 . 2010-09-22 19:17 -------- d-----w- c:\windows\Panther
2010-09-23 05:08 . 2010-09-23 05:08 -------- d-----w- c:\windows\system32\OEM
2010-09-23 03:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-09-23 03:18 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-23 03:18 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-23 03:18 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-23 03:18 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-23 03:18 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-23 03:12 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-23 03:12 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-09-23 03:12 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-09-23 03:12 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-09-23 03:12 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-09-23 03:12 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-09-23 03:12 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-09-23 03:12 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-23 03:12 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-22 22:25 . 2009-12-01 09:11 1872192 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logitech
2010-09-22 22:16 . 2010-09-22 22:16 53248 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Leadertech
2010-09-22 22:15 . 2010-09-22 22:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-09-22 22:15 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logishrd
2010-09-22 22:15 . 2010-09-22 22:15 -------- d-----w- c:\program files\Logitech
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Logitech
2010-09-22 22:14 . 2010-09-22 22:14 -------- d-----w- c:\users\TBE\AppData\Roaming\Logishrd
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Roaming\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Local\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\programdata\ATI
2010-09-22 21:52 . 2010-09-22 21:52 -------- d-----w- c:\users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 21:17 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-22 21:17 . 2010-09-14 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-22 21:17 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-09-22 21:17 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-09-22 21:17 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-09-22 21:17 . 2010-10-04 15:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-09-22 20:44 . 2010-09-22 20:44 -------- d-----w- c:\programdata\ALM
2010-09-22 20:40 . 2010-09-22 20:40 -------- d-----w- c:\program files\Adobe Media Player
2010-09-22 20:38 . 2010-09-22 20:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-22 20:38 . 2010-09-22 20:38 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-22 20:34 . 2010-09-23 20:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-22 20:33 . 2010-09-23 20:01 -------- d-----w- c:\users\TBE\AppData\Local\Adobe
2010-09-22 20:19 . 2010-10-04 15:33 129576 ----a-w- c:\users\TBE\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-22 20:13 . 2009-12-08 14:53 557056 ------w- c:\windows\system32\Cmeaupci.exe
2010-09-22 20:13 . 2009-04-02 14:59 143360 ------w- c:\windows\system\VmixP6.dll
2010-09-22 20:12 . 2009-08-19 14:00 303104 ------w- c:\windows\system32\CmiInstallResAll.dll
2010-09-22 20:12 . 2006-10-06 03:47 319968 ----a-w- c:\windows\difxapi.dll
2010-09-22 20:12 . 2009-11-02 08:33 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-09-22 20:02 . 2010-09-22 20:02 -------- d-----w- c:\users\TBE\AppData\Local\ESET
2010-09-22 20:02 . 2010-09-22 20:03 -------- d-----w- c:\program files\ESET
2010-09-22 20:00 . 2010-09-22 20:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-22 19:59 . 2010-09-22 20:00 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-24 11:06 -------- d-----w- c:\users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-22 19:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Local\Ahead
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Roaming\Ahead
2010-09-22 19:58 . 2010-09-22 19:59 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-22 19:58 . 2010-09-22 19:58 -------- d-----w- c:\program files\Nero
2010-09-22 19:51 . 2010-09-22 19:51 -------- d-----w- c:\program files\JPEG Resampler
2010-09-22 19:49 . 2010-09-22 19:49 -------- d-----w- c:\program files\uTorrent
2010-09-22 19:49 . 2010-10-06 14:35 -------- d-----w- c:\users\TBE\AppData\Roaming\uTorrent
2010-09-22 19:46 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-09-22 19:46 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\program files\Microsoft Works
2010-09-22 19:45 . 2010-09-25 19:36 -------- d-----w- c:\program files\Microsoft.NET
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\windows\PCHEALTH
2010-09-22 19:44 . 2010-02-25 09:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-22 19:44 . 2010-02-25 08:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-09-22 19:44 . 2010-02-25 08:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-22 19:44 . 2010-09-22 19:44 -------- d-----w- c:\users\TBE\AppData\Roaming\TuneUp Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 15:07 . 2009-07-26 17:53 634308 ----a-w- c:\windows\system32\perfh005.dat
2010-10-06 15:07 . 2009-07-26 17:53 122898 ----a-w- c:\windows\system32\perfc005.dat
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\muvee Technologies
2010-10-04 15:32 . 2010-09-22 19:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-30 15:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Canon
2010-09-28 14:50 . 2010-09-28 13:18 -------- d-----w- c:\programdata\MAGIX
2010-09-27 10:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-26 21:09 . 2010-09-26 08:42 -------- d-----w- c:\users\TBE\AppData\Roaming\DivX
2010-09-23 07:36 . 2010-09-23 07:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-23 03:20 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-09-22 20:16 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerTV
2010-09-22 19:45 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:39 -------- d-----w- c:\program files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerMedia
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Plocha
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Oblíbené položky
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Šablony
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Nabídka Start
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Dokumenty
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Data aplikací
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-26 02:01 . 2010-08-26 02:01 528384 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:52 . 2009-07-13 22:09 3914240 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 01:27 . 2010-08-26 01:27 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:20 . 2010-08-26 01:20 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-21 05:32 . 2010-09-23 03:13 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 11:31 . 2010-07-29 11:31 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-07-29 11:31 . 2010-07-29 11:31 32608 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-07-29 11:31 . 2010-07-29 11:31 136632 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-07-29 11:31 . 2010-07-29 11:31 134512 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-07-29 11:31 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-07-29 06:30 . 2010-09-23 03:13 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-23 03:13 82944 ----a-w- c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-9-22 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-9-22 651264]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2010-9-30 50848]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-03-18 10448]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = ????????????????????????????????
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {3A055A76-AE5F-42EF-B015-58D4D4E96967} = 10.0.0.138
FF - ProfilePath - c:\users\TBE\AppData\Roaming\Mozilla\Firefox\Profiles\pgpnyrnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-RunOnce-005379354 - c:\users\TBE\AppData\Local\005379354.exe
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
HKLM-RunOnce-<NO NAME> - (no file)
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-10-06 18:16:23
ComboFix-quarantined-files.txt 2010-10-06 16:16
Před spuštěním: Volných bajtů: 223 971 221 504
Po spuštění: Volných bajtů: 223 976 927 232
- - End Of File - - 3AF7196EF06BA5C30F5A3F3DFD1EDDC9
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2702 [GMT 2:00]
Spuštěný z: c:\users\TBE\Desktop\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\programdata\mazuki.dll
c:\users\TBE\AppData\Local\005379354.exe
c:\users\TBE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.lnk
c:\windows\system32\pthreadVC.dll
c:\windows\Tasks\Acrobat Update.job
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.
2010-10-06 16:15 . 2010-10-06 16:15 -------- d-----w- c:\users\TBE\AppData\Local\temp
2010-10-06 16:15 . 2010-10-06 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-06 15:11 . 2010-10-06 15:16 -------- d-----w- c:\program files\trend micro
2010-10-06 14:46 . 2010-10-06 15:11 -------- d-----w- C:\rsit
2010-10-06 14:38 . 2010-10-06 14:38 171 ----a-w- c:\users\TBE\AppData\Local\08T5MQEO.bat
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconF7A21AF7.exe
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconD7F16134.exe
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- C:\sh4ldr
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Enigma Software Group
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AviSynth 2.5
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AVN Products
2010-10-04 15:31 . 2010-10-04 15:31 -------- d-----w- c:\users\TBE\AppData\Roaming\InstallShield
2010-09-30 22:20 . 2010-09-30 22:20 -------- d-----w- c:\windows\Sun
2010-09-30 15:22 . 2008-09-04 13:00 69632 ----a-w- c:\windows\system32\CNAB4SMK.DLL
2010-09-30 15:22 . 2008-08-31 22:50 62848 ----a-w- c:\windows\system32\CNAB4RPK.EXE
2010-09-30 15:22 . 2007-09-27 13:00 135168 ----a-w- c:\windows\system32\CNAB4EMU.DLL
2010-09-30 15:22 . 2007-01-10 13:00 28672 ----a-w- c:\windows\system32\CNAB4PTU.DLL
2010-09-30 14:20 . 2010-09-30 14:20 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-30 14:05 . 2010-09-30 14:05 0 ----a-w- c:\windows\nsreg.dat
2010-09-30 13:14 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-30 13:14 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-30 13:04 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 10:15 . 2010-09-29 10:16 -------- d-----w- c:\program files\VirtualDJ
2010-09-29 10:14 . 2010-09-29 10:14 60416 --sha-r- c:\windows\system32\KBDBLR1.dll
2010-09-28 21:16 . 2010-09-28 21:16 -------- d-----w- c:\users\TBE\AppData\Local\Speedchecker
2010-09-28 19:01 . 2010-09-28 19:01 -------- d-----w- c:\program files\MSXML 4.0
2010-09-28 13:20 . 2010-09-28 13:20 -------- d-----w- c:\users\TBE\AppData\Roaming\MAGIX
2010-09-28 13:17 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-09-28 13:17 . 2010-09-28 14:48 -------- d-----w- c:\program files\Common Files\MAGIX Services
2010-09-27 10:12 . 2002-11-02 07:53 57344 ----a-w- c:\windows\system32\WNASPINT.DLL
2010-09-26 20:18 . 2010-10-05 21:11 -------- d-----w- c:\users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 20:15 . 2010-10-04 15:31 -------- d-----w- c:\programdata\muvee Technologies
2010-09-26 08:51 . 2010-09-26 08:51 -------- d-----w- c:\program files\DIFX
2010-09-26 08:48 . 2010-09-26 08:48 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-26 08:41 . 2010-09-26 08:41 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-09-26 08:41 . 2010-09-26 08:41 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-09-26 08:41 . 2010-09-26 08:41 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\program files\DivX
2010-09-26 08:39 . 2010-09-26 08:39 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\programdata\DivX
2010-09-24 11:11 . 2010-09-24 11:11 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-09-24 11:11 . 2010-09-24 11:11 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\programdata\Propellerhead Software
2010-09-24 11:06 . 2010-09-24 11:19 -------- d-----w- c:\program files\Propellerhead
2010-09-23 17:50 . 2010-09-23 17:50 -------- d-----w- c:\program files\QIP
2010-09-23 17:09 . 2010-09-23 17:09 -------- d-----w- c:\program files\VideoLAN
2010-09-23 05:08 . 2010-09-22 19:17 -------- d-----w- c:\windows\Panther
2010-09-23 05:08 . 2010-09-23 05:08 -------- d-----w- c:\windows\system32\OEM
2010-09-23 03:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-09-23 03:18 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-23 03:18 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-23 03:18 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-23 03:18 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-23 03:18 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-23 03:12 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-23 03:12 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-09-23 03:12 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-09-23 03:12 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-09-23 03:12 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-09-23 03:12 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-09-23 03:12 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-09-23 03:12 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-23 03:12 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-22 22:25 . 2009-12-01 09:11 1872192 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logitech
2010-09-22 22:16 . 2010-09-22 22:16 53248 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Leadertech
2010-09-22 22:15 . 2010-09-22 22:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-09-22 22:15 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logishrd
2010-09-22 22:15 . 2010-09-22 22:15 -------- d-----w- c:\program files\Logitech
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Logitech
2010-09-22 22:14 . 2010-09-22 22:14 -------- d-----w- c:\users\TBE\AppData\Roaming\Logishrd
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Roaming\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Local\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\programdata\ATI
2010-09-22 21:52 . 2010-09-22 21:52 -------- d-----w- c:\users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 21:17 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-22 21:17 . 2010-09-14 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-22 21:17 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-09-22 21:17 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-09-22 21:17 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-09-22 21:17 . 2010-10-04 15:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-09-22 20:44 . 2010-09-22 20:44 -------- d-----w- c:\programdata\ALM
2010-09-22 20:40 . 2010-09-22 20:40 -------- d-----w- c:\program files\Adobe Media Player
2010-09-22 20:38 . 2010-09-22 20:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-22 20:38 . 2010-09-22 20:38 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-22 20:34 . 2010-09-23 20:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-22 20:33 . 2010-09-23 20:01 -------- d-----w- c:\users\TBE\AppData\Local\Adobe
2010-09-22 20:19 . 2010-10-04 15:33 129576 ----a-w- c:\users\TBE\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-22 20:13 . 2009-12-08 14:53 557056 ------w- c:\windows\system32\Cmeaupci.exe
2010-09-22 20:13 . 2009-04-02 14:59 143360 ------w- c:\windows\system\VmixP6.dll
2010-09-22 20:12 . 2009-08-19 14:00 303104 ------w- c:\windows\system32\CmiInstallResAll.dll
2010-09-22 20:12 . 2006-10-06 03:47 319968 ----a-w- c:\windows\difxapi.dll
2010-09-22 20:12 . 2009-11-02 08:33 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-09-22 20:02 . 2010-09-22 20:02 -------- d-----w- c:\users\TBE\AppData\Local\ESET
2010-09-22 20:02 . 2010-09-22 20:03 -------- d-----w- c:\program files\ESET
2010-09-22 20:00 . 2010-09-22 20:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-22 19:59 . 2010-09-22 20:00 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-24 11:06 -------- d-----w- c:\users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-22 19:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Local\Ahead
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Roaming\Ahead
2010-09-22 19:58 . 2010-09-22 19:59 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-22 19:58 . 2010-09-22 19:58 -------- d-----w- c:\program files\Nero
2010-09-22 19:51 . 2010-09-22 19:51 -------- d-----w- c:\program files\JPEG Resampler
2010-09-22 19:49 . 2010-09-22 19:49 -------- d-----w- c:\program files\uTorrent
2010-09-22 19:49 . 2010-10-06 14:35 -------- d-----w- c:\users\TBE\AppData\Roaming\uTorrent
2010-09-22 19:46 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-09-22 19:46 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\program files\Microsoft Works
2010-09-22 19:45 . 2010-09-25 19:36 -------- d-----w- c:\program files\Microsoft.NET
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\windows\PCHEALTH
2010-09-22 19:44 . 2010-02-25 09:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-22 19:44 . 2010-02-25 08:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-09-22 19:44 . 2010-02-25 08:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-22 19:44 . 2010-09-22 19:44 -------- d-----w- c:\users\TBE\AppData\Roaming\TuneUp Software
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 15:07 . 2009-07-26 17:53 634308 ----a-w- c:\windows\system32\perfh005.dat
2010-10-06 15:07 . 2009-07-26 17:53 122898 ----a-w- c:\windows\system32\perfc005.dat
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\muvee Technologies
2010-10-04 15:32 . 2010-09-22 19:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-30 15:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Canon
2010-09-28 14:50 . 2010-09-28 13:18 -------- d-----w- c:\programdata\MAGIX
2010-09-27 10:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-26 21:09 . 2010-09-26 08:42 -------- d-----w- c:\users\TBE\AppData\Roaming\DivX
2010-09-23 07:36 . 2010-09-23 07:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-23 03:20 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-09-22 20:16 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerTV
2010-09-22 19:45 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:39 -------- d-----w- c:\program files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerMedia
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Plocha
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Oblíbené položky
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Šablony
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Nabídka Start
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Dokumenty
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Data aplikací
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-26 02:01 . 2010-08-26 02:01 528384 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:52 . 2009-07-13 22:09 3914240 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 01:27 . 2010-08-26 01:27 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:20 . 2010-08-26 01:20 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-21 05:32 . 2010-09-23 03:13 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 11:31 . 2010-07-29 11:31 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-07-29 11:31 . 2010-07-29 11:31 32608 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-07-29 11:31 . 2010-07-29 11:31 136632 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-07-29 11:31 . 2010-07-29 11:31 134512 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-07-29 11:31 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-07-29 06:30 . 2010-09-23 03:13 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-23 03:13 82944 ----a-w- c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-9-22 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-9-22 651264]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2010-9-30 50848]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-03-18 10448]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = ????????????????????????????????
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {3A055A76-AE5F-42EF-B015-58D4D4E96967} = 10.0.0.138
FF - ProfilePath - c:\users\TBE\AppData\Roaming\Mozilla\Firefox\Profiles\pgpnyrnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKCU-RunOnce-005379354 - c:\users\TBE\AppData\Local\005379354.exe
HKLM-Run-CmPCIaudio - CMICNFG3.cpl
HKLM-RunOnce-<NO NAME> - (no file)
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-10-06 18:16:23
ComboFix-quarantined-files.txt 2010-10-06 16:16
Před spuštěním: Volných bajtů: 223 971 221 504
Po spuštění: Volných bajtů: 223 976 927 232
- - End Of File - - 3AF7196EF06BA5C30F5A3F3DFD1EDDC9
Re: Tool security - log
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
File:: c:\users\TBE\AppData\Local\08T5MQEO.bat c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NeroFilterCheck"=- "AdobeAAMUpdater-1.0"=- "AdobeCS5ServiceManager"=- "SwitchBoard"=- "DivXUpdate"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"=- DDS:: uStart Page = ???????????????????????????????? RegLock:: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
ComboFix 10-10-05.06 - TBE 06.10.2010 18:32:28.2.2 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2598 [GMT 2:00]
Spuštěný z: c:\users\TBE\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TBE\Desktop\CFScript.txt
* Vytvořen nový Bod Obnovení
FILE ::
"c:\users\TBE\AppData\Local\08T5MQEO.bat"
"c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\TBE\AppData\Local\08T5MQEO.bat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\TBE\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\user\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-06 16:31 . 2010-10-06 16:31 -------- d-----w- C:\32788R22FWJFW
2010-10-06 15:11 . 2010-10-06 15:16 -------- d-----w- c:\program files\trend micro
2010-10-06 14:46 . 2010-10-06 15:11 -------- d-----w- C:\rsit
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconF7A21AF7.exe
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconD7F16134.exe
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- C:\sh4ldr
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Enigma Software Group
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AviSynth 2.5
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AVN Products
2010-10-04 15:31 . 2010-10-04 15:31 -------- d-----w- c:\users\TBE\AppData\Roaming\InstallShield
2010-09-30 22:20 . 2010-09-30 22:20 -------- d-----w- c:\windows\Sun
2010-09-30 15:22 . 2008-09-04 13:00 69632 ----a-w- c:\windows\system32\CNAB4SMK.DLL
2010-09-30 15:22 . 2008-08-31 22:50 62848 ----a-w- c:\windows\system32\CNAB4RPK.EXE
2010-09-30 15:22 . 2007-09-27 13:00 135168 ----a-w- c:\windows\system32\CNAB4EMU.DLL
2010-09-30 15:22 . 2007-01-10 13:00 28672 ----a-w- c:\windows\system32\CNAB4PTU.DLL
2010-09-30 14:20 . 2010-09-30 14:20 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-30 14:05 . 2010-09-30 14:05 0 ----a-w- c:\windows\nsreg.dat
2010-09-30 13:14 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-30 13:14 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-30 13:04 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 10:15 . 2010-09-29 10:16 -------- d-----w- c:\program files\VirtualDJ
2010-09-29 10:14 . 2010-09-29 10:14 60416 --sha-r- c:\windows\system32\KBDBLR1.dll
2010-09-28 21:16 . 2010-09-28 21:16 -------- d-----w- c:\users\TBE\AppData\Local\Speedchecker
2010-09-28 19:01 . 2010-09-28 19:01 -------- d-----w- c:\program files\MSXML 4.0
2010-09-28 13:20 . 2010-09-28 13:20 -------- d-----w- c:\users\TBE\AppData\Roaming\MAGIX
2010-09-28 13:17 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-09-28 13:17 . 2010-09-28 14:48 -------- d-----w- c:\program files\Common Files\MAGIX Services
2010-09-27 10:12 . 2002-11-02 07:53 57344 ----a-w- c:\windows\system32\WNASPINT.DLL
2010-09-26 20:18 . 2010-10-05 21:11 -------- d-----w- c:\users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 20:15 . 2010-10-04 15:31 -------- d-----w- c:\programdata\muvee Technologies
2010-09-26 08:51 . 2010-09-26 08:51 -------- d-----w- c:\program files\DIFX
2010-09-26 08:48 . 2010-09-26 08:48 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-26 08:41 . 2010-09-26 08:41 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-09-26 08:41 . 2010-09-26 08:41 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-09-26 08:41 . 2010-09-26 08:41 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\program files\DivX
2010-09-26 08:39 . 2010-09-26 08:39 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\programdata\DivX
2010-09-24 11:11 . 2010-09-24 11:11 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-09-24 11:11 . 2010-09-24 11:11 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\programdata\Propellerhead Software
2010-09-24 11:06 . 2010-09-24 11:19 -------- d-----w- c:\program files\Propellerhead
2010-09-23 17:50 . 2010-09-23 17:50 -------- d-----w- c:\program files\QIP
2010-09-23 17:09 . 2010-09-23 17:09 -------- d-----w- c:\program files\VideoLAN
2010-09-23 05:08 . 2010-09-22 19:17 -------- d-----w- c:\windows\Panther
2010-09-23 05:08 . 2010-09-23 05:08 -------- d-----w- c:\windows\system32\OEM
2010-09-23 03:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-09-23 03:18 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-23 03:18 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-23 03:18 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-23 03:18 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-23 03:18 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-23 03:12 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-23 03:12 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-09-23 03:12 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-09-23 03:12 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-09-23 03:12 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-09-23 03:12 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-09-23 03:12 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-09-23 03:12 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-23 03:12 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-22 22:25 . 2009-12-01 09:11 1872192 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logitech
2010-09-22 22:16 . 2010-09-22 22:16 53248 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Leadertech
2010-09-22 22:15 . 2010-09-22 22:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-09-22 22:15 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logishrd
2010-09-22 22:15 . 2010-09-22 22:15 -------- d-----w- c:\program files\Logitech
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Logitech
2010-09-22 22:14 . 2010-09-22 22:14 -------- d-----w- c:\users\TBE\AppData\Roaming\Logishrd
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Roaming\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Local\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\programdata\ATI
2010-09-22 21:52 . 2010-09-22 21:52 -------- d-----w- c:\users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 21:17 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-22 21:17 . 2010-09-14 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-22 21:17 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-09-22 21:17 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-09-22 21:17 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-09-22 21:17 . 2010-10-04 15:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-09-22 20:44 . 2010-09-22 20:44 -------- d-----w- c:\programdata\ALM
2010-09-22 20:40 . 2010-09-22 20:40 -------- d-----w- c:\program files\Adobe Media Player
2010-09-22 20:38 . 2010-09-22 20:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-22 20:38 . 2010-09-22 20:38 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-22 20:34 . 2010-09-23 20:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-22 20:33 . 2010-09-23 20:01 -------- d-----w- c:\users\TBE\AppData\Local\Adobe
2010-09-22 20:19 . 2010-10-04 15:33 129576 ----a-w- c:\users\TBE\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-22 20:13 . 2009-12-08 14:53 557056 ------w- c:\windows\system32\Cmeaupci.exe
2010-09-22 20:13 . 2009-04-02 14:59 143360 ------w- c:\windows\system\VmixP6.dll
2010-09-22 20:12 . 2009-08-19 14:00 303104 ------w- c:\windows\system32\CmiInstallResAll.dll
2010-09-22 20:12 . 2006-10-06 03:47 319968 ----a-w- c:\windows\difxapi.dll
2010-09-22 20:12 . 2009-11-02 08:33 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-09-22 20:02 . 2010-09-22 20:02 -------- d-----w- c:\users\TBE\AppData\Local\ESET
2010-09-22 20:02 . 2010-09-22 20:03 -------- d-----w- c:\program files\ESET
2010-09-22 20:00 . 2010-09-22 20:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-22 19:59 . 2010-09-22 20:00 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-24 11:06 -------- d-----w- c:\users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-22 19:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Local\Ahead
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Roaming\Ahead
2010-09-22 19:58 . 2010-09-22 19:59 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-22 19:58 . 2010-09-22 19:58 -------- d-----w- c:\program files\Nero
2010-09-22 19:51 . 2010-09-22 19:51 -------- d-----w- c:\program files\JPEG Resampler
2010-09-22 19:49 . 2010-09-22 19:49 -------- d-----w- c:\program files\uTorrent
2010-09-22 19:49 . 2010-10-06 14:35 -------- d-----w- c:\users\TBE\AppData\Roaming\uTorrent
2010-09-22 19:46 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-09-22 19:46 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\program files\Microsoft Works
2010-09-22 19:45 . 2010-09-25 19:36 -------- d-----w- c:\program files\Microsoft.NET
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\windows\PCHEALTH
2010-09-22 19:44 . 2010-02-25 09:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-22 19:44 . 2010-02-25 08:56 21320 ----a-w- c:\windows\system32\authuitu.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 15:07 . 2009-07-26 17:53 634308 ----a-w- c:\windows\system32\perfh005.dat
2010-10-06 15:07 . 2009-07-26 17:53 122898 ----a-w- c:\windows\system32\perfc005.dat
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\muvee Technologies
2010-10-04 15:32 . 2010-09-22 19:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-30 15:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Canon
2010-09-28 14:50 . 2010-09-28 13:18 -------- d-----w- c:\programdata\MAGIX
2010-09-27 10:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-26 21:09 . 2010-09-26 08:42 -------- d-----w- c:\users\TBE\AppData\Roaming\DivX
2010-09-23 07:36 . 2010-09-23 07:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-23 03:20 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-09-22 20:16 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerTV
2010-09-22 19:45 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:39 -------- d-----w- c:\program files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerMedia
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Plocha
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Oblíbené položky
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Šablony
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Nabídka Start
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Dokumenty
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Data aplikací
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-26 02:01 . 2010-08-26 02:01 528384 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:52 . 2009-07-13 22:09 3914240 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 01:27 . 2010-08-26 01:27 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:20 . 2010-08-26 01:20 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-21 05:32 . 2010-09-23 03:13 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 11:31 . 2010-07-29 11:31 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-07-29 11:31 . 2010-07-29 11:31 32608 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-07-29 11:31 . 2010-07-29 11:31 136632 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-07-29 11:31 . 2010-07-29 11:31 134512 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-07-29 11:31 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-07-29 06:30 . 2010-09-23 03:13 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-23 03:13 82944 ----a-w- c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-9-22 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-9-22 651264]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2010-9-30 50848]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-03-18 10448]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {3A055A76-AE5F-42EF-B015-58D4D4E96967} = 10.0.0.138
FF - ProfilePath - c:\users\TBE\AppData\Roaming\Mozilla\Firefox\Profiles\pgpnyrnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-RunOnce-<NO NAME> - (no file)
.
Celkový čas: 2010-10-06 18:35:38
ComboFix-quarantined-files.txt 2010-10-06 16:35
ComboFix2.txt 2010-10-06 16:16
Před spuštěním: Volných bajtů: 224 028 450 816
Po spuštění: Volných bajtů: 223 975 313 408
- - End Of File - - 8AA25CF8E5CEB6E704DDDD8F4A82FADA
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3327.2598 [GMT 2:00]
Spuštěný z: c:\users\TBE\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TBE\Desktop\CFScript.txt
* Vytvořen nový Bod Obnovení
FILE ::
"c:\users\TBE\AppData\Local\08T5MQEO.bat"
"c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\TBE\AppData\Local\08T5MQEO.bat
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\TBE\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\user\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-10-06 16:34 . 2010-10-06 16:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-10-06 16:31 . 2010-10-06 16:31 -------- d-----w- C:\32788R22FWJFW
2010-10-06 15:11 . 2010-10-06 15:16 -------- d-----w- c:\program files\trend micro
2010-10-06 14:46 . 2010-10-06 15:11 -------- d-----w- C:\rsit
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconF7A21AF7.exe
2010-10-06 14:19 . 2010-10-06 14:19 110080 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{95431C66-CF9A-4913-BFFF-6050785AFB65}\IconD7F16134.exe
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- C:\sh4ldr
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Enigma Software Group
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\windows\95431C66CF9A4913BFFF6050785AFB65.TMP
2010-10-06 14:19 . 2010-10-06 14:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AviSynth 2.5
2010-10-04 15:37 . 2010-10-04 15:37 -------- d-----w- c:\program files\AVN Products
2010-10-04 15:31 . 2010-10-04 15:31 -------- d-----w- c:\users\TBE\AppData\Roaming\InstallShield
2010-09-30 22:20 . 2010-09-30 22:20 -------- d-----w- c:\windows\Sun
2010-09-30 15:22 . 2008-09-04 13:00 69632 ----a-w- c:\windows\system32\CNAB4SMK.DLL
2010-09-30 15:22 . 2008-08-31 22:50 62848 ----a-w- c:\windows\system32\CNAB4RPK.EXE
2010-09-30 15:22 . 2007-09-27 13:00 135168 ----a-w- c:\windows\system32\CNAB4EMU.DLL
2010-09-30 15:22 . 2007-01-10 13:00 28672 ----a-w- c:\windows\system32\CNAB4PTU.DLL
2010-09-30 14:20 . 2010-09-30 14:20 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 6
2010-09-30 14:05 . 2010-09-30 14:05 0 ----a-w- c:\windows\nsreg.dat
2010-09-30 13:14 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2010-09-30 13:14 . 2010-06-30 06:25 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-30 13:04 . 2010-06-19 06:15 2048 ----a-w- c:\windows\system32\tzres.dll
2010-09-29 10:15 . 2010-09-29 10:16 -------- d-----w- c:\program files\VirtualDJ
2010-09-29 10:14 . 2010-09-29 10:14 60416 --sha-r- c:\windows\system32\KBDBLR1.dll
2010-09-28 21:16 . 2010-09-28 21:16 -------- d-----w- c:\users\TBE\AppData\Local\Speedchecker
2010-09-28 19:01 . 2010-09-28 19:01 -------- d-----w- c:\program files\MSXML 4.0
2010-09-28 13:20 . 2010-09-28 13:20 -------- d-----w- c:\users\TBE\AppData\Roaming\MAGIX
2010-09-28 13:17 . 2007-04-27 08:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2010-09-28 13:17 . 2010-09-28 14:48 -------- d-----w- c:\program files\Common Files\MAGIX Services
2010-09-27 10:12 . 2002-11-02 07:53 57344 ----a-w- c:\windows\system32\WNASPINT.DLL
2010-09-26 20:18 . 2010-10-05 21:11 -------- d-----w- c:\users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 20:15 . 2010-10-04 15:31 -------- d-----w- c:\programdata\muvee Technologies
2010-09-26 08:51 . 2010-09-26 08:51 -------- d-----w- c:\program files\DIFX
2010-09-26 08:48 . 2010-09-26 08:48 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-09-26 08:41 . 2010-09-26 08:41 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-09-26 08:41 . 2010-09-26 08:41 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-09-26 08:41 . 2010-09-26 08:41 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\program files\DivX
2010-09-26 08:39 . 2010-09-26 08:39 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-09-26 08:39 . 2010-09-26 08:42 -------- d-----w- c:\programdata\DivX
2010-09-24 11:11 . 2010-09-24 11:11 368640 ----a-w- c:\windows\system32\ReWire.dll
2010-09-24 11:11 . 2010-09-24 11:11 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 11:08 . 2010-09-24 11:11 -------- d-----w- c:\programdata\Propellerhead Software
2010-09-24 11:06 . 2010-09-24 11:19 -------- d-----w- c:\program files\Propellerhead
2010-09-23 17:50 . 2010-09-23 17:50 -------- d-----w- c:\program files\QIP
2010-09-23 17:09 . 2010-09-23 17:09 -------- d-----w- c:\program files\VideoLAN
2010-09-23 05:08 . 2010-09-22 19:17 -------- d-----w- c:\windows\Panther
2010-09-23 05:08 . 2010-09-23 05:08 -------- d-----w- c:\windows\system32\OEM
2010-09-23 03:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2010-09-23 03:18 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-09-23 03:18 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-09-23 03:18 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-09-23 03:18 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-09-23 03:18 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-09-23 03:12 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-09-23 03:12 . 2009-12-19 09:02 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-09-23 03:12 . 2009-12-19 09:02 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-09-23 03:12 . 2009-12-19 09:02 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-09-23 03:12 . 2009-12-19 09:02 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-09-23 03:12 . 2009-12-19 09:02 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-09-23 03:12 . 2009-12-19 09:02 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-09-23 03:12 . 2009-12-19 09:02 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-09-23 03:12 . 2010-06-19 06:33 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-09-23 03:12 . 2010-06-19 06:33 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-09-22 22:25 . 2009-12-01 09:11 1872192 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logitech
2010-09-22 22:16 . 2010-09-22 22:16 53248 ----a-r- c:\users\TBE\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2010-09-22 22:16 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Leadertech
2010-09-22 22:15 . 2010-09-22 22:15 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2010-09-22 22:15 . 2010-09-22 22:16 -------- d-----w- c:\programdata\Logishrd
2010-09-22 22:15 . 2010-09-22 22:15 -------- d-----w- c:\program files\Logitech
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\program files\Common Files\LogiShrd
2010-09-22 22:14 . 2010-09-22 22:16 -------- d-----w- c:\users\TBE\AppData\Roaming\Logitech
2010-09-22 22:14 . 2010-09-22 22:14 -------- d-----w- c:\users\TBE\AppData\Roaming\Logishrd
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Roaming\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\users\TBE\AppData\Local\ATI
2010-09-22 21:58 . 2010-09-22 21:58 -------- d-----w- c:\programdata\ATI
2010-09-22 21:52 . 2010-09-22 21:52 -------- d-----w- c:\users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 21:17 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-09-22 21:17 . 2010-09-14 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-09-22 21:17 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-09-22 21:17 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-09-22 21:17 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-09-22 21:17 . 2010-10-04 15:37 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 20:51 . 2010-09-22 20:51 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2010-09-22 20:44 . 2010-09-22 20:44 -------- d-----w- c:\programdata\ALM
2010-09-22 20:40 . 2010-09-22 20:40 -------- d-----w- c:\program files\Adobe Media Player
2010-09-22 20:38 . 2010-09-22 20:38 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-22 20:38 . 2010-09-22 20:38 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-22 20:34 . 2010-09-23 20:01 -------- d-----w- c:\program files\Common Files\Adobe
2010-09-22 20:33 . 2010-09-23 20:01 -------- d-----w- c:\users\TBE\AppData\Local\Adobe
2010-09-22 20:19 . 2010-10-04 15:33 129576 ----a-w- c:\users\TBE\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-22 20:13 . 2009-12-08 14:53 557056 ------w- c:\windows\system32\Cmeaupci.exe
2010-09-22 20:13 . 2009-04-02 14:59 143360 ------w- c:\windows\system\VmixP6.dll
2010-09-22 20:12 . 2009-08-19 14:00 303104 ------w- c:\windows\system32\CmiInstallResAll.dll
2010-09-22 20:12 . 2006-10-06 03:47 319968 ----a-w- c:\windows\difxapi.dll
2010-09-22 20:12 . 2009-11-02 08:33 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-09-22 20:02 . 2010-09-22 20:02 -------- d-----w- c:\users\TBE\AppData\Local\ESET
2010-09-22 20:02 . 2010-09-22 20:03 -------- d-----w- c:\program files\ESET
2010-09-22 20:00 . 2010-09-22 20:00 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-09-22 19:59 . 2010-09-22 20:00 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-24 11:06 -------- d-----w- c:\users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-22 19:59 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Local\Ahead
2010-09-22 19:59 . 2010-09-23 13:56 -------- d-----w- c:\users\TBE\AppData\Roaming\Ahead
2010-09-22 19:58 . 2010-09-22 19:59 -------- d-----w- c:\program files\Common Files\Ahead
2010-09-22 19:58 . 2010-09-22 19:58 -------- d-----w- c:\program files\Nero
2010-09-22 19:51 . 2010-09-22 19:51 -------- d-----w- c:\program files\JPEG Resampler
2010-09-22 19:49 . 2010-09-22 19:49 -------- d-----w- c:\program files\uTorrent
2010-09-22 19:49 . 2010-10-06 14:35 -------- d-----w- c:\users\TBE\AppData\Roaming\uTorrent
2010-09-22 19:46 . 2006-10-26 17:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-09-22 19:46 . 2006-10-26 17:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\program files\Microsoft Works
2010-09-22 19:45 . 2010-09-25 19:36 -------- d-----w- c:\program files\Microsoft.NET
2010-09-22 19:45 . 2010-09-22 19:45 -------- d-----w- c:\windows\PCHEALTH
2010-09-22 19:44 . 2010-02-25 09:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-22 19:44 . 2010-02-25 08:56 21320 ----a-w- c:\windows\system32\authuitu.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-06 15:07 . 2009-07-26 17:53 634308 ----a-w- c:\windows\system32\perfh005.dat
2010-10-06 15:07 . 2009-07-26 17:53 122898 ----a-w- c:\windows\system32\perfc005.dat
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\Common Files\muvee Technologies
2010-10-05 21:08 . 2010-10-04 15:32 -------- d-----w- c:\program files\muvee Technologies
2010-10-04 15:32 . 2010-09-22 19:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-30 15:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Canon
2010-09-28 14:50 . 2010-09-28 13:18 -------- d-----w- c:\programdata\MAGIX
2010-09-27 10:22 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\InstallShield
2010-09-26 21:09 . 2010-09-26 08:42 -------- d-----w- c:\users\TBE\AppData\Roaming\DivX
2010-09-23 07:36 . 2010-09-23 07:36 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_09_00.Wdf
2010-09-23 03:20 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-09-22 20:16 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerTV
2010-09-22 19:45 . 2009-07-14 04:52 -------- d-----w- c:\program files\MSBuild
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\program files\Common Files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:39 -------- d-----w- c:\program files\AVerMedia
2010-09-22 19:40 . 2010-09-22 19:40 -------- d-----w- c:\programdata\AVerMedia
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Plocha
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Oblíbené položky
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Šablony
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Nabídka Start
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Dokumenty
2010-09-22 19:16 . 2010-09-22 19:16 -------- d-sh--we c:\programdata\Data aplikací
2010-08-26 03:36 . 2010-08-26 03:36 6380032 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-08-26 02:01 . 2010-08-26 02:01 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-08-26 02:01 . 2010-08-26 02:01 528384 ----a-w- c:\windows\system32\aticfx32.dll
2010-08-26 01:57 . 2010-08-26 01:57 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-08-26 01:57 . 2010-08-26 01:57 380928 ----a-w- c:\windows\system32\atieclxx.exe
2010-08-26 01:57 . 2010-08-26 01:57 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-08-26 01:55 . 2010-08-26 01:55 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 15830016 ----a-w- c:\windows\system32\atioglxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-08-26 01:55 . 2010-08-26 01:55 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-08-26 01:55 . 2010-08-26 01:55 11776 ----a-w- c:\windows\system32\atimuixx.dll
2010-08-26 01:55 . 2010-08-26 01:55 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-08-26 01:52 . 2009-07-13 22:09 3914240 ----a-w- c:\windows\system32\atidxx32.dll
2010-08-26 01:34 . 2010-08-26 01:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-08-26 01:34 . 2010-08-26 01:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-08-26 01:33 . 2010-08-26 01:33 4032512 ----a-w- c:\windows\system32\atiumdag.dll
2010-08-26 01:33 . 2010-08-26 01:33 4375552 ----a-w- c:\windows\system32\aticaldd.dll
2010-08-26 01:27 . 2010-08-26 01:27 65536 ----a-w- c:\windows\system32\coinst.dll
2010-08-26 01:25 . 2010-08-26 01:25 3392000 ----a-w- c:\windows\system32\atiumdva.dll
2010-08-26 01:21 . 2010-08-26 01:21 241664 ----a-w- c:\windows\system32\atiadlxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-08-26 01:21 . 2010-08-26 01:21 19968 ----a-w- c:\windows\system32\atigktxx.dll
2010-08-26 01:20 . 2010-08-26 01:20 221696 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-08-26 01:20 . 2010-08-26 01:20 30208 ----a-w- c:\windows\system32\atiuxpag.dll
2010-08-26 01:19 . 2010-08-26 01:19 28160 ----a-w- c:\windows\system32\atiu9pag.dll
2010-08-26 01:19 . 2010-08-26 01:19 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-08-26 01:13 . 2010-08-26 01:13 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-08-21 05:32 . 2010-09-23 03:13 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-29 11:31 . 2010-07-29 11:31 41336 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-07-29 11:31 . 2010-07-29 11:31 32608 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-07-29 11:31 . 2010-07-29 11:31 136632 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-07-29 11:31 . 2010-07-29 11:31 134512 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-07-29 11:31 . 2010-07-29 11:31 115008 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-07-29 06:30 . 2010-09-23 03:13 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-09-23 03:13 82944 ----a-w- c:\windows\system32\iccvid.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-06-26 1311312]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AVer HID Receiver.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe [2010-9-22 155648]
AVerQuick.lnk - c:\program files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe [2010-9-22 651264]
Canon LBP2900 Status Window.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE [2010-9-30 50848]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote;c:\program files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-30 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service;c:\windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2010-03-18 10448]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: {3A055A76-AE5F-42EF-B015-58D4D4E96967} = 10.0.0.138
FF - ProfilePath - c:\users\TBE\AppData\Roaming\Mozilla\Firefox\Profiles\pgpnyrnd.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
HKLM-RunOnce-<NO NAME> - (no file)
.
Celkový čas: 2010-10-06 18:35:38
ComboFix-quarantined-files.txt 2010-10-06 16:35
ComboFix2.txt 2010-10-06 16:16
Před spuštěním: Volných bajtů: 224 028 450 816
Po spuštění: Volných bajtů: 223 975 313 408
- - End Of File - - 8AA25CF8E5CEB6E704DDDD8F4A82FADA
Re: Tool security - log
Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- V zadnem pripade ted nerestartujte PC - prisli byste o ucinek RKillu
Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) (viz muj podpis)
- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4755
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
6.10.2010 19:25:35
mbam-log-2010-10-06 (19-25-35).txt
Typ skenu: Úplný sken (C:\|D:\|F:\|)
Skenované objekty: 318015
Uplynulý čas: 29 minuta(y), 32 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 7
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Qoobox\Quarantine\C\Users\TBE\AppData\Local\005379354.exe.vir (Rogue.SecurityTool) -> No action taken.
D:\Data\Data TEABE\Lineage\Lineage soft\L2Informer_kamael_b1.exe (Trojan.KillAV) -> No action taken.
D:\Data\Data TEABE\Lineage\Lineage soft\Lineage II high\system\nwindow.dll (Malware.Packer.T) -> No action taken.
F:\Downloads\adobe cs5\adobe MasterCollection_CS5(www.doolphin.cz)\keygen\adobe_keygen_mc_cs5.exe (RiskWare.Tool.CK) -> No action taken.
F:\Downloads\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe (Malware.Packer.Gen) -> No action taken.
F:\Downloads\Sony Vegas Pro 9\Sony Vegas Pro 9.0 Build 704\Keygen.exe (Trojan.Agent.CK) -> No action taken.
F:\System Volume Information\_restore{54254ED6-1E46-4C1C-8B5D-CB2EF07144FC}\RP249\A0048243.exe (Trojan.Dropper.PGen) -> No action taken.
www.malwarebytes.org
Verze databáze: 4755
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
6.10.2010 19:25:35
mbam-log-2010-10-06 (19-25-35).txt
Typ skenu: Úplný sken (C:\|D:\|F:\|)
Skenované objekty: 318015
Uplynulý čas: 29 minuta(y), 32 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 7
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
C:\Qoobox\Quarantine\C\Users\TBE\AppData\Local\005379354.exe.vir (Rogue.SecurityTool) -> No action taken.
D:\Data\Data TEABE\Lineage\Lineage soft\L2Informer_kamael_b1.exe (Trojan.KillAV) -> No action taken.
D:\Data\Data TEABE\Lineage\Lineage soft\Lineage II high\system\nwindow.dll (Malware.Packer.T) -> No action taken.
F:\Downloads\adobe cs5\adobe MasterCollection_CS5(www.doolphin.cz)\keygen\adobe_keygen_mc_cs5.exe (RiskWare.Tool.CK) -> No action taken.
F:\Downloads\Adobe Photoshop CS5 CZ\Crack\adobe_PS_CS5_keygen.exe (Malware.Packer.Gen) -> No action taken.
F:\Downloads\Sony Vegas Pro 9\Sony Vegas Pro 9.0 Build 704\Keygen.exe (Trojan.Agent.CK) -> No action taken.
F:\System Volume Information\_restore{54254ED6-1E46-4C1C-8B5D-CB2EF07144FC}\RP249\A0048243.exe (Trojan.Dropper.PGen) -> No action taken.
Re: Tool security - log
Nasledujici soubory otestujte na VirusTotalu (viz muj podpis)
- D:\Data\Data TEABE\Lineage\Lineage soft\L2Informer_kamael_b1.exe
D:\Data\Data TEABE\Lineage\Lineage soft\Lineage II high\system\nwindow.dll - Kliknete na Prochazet
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Pokud napise Soubor byl jiz testovan, dejte otestovat znovu
- Kliknete na Otestovat soubor
- Vysledek analyzy sem vlozte (jako odkaz)
Porusovani autorskych zakonu = pachani trestneho cinu obhajite jak 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
http://www.virustotal.com/file-scan/rea ... 1286386922
http://www.virustotal.com/file-scan/rea ... 1286387149
Nejsem vlastníkem externího zdroje F:,proto se nemohu nijak hájit.
http://www.virustotal.com/file-scan/rea ... 1286387149
Nejsem vlastníkem externího zdroje F:,proto se nemohu nijak hájit.
Re: Tool security - log
Vse co nasel MBAM smazte Jak se chova PC "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
po tool security ani stopy, spuštění bez problémů a rychlost taky..mám udělat ještě nějaký log?
Re: Tool security - log
Uklidime po utilitach a dame zaverecnou kontrolku 
Odinstalujte Combofix
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040
MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaru
Panel čistič
Dejte novy log z RSIT
Odinstalujte Combofix
- Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
- Napiste ComboFix /Uninstall
- Stisknete Enter
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://sweb.cz/Marinus/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
Havet se usadila v bodech obnoveni - smazte je dle navodu kolegy riffa http://www.viry.cz/forum/viewtopic.php?f=11&t=47040 MBAM muzete odinstalovat nebo nechat na obcasny sken - v pripade nalezu velmi doporucuji dat sem log na posouzeni, at si neodstrelite neco legitimniho OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis), pri instalaci dejte fajfku pryc u yahoo toolbaruPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Dejte novy log z RSIT"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
Logfile of random's system information tool 1.08 (written by random/random)
Run by TBE at 2010-10-06 20:18:01
Microsoft Windows 7 Ultimate
System drive C: has 214 GB (90%) free of 238 GB
Total RAM: 3327 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:14, on 6.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\Users\TBE\Desktop\RSIT.exe
C:\Program Files\trend micro\TBE.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 5110 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-22 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-10-06 20:18:01 ----D---- C:\rsit
2010-10-06 20:15:14 ----D---- C:\Program Files\CCleaner
2010-10-06 18:54:08 ----D---- C:\Users\TBE\AppData\Roaming\Malwarebytes
2010-10-06 18:53:46 ----D---- C:\ProgramData\Malwarebytes
2010-10-06 18:35:41 ----SHD---- C:\$RECYCLE.BIN
2010-10-06 18:35:40 ----D---- C:\Windows\temp
2010-10-06 17:11:22 ----D---- C:\Program Files\trend micro
2010-10-06 16:19:37 ----D---- C:\Program Files\Enigma Software Group
2010-10-06 16:19:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-10-05 23:11:02 ----AD---- C:\ProgramData\TEMP
2010-10-04 17:37:21 ----D---- C:\Program Files\AviSynth 2.5
2010-10-04 17:37:09 ----D---- C:\Program Files\AVN Products
2010-10-04 17:32:28 ----N---- C:\Windows\system32\vxblock.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwma.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwave.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxsfs.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxmas.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxhpinst.exe
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxdrv.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\px.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\PxHelp20.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2010-10-04 17:32:06 ----D---- C:\Program Files\muvee Technologies
2010-10-04 17:32:06 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-10-04 17:31:23 ----D---- C:\Users\TBE\AppData\Roaming\InstallShield
2010-10-01 00:20:34 ----D---- C:\Windows\Sun
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4SMK.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4RPK.EXE
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4PTU.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4EMU.DLL
2010-09-30 16:20:21 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 6
2010-09-30 15:14:35 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-30 15:14:28 ----A---- C:\Windows\system32\mshtml.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\urlmon.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\mstime.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\ieframe.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\wininet.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\ieui.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iepeers.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-30 15:04:00 ----A---- C:\Windows\system32\tzres.dll
2010-09-29 12:15:01 ----D---- C:\Program Files\VirtualDJ
2010-09-29 12:14:56 ----RASH---- C:\Windows\system32\KBDBLR1.dll
2010-09-28 21:01:51 ----D---- C:\Program Files\MSXML 4.0
2010-09-28 15:20:04 ----D---- C:\Users\TBE\AppData\Roaming\MAGIX
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTIC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTI32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\STRING32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\MXRestore.exe
2010-09-28 15:18:39 ----A---- C:\Windows\system32\mgxcdr.txt
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLTPO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRES32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRD32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPTL32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRJ32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPNT32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLMSC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIX.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLISO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIMG32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDRV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDIR32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDEV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCPY32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDA32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLAV32.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4r.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4a.dll
2010-09-28 15:18:13 ----D---- C:\ProgramData\MAGIX
2010-09-28 15:17:51 ----A---- C:\Windows\system32\DLLDEV32i.dll
2010-09-28 15:17:40 ----D---- C:\Program Files\Common Files\MAGIX Services
2010-09-27 12:12:34 ----A---- C:\Windows\system32\WNASPINT.DLL
2010-09-26 22:18:37 ----D---- C:\Users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 22:15:06 ----D---- C:\ProgramData\muvee Technologies
2010-09-26 21:52:50 ----D---- C:\Windows\system32\appmgmt
2010-09-26 10:51:15 ----D---- C:\Program Files\DIFX
2010-09-26 10:42:24 ----D---- C:\Users\TBE\AppData\Roaming\DivX
2010-09-26 10:42:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-09-26 10:41:52 ----D---- C:\Program Files\Common Files\DivX Shared
2010-09-26 10:39:43 ----D---- C:\Program Files\DivX
2010-09-26 10:39:18 ----D---- C:\ProgramData\DivX
2010-09-24 13:11:25 ----A---- C:\Windows\system32\REX Shared Library.dll
2010-09-24 13:11:25 ----A---- C:\Windows\system32\ReWire.dll
2010-09-24 13:08:17 ----D---- C:\Users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 13:08:17 ----D---- C:\ProgramData\Propellerhead Software
2010-09-24 13:06:52 ----D---- C:\Program Files\Propellerhead
2010-09-23 19:50:47 ----D---- C:\Program Files\QIP
2010-09-23 19:09:40 ----D---- C:\Program Files\VideoLAN
2010-09-23 10:53:18 ----RASH---- C:\MSDOS.SYS
2010-09-23 10:53:18 ----RASH---- C:\IO.SYS
2010-09-23 07:08:56 ----D---- C:\Windows\Panther
2010-09-23 07:08:33 ----D---- C:\Windows\system32\OEM
2010-09-23 05:18:55 ----A---- C:\Windows\system32\msv1_0.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHost.exe
2010-09-23 05:18:08 ----A---- C:\Windows\system32\netfxperf.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\mscoree.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\dfshim.dll
2010-09-23 05:14:40 ----A---- C:\Windows\system32\MRT.exe
2010-09-23 05:13:39 ----A---- C:\Windows\system32\wmp.dll
2010-09-23 05:13:37 ----A---- C:\Windows\system32\winload.exe
2010-09-23 05:13:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-09-23 05:13:37 ----A---- C:\Windows\system32\CertEnroll.dll
2010-09-23 05:13:36 ----A---- C:\Windows\system32\wmploc.DLL
2010-09-23 05:13:36 ----A---- C:\Windows\system32\winresume.exe
2010-09-23 05:13:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\lsasrv.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-09-23 05:13:10 ----A---- C:\Windows\system32\msdri.dll
2010-09-23 05:13:10 ----A---- C:\Windows\system32\CPFilters.dll
2010-09-23 05:13:09 ----A---- C:\Windows\system32\psisdecd.dll
2010-09-23 05:13:08 ----A---- C:\Windows\system32\rtutils.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\wintrust.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\ntdll.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\ir32_32.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\iccvid.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv.sys
2010-09-23 05:12:58 ----A---- C:\Windows\system32\asycfilt.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\tsbyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\quartz.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msvidc32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msrle32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\mciavi32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\iyuv_32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\avifil32.dll
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-09-23 05:11:58 ----A---- C:\Windows\system32\vbscript.dll
2010-09-23 05:11:57 ----A---- C:\Windows\system32\winlogon.exe
2010-09-23 05:11:57 ----A---- C:\Windows\explorer.exe
2010-09-23 05:11:55 ----A---- C:\Windows\system32\jscript.dll
2010-09-23 05:11:51 ----A---- C:\Windows\system32\shell32.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\fontsub.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmlib.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmfd.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\kernel32.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\apphelp.dll
2010-09-23 05:11:48 ----A---- C:\Windows\system32\t2embed.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msxml3.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msasn1.dll
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-09-23 05:11:40 ----A---- C:\Windows\system32\win32k.sys
2010-09-23 05:11:39 ----A---- C:\Windows\system32\schannel.dll
2010-09-23 05:11:39 ----A---- C:\Windows\system32\cabview.dll
2010-09-23 01:07:54 ----A---- C:\Windows\mixerdef.ini
2010-09-23 00:25:11 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2010-09-23 00:16:11 ----D---- C:\ProgramData\Logitech
2010-09-23 00:16:04 ----D---- C:\Users\TBE\AppData\Roaming\Leadertech
2010-09-23 00:15:39 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2010-09-23 00:15:13 ----D---- C:\ProgramData\Logishrd
2010-09-23 00:15:12 ----D---- C:\Program Files\Logitech
2010-09-23 00:14:56 ----D---- C:\Program Files\Common Files\LogiShrd
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logitech
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logishrd
2010-09-22 23:58:16 ----D---- C:\Users\TBE\AppData\Roaming\ATI
2010-09-22 23:58:16 ----D---- C:\ProgramData\ATI
2010-09-22 23:52:32 ----D---- C:\Users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 23:17:37 ----A---- C:\Windows\system32\unrar.dll
2010-09-22 23:17:37 ----A---- C:\Windows\avisplitter.ini
2010-09-22 23:17:35 ----A---- C:\Windows\system32\yv12vfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidvfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidcore.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll
2010-09-22 23:17:31 ----D---- C:\Program Files\K-Lite Codec Pack
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 22:51:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-09-22 22:44:57 ----D---- C:\ProgramData\ALM
2010-09-22 22:40:51 ----D---- C:\Program Files\Adobe Media Player
2010-09-22 22:38:28 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-09-22 22:38:27 ----D---- C:\Program Files\Adobe
2010-09-22 22:34:39 ----D---- C:\ProgramData\Adobe
2010-09-22 22:34:02 ----D---- C:\Program Files\Common Files\Adobe
2010-09-22 22:13:10 ----N---- C:\Windows\system32\Cmeaupci.exe
2010-09-22 22:13:10 ----A---- C:\Windows\Cmicnfg3.ini.cfl
2010-09-22 22:12:51 ----N---- C:\Windows\system32\CmiInstallResAll.dll
2010-09-22 22:12:51 ----N---- C:\Windows\cmudax3.ini
2010-09-22 22:12:51 ----N---- C:\Windows\Cmicnfg3.ini.cfg
2010-09-22 22:12:51 ----A---- C:\Windows\difxapi.dll
2010-09-22 22:12:51 ----A---- C:\Windows\Cmicnfg3.ini.imi
2010-09-22 22:12:50 ----A---- C:\Windows\system32\cmudax3.DLL
2010-09-22 22:02:48 ----D---- C:\Users\TBE\AppData\Roaming\ESET
2010-09-22 22:02:10 ----D---- C:\ProgramData\ESET
2010-09-22 22:02:10 ----D---- C:\Program Files\ESET
2010-09-22 22:00:05 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-09-22 21:59:53 ----D---- C:\Program Files\DAEMON Tools Lite
2010-09-22 21:59:41 ----D---- C:\Users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 21:59:39 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-09-22 21:59:04 ----D---- C:\Users\TBE\AppData\Roaming\Ahead
2010-09-22 21:58:28 ----D---- C:\Program Files\Nero
2010-09-22 21:58:28 ----D---- C:\Program Files\Common Files\Ahead
2010-09-22 21:51:52 ----D---- C:\Program Files\JPEG Resampler
2010-09-22 21:49:51 ----D---- C:\Program Files\uTorrent
2010-09-22 21:49:26 ----D---- C:\Users\TBE\AppData\Roaming\uTorrent
2010-09-22 21:49:06 ----D---- C:\Users\TBE\AppData\Roaming\WinRAR
2010-09-22 21:46:56 ----A---- C:\Windows\system32\BASSMOD.dll
2010-09-22 21:46:47 ----D---- C:\Program Files\WinRAR
2010-09-22 21:46:20 ----A---- C:\Windows\system32\msonpmon.dll
2010-09-22 21:45:36 ----D---- C:\Program Files\Microsoft Works
2010-09-22 21:45:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-09-22 21:45:24 ----D---- C:\Program Files\Common Files\DESIGNER
2010-09-22 21:45:14 ----D---- C:\Windows\PCHEALTH
2010-09-22 21:45:14 ----D---- C:\Program Files\Microsoft.NET
2010-09-22 21:44:24 ----A---- C:\Windows\system32\TURegOpt.exe
2010-09-22 21:44:21 ----A---- C:\Windows\system32\uxtuneup.dll
2010-09-22 21:44:21 ----A---- C:\Windows\system32\authuitu.dll
2010-09-22 21:44:14 ----D---- C:\Users\TBE\AppData\Roaming\TuneUp Software
2010-09-22 21:44:10 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-09-22 21:43:32 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-09-22 21:43:25 ----D---- C:\ProgramData\TuneUp Software
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-09-22 21:43:16 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-22 21:42:53 ----D---- C:\ProgramData\Microsoft Help
2010-09-22 21:42:53 ----D---- C:\Program Files\Microsoft Office
2010-09-22 21:42:35 ----RD---- C:\MSOCache
2010-09-22 21:41:17 ----A---- C:\Windows\system32\CNAB4LMK.DLL
2010-09-22 21:40:52 ----D---- C:\Program Files\Canon
2010-09-22 21:40:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-22 21:40:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-22 21:40:47 ----D---- C:\ProgramData\AVerTV
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib22.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib21.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib12.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib11.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib03.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib02.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib01.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\CardID.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.sys
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.dll
2010-09-22 21:40:09 ----D---- C:\Program Files\Common Files\AVerMedia
2010-09-22 21:40:07 ----D---- C:\ProgramData\AVerMedia
2010-09-22 21:39:45 ----D---- C:\Windows\Driver Cache
2010-09-22 21:39:45 ----D---- C:\Program Files\AVerMedia
2010-09-22 21:39:45 ----A---- C:\Windows\system32\TVRate.dll
2010-09-22 21:39:45 ----A---- C:\Windows\system32\drivers\AVerA706.sys
2010-09-22 21:39:45 ----A---- C:\Windows\system32\34CoInstaller.dll
2010-09-22 21:39:22 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-09-22 21:37:36 ----D---- C:\Program Files\Intel
2010-09-22 21:37:36 ----A---- C:\Windows\system32\CSVer.dll
2010-09-22 21:37:29 ----D---- C:\Intel
2010-09-22 21:36:50 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-22 21:31:26 ----D---- C:\Program Files\ATI
2010-09-22 21:31:06 ----D---- C:\Program Files\ATI Technologies
2010-09-22 21:30:40 ----D---- C:\ATI
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Macromedia
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Adobe
2010-09-22 21:26:40 ----D---- C:\ProgramData\Sun
2010-09-22 21:26:40 ----D---- C:\Program Files\Common Files\Java
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaws.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaw.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\java.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\deployJava1.dll
2010-09-22 21:26:26 ----D---- C:\Program Files\Java
2010-09-22 21:26:13 ----SHD---- C:\Windows\Installer
2010-09-22 21:25:30 ----D---- C:\Windows\system32\Macromed
2010-09-22 21:24:19 ----D---- C:\Users\TBE\AppData\Roaming\Mozilla
2010-09-22 21:24:16 ----D---- C:\Program Files\Mozilla Firefox
2010-09-22 21:22:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-22 21:18:48 ----D---- C:\Users\TBE\AppData\Roaming\Identities
2010-09-22 21:18:39 ----SD---- C:\Users\TBE\AppData\Roaming\Microsoft
2010-09-22 21:18:39 ----D---- C:\Users\TBE\AppData\Roaming\Media Center Programs
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Šablony
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Plocha
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Oblíbené položky
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Nabídka Start
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Dokumenty
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Data aplikací
2010-09-22 21:16:46 ----D---- C:\Recovery
2010-09-22 21:12:35 ----D---- C:\Windows\SoftwareDistribution
2010-09-22 21:09:58 ----D---- C:\Windows\Prefetch
2010-09-22 21:09:47 ----ASH---- C:\pagefile.sys
2010-09-22 21:09:46 ----SHD---- C:\System Volume Information
2010-09-22 21:09:46 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2010-10-07 02:02:23 ----D---- C:\Windows\system32\LogFiles
2010-10-06 20:17:23 ----D---- C:\Windows\System32
2010-10-06 20:17:22 ----D---- C:\Windows\inf
2010-10-06 20:16:32 ----D---- C:\Windows
2010-10-06 20:15:50 ----D---- C:\Windows\system32\config
2010-10-06 20:15:14 ----RD---- C:\Program Files
2010-10-06 20:11:15 ----D---- C:\Windows\system32\drivers
2010-10-06 20:04:54 ----D---- C:\Windows\system32\Tasks
2010-10-06 19:54:00 ----D---- C:\Windows\Resources
2010-10-06 18:53:46 ----D---- C:\ProgramData
2010-10-06 18:34:37 ----A---- C:\Windows\system.ini
2010-10-06 18:34:33 ----D---- C:\Windows\system32\drivers\etc
2010-10-06 18:33:28 ----D---- C:\Windows\AppPatch
2010-10-06 18:33:27 ----D---- C:\Program Files\Common Files
2010-10-06 18:15:46 ----D---- C:\Windows\Tasks
2010-10-05 23:17:34 ----D---- C:\Windows\winsxs
2010-10-04 17:32:24 ----RSD---- C:\Windows\Fonts
2010-10-02 19:23:58 ----D---- C:\Windows\Microsoft.NET
2010-10-02 19:23:48 ----RSD---- C:\Windows\assembly
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot2
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot
2010-09-30 17:22:46 ----D---- C:\Windows\system32\DriverStore
2010-09-30 15:50:08 ----D---- C:\Windows\rescache
2010-09-30 15:19:19 ----D---- C:\Windows\Downloaded Program Files
2010-09-30 15:14:56 ----D---- C:\Windows\system32\migration
2010-09-30 15:14:56 ----D---- C:\Program Files\Internet Explorer
2010-09-30 15:04:06 ----D---- C:\Windows\system32\sk-SK
2010-09-30 15:04:06 ----D---- C:\Windows\system32\en-US
2010-09-30 15:04:06 ----D---- C:\Windows\system32\cs-CZ
2010-09-28 16:50:20 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-28 15:20:00 ----D---- C:\Windows\Help
2010-09-25 20:17:33 ----D---- C:\Windows\system32\wdi
2010-09-24 13:14:23 ----SD---- C:\ProgramData\Microsoft
2010-09-23 09:36:24 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-23 05:39:28 ----D---- C:\Windows\debug
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Media Player
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Mail
2010-09-23 05:20:01 ----D---- C:\Windows\system32\Boot
2010-09-23 05:20:01 ----D---- C:\Windows\ehome
2010-09-23 01:57:48 ----D---- C:\Windows\Logs
2010-09-23 01:11:49 ----D---- C:\Windows\system
2010-09-22 21:45:28 ----D---- C:\Program Files\MSBuild
2010-09-22 21:45:23 ----D---- C:\Windows\ShellNew
2010-09-22 21:43:09 ----D---- C:\Program Files\Common Files\System
2010-09-22 21:43:09 ----A---- C:\Windows\win.ini
2010-09-22 21:40:04 ----RD---- C:\Users
2010-09-22 21:28:01 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-22 21:26:14 ----D---- C:\Windows\system32\restore
2010-09-22 21:22:39 ----D---- C:\Windows\system32\wbem
2010-09-22 21:17:21 ----D---- C:\Windows\Setup
2010-09-22 21:16:46 ----D---- C:\Program Files\Windows NT
2010-09-22 21:13:57 ----D---- C:\Windows\system32\sysprep
2010-09-22 21:10:21 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-08-30 36528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service; C:\Windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-12-01 1872192]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-14 47104]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-03-18 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-03-18 37328]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 achg82lx;achg82lx; C:\Windows\system32\drivers\achg82lx.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-31 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-22 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Run by TBE at 2010-10-06 20:18:01
Microsoft Windows 7 Ultimate
System drive C: has 214 GB (90%) free of 238 GB
Total RAM: 3327 MB (68% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:18:14, on 6.10.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\firefox.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugin-container.exe
C:\Users\TBE\Desktop\RSIT.exe
C:\Program Files\trend micro\TBE.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS1\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O17 - HKLM\System\CS2\Services\Tcpip\..\{3A055A76-AE5F-42EF-B015-58D4D4E96967}: NameServer = 10.0.0.138
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVerRemote - AVerMedia - C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
--
End of file - 5110 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-22 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2010-06-26 1311312]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AVer HID Receiver.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\w32x86\3\CNAB4LAK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2010-05-06 64592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2009-07-14 229376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDriveAutorun"=0
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-10-06 20:18:01 ----D---- C:\rsit
2010-10-06 20:15:14 ----D---- C:\Program Files\CCleaner
2010-10-06 18:54:08 ----D---- C:\Users\TBE\AppData\Roaming\Malwarebytes
2010-10-06 18:53:46 ----D---- C:\ProgramData\Malwarebytes
2010-10-06 18:35:41 ----SHD---- C:\$RECYCLE.BIN
2010-10-06 18:35:40 ----D---- C:\Windows\temp
2010-10-06 17:11:22 ----D---- C:\Program Files\trend micro
2010-10-06 16:19:37 ----D---- C:\Program Files\Enigma Software Group
2010-10-06 16:19:23 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-10-05 23:11:02 ----AD---- C:\ProgramData\TEMP
2010-10-04 17:37:21 ----D---- C:\Program Files\AviSynth 2.5
2010-10-04 17:37:09 ----D---- C:\Program Files\AVN Products
2010-10-04 17:32:28 ----N---- C:\Windows\system32\vxblock.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwma.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxwave.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxsfs.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxmas.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxhpinst.exe
2010-10-04 17:32:28 ----N---- C:\Windows\system32\pxdrv.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\px.dll
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\PxHelp20.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2010-10-04 17:32:28 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2010-10-04 17:32:06 ----D---- C:\Program Files\muvee Technologies
2010-10-04 17:32:06 ----D---- C:\Program Files\Common Files\muvee Technologies
2010-10-04 17:31:23 ----D---- C:\Users\TBE\AppData\Roaming\InstallShield
2010-10-01 00:20:34 ----D---- C:\Windows\Sun
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4SMK.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4RPK.EXE
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4PTU.DLL
2010-09-30 17:22:26 ----A---- C:\Windows\system32\CNAB4EMU.DLL
2010-09-30 16:20:21 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 6
2010-09-30 15:14:35 ----A---- C:\Windows\system32\drivers\ks.sys
2010-09-30 15:14:28 ----A---- C:\Windows\system32\mshtml.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\urlmon.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\mstime.dll
2010-09-30 15:14:26 ----A---- C:\Windows\system32\ieframe.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\wininet.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedssync.exe
2010-09-30 15:14:25 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\jsproxy.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\ieui.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iepeers.dll
2010-09-30 15:14:25 ----A---- C:\Windows\system32\iedkcs32.dll
2010-09-30 15:04:00 ----A---- C:\Windows\system32\tzres.dll
2010-09-29 12:15:01 ----D---- C:\Program Files\VirtualDJ
2010-09-29 12:14:56 ----RASH---- C:\Windows\system32\KBDBLR1.dll
2010-09-28 21:01:51 ----D---- C:\Program Files\MSXML 4.0
2010-09-28 15:20:04 ----D---- C:\Users\TBE\AppData\Roaming\MAGIX
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTIC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\TTI32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\STRING32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\MXRestore.exe
2010-09-28 15:18:39 ----A---- C:\Windows\system32\mgxcdr.txt
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLTPO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRES32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLRD32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPTL32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRJ32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPRF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLPNT32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLMSC32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIX.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLISO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIO32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLIMG32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDRV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDIR32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLDEV32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCPY32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDF32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLCDA32.dll
2010-09-28 15:18:39 ----A---- C:\Windows\system32\DLLAV32.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4r.dll
2010-09-28 15:18:28 ----A---- C:\Windows\system32\msxml4a.dll
2010-09-28 15:18:13 ----D---- C:\ProgramData\MAGIX
2010-09-28 15:17:51 ----A---- C:\Windows\system32\DLLDEV32i.dll
2010-09-28 15:17:40 ----D---- C:\Program Files\Common Files\MAGIX Services
2010-09-27 12:12:34 ----A---- C:\Windows\system32\WNASPINT.DLL
2010-09-26 22:18:37 ----D---- C:\Users\TBE\AppData\Roaming\muvee Technologies
2010-09-26 22:15:06 ----D---- C:\ProgramData\muvee Technologies
2010-09-26 21:52:50 ----D---- C:\Windows\system32\appmgmt
2010-09-26 10:51:15 ----D---- C:\Program Files\DIFX
2010-09-26 10:42:24 ----D---- C:\Users\TBE\AppData\Roaming\DivX
2010-09-26 10:42:10 ----D---- C:\Program Files\Common Files\PX Storage Engine
2010-09-26 10:41:52 ----D---- C:\Program Files\Common Files\DivX Shared
2010-09-26 10:39:43 ----D---- C:\Program Files\DivX
2010-09-26 10:39:18 ----D---- C:\ProgramData\DivX
2010-09-24 13:11:25 ----A---- C:\Windows\system32\REX Shared Library.dll
2010-09-24 13:11:25 ----A---- C:\Windows\system32\ReWire.dll
2010-09-24 13:08:17 ----D---- C:\Users\TBE\AppData\Roaming\Propellerhead Software
2010-09-24 13:08:17 ----D---- C:\ProgramData\Propellerhead Software
2010-09-24 13:06:52 ----D---- C:\Program Files\Propellerhead
2010-09-23 19:50:47 ----D---- C:\Program Files\QIP
2010-09-23 19:09:40 ----D---- C:\Program Files\VideoLAN
2010-09-23 10:53:18 ----RASH---- C:\MSDOS.SYS
2010-09-23 10:53:18 ----RASH---- C:\IO.SYS
2010-09-23 07:08:56 ----D---- C:\Windows\Panther
2010-09-23 07:08:33 ----D---- C:\Windows\system32\OEM
2010-09-23 05:18:55 ----A---- C:\Windows\system32\msv1_0.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\PresentationHost.exe
2010-09-23 05:18:08 ----A---- C:\Windows\system32\netfxperf.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\mscoree.dll
2010-09-23 05:18:08 ----A---- C:\Windows\system32\dfshim.dll
2010-09-23 05:14:40 ----A---- C:\Windows\system32\MRT.exe
2010-09-23 05:13:39 ----A---- C:\Windows\system32\wmp.dll
2010-09-23 05:13:37 ----A---- C:\Windows\system32\winload.exe
2010-09-23 05:13:37 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-09-23 05:13:37 ----A---- C:\Windows\system32\CertEnroll.dll
2010-09-23 05:13:36 ----A---- C:\Windows\system32\wmploc.DLL
2010-09-23 05:13:36 ----A---- C:\Windows\system32\winresume.exe
2010-09-23 05:13:34 ----A---- C:\Windows\system32\inetcomm.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\lsasrv.dll
2010-09-23 05:13:15 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-09-23 05:13:10 ----A---- C:\Windows\system32\msdri.dll
2010-09-23 05:13:10 ----A---- C:\Windows\system32\CPFilters.dll
2010-09-23 05:13:09 ----A---- C:\Windows\system32\psisdecd.dll
2010-09-23 05:13:08 ----A---- C:\Windows\system32\rtutils.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\wintrust.dll
2010-09-23 05:13:07 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc_isv.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\secproc.dll
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-09-23 05:13:06 ----A---- C:\Windows\system32\RMActivate.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-23 05:13:05 ----A---- C:\Windows\system32\ntdll.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\ir32_32.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\iccvid.dll
2010-09-23 05:13:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-09-23 05:13:02 ----A---- C:\Windows\system32\drivers\srv.sys
2010-09-23 05:12:58 ----A---- C:\Windows\system32\asycfilt.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\tsbyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\quartz.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msyuv.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msvidc32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\msrle32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\mciavi32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\iyuv_32.dll
2010-09-23 05:12:57 ----A---- C:\Windows\system32\avifil32.dll
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-09-23 05:12:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-09-23 05:11:58 ----A---- C:\Windows\system32\vbscript.dll
2010-09-23 05:11:57 ----A---- C:\Windows\system32\winlogon.exe
2010-09-23 05:11:57 ----A---- C:\Windows\explorer.exe
2010-09-23 05:11:55 ----A---- C:\Windows\system32\jscript.dll
2010-09-23 05:11:51 ----A---- C:\Windows\system32\shell32.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\fontsub.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmlib.dll
2010-09-23 05:11:50 ----A---- C:\Windows\system32\atmfd.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\kernel32.dll
2010-09-23 05:11:49 ----A---- C:\Windows\system32\apphelp.dll
2010-09-23 05:11:48 ----A---- C:\Windows\system32\t2embed.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msxml3.dll
2010-09-23 05:11:47 ----A---- C:\Windows\system32\msasn1.dll
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-09-23 05:11:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-09-23 05:11:40 ----A---- C:\Windows\system32\win32k.sys
2010-09-23 05:11:39 ----A---- C:\Windows\system32\schannel.dll
2010-09-23 05:11:39 ----A---- C:\Windows\system32\cabview.dll
2010-09-23 01:07:54 ----A---- C:\Windows\mixerdef.ini
2010-09-23 00:25:11 ----A---- C:\Windows\system32\drivers\cmudax3.sys
2010-09-23 00:16:11 ----D---- C:\ProgramData\Logitech
2010-09-23 00:16:04 ----D---- C:\Users\TBE\AppData\Roaming\Leadertech
2010-09-23 00:15:39 ----A---- C:\Windows\system32\drivers\LNonPnP.sys
2010-09-23 00:15:13 ----D---- C:\ProgramData\Logishrd
2010-09-23 00:15:12 ----D---- C:\Program Files\Logitech
2010-09-23 00:14:56 ----D---- C:\Program Files\Common Files\LogiShrd
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logitech
2010-09-23 00:14:43 ----D---- C:\Users\TBE\AppData\Roaming\Logishrd
2010-09-22 23:58:16 ----D---- C:\Users\TBE\AppData\Roaming\ATI
2010-09-22 23:58:16 ----D---- C:\ProgramData\ATI
2010-09-22 23:52:32 ----D---- C:\Users\TBE\AppData\Roaming\Media Player Classic
2010-09-22 23:17:37 ----A---- C:\Windows\system32\unrar.dll
2010-09-22 23:17:37 ----A---- C:\Windows\avisplitter.ini
2010-09-22 23:17:35 ----A---- C:\Windows\system32\yv12vfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidvfw.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\xvidcore.dll
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2010-09-22 23:17:35 ----A---- C:\Windows\system32\ff_vfw.dll
2010-09-22 23:17:31 ----D---- C:\Program Files\K-Lite Codec Pack
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-09-22 22:51:32 ----D---- C:\Users\TBE\AppData\Roaming\Adobe Mini Bridge CS5
2010-09-22 22:51:07 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2010-09-22 22:44:57 ----D---- C:\ProgramData\ALM
2010-09-22 22:40:51 ----D---- C:\Program Files\Adobe Media Player
2010-09-22 22:38:28 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-09-22 22:38:27 ----D---- C:\Program Files\Adobe
2010-09-22 22:34:39 ----D---- C:\ProgramData\Adobe
2010-09-22 22:34:02 ----D---- C:\Program Files\Common Files\Adobe
2010-09-22 22:13:10 ----N---- C:\Windows\system32\Cmeaupci.exe
2010-09-22 22:13:10 ----A---- C:\Windows\Cmicnfg3.ini.cfl
2010-09-22 22:12:51 ----N---- C:\Windows\system32\CmiInstallResAll.dll
2010-09-22 22:12:51 ----N---- C:\Windows\cmudax3.ini
2010-09-22 22:12:51 ----N---- C:\Windows\Cmicnfg3.ini.cfg
2010-09-22 22:12:51 ----A---- C:\Windows\difxapi.dll
2010-09-22 22:12:51 ----A---- C:\Windows\Cmicnfg3.ini.imi
2010-09-22 22:12:50 ----A---- C:\Windows\system32\cmudax3.DLL
2010-09-22 22:02:48 ----D---- C:\Users\TBE\AppData\Roaming\ESET
2010-09-22 22:02:10 ----D---- C:\ProgramData\ESET
2010-09-22 22:02:10 ----D---- C:\Program Files\ESET
2010-09-22 22:00:05 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-09-22 21:59:53 ----D---- C:\Program Files\DAEMON Tools Lite
2010-09-22 21:59:41 ----D---- C:\Users\TBE\AppData\Roaming\DAEMON Tools Lite
2010-09-22 21:59:39 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-09-22 21:59:04 ----D---- C:\Users\TBE\AppData\Roaming\Ahead
2010-09-22 21:58:28 ----D---- C:\Program Files\Nero
2010-09-22 21:58:28 ----D---- C:\Program Files\Common Files\Ahead
2010-09-22 21:51:52 ----D---- C:\Program Files\JPEG Resampler
2010-09-22 21:49:51 ----D---- C:\Program Files\uTorrent
2010-09-22 21:49:26 ----D---- C:\Users\TBE\AppData\Roaming\uTorrent
2010-09-22 21:49:06 ----D---- C:\Users\TBE\AppData\Roaming\WinRAR
2010-09-22 21:46:56 ----A---- C:\Windows\system32\BASSMOD.dll
2010-09-22 21:46:47 ----D---- C:\Program Files\WinRAR
2010-09-22 21:46:20 ----A---- C:\Windows\system32\msonpmon.dll
2010-09-22 21:45:36 ----D---- C:\Program Files\Microsoft Works
2010-09-22 21:45:24 ----D---- C:\Program Files\Microsoft Visual Studio
2010-09-22 21:45:24 ----D---- C:\Program Files\Common Files\DESIGNER
2010-09-22 21:45:14 ----D---- C:\Windows\PCHEALTH
2010-09-22 21:45:14 ----D---- C:\Program Files\Microsoft.NET
2010-09-22 21:44:24 ----A---- C:\Windows\system32\TURegOpt.exe
2010-09-22 21:44:21 ----A---- C:\Windows\system32\uxtuneup.dll
2010-09-22 21:44:21 ----A---- C:\Windows\system32\authuitu.dll
2010-09-22 21:44:14 ----D---- C:\Users\TBE\AppData\Roaming\TuneUp Software
2010-09-22 21:44:10 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-09-22 21:43:32 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-09-22 21:43:25 ----D---- C:\ProgramData\TuneUp Software
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-09-22 21:43:18 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-09-22 21:43:16 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-09-22 21:42:53 ----D---- C:\ProgramData\Microsoft Help
2010-09-22 21:42:53 ----D---- C:\Program Files\Microsoft Office
2010-09-22 21:42:35 ----RD---- C:\MSOCache
2010-09-22 21:41:17 ----A---- C:\Windows\system32\CNAB4LMK.DLL
2010-09-22 21:40:52 ----D---- C:\Program Files\Canon
2010-09-22 21:40:50 ----D---- C:\Program Files\Common Files\InstallShield
2010-09-22 21:40:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-22 21:40:47 ----D---- C:\ProgramData\AVerTV
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib22.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib21.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib12.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib11.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib03.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib02.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\sptlib01.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\CardID.dll
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.sys
2010-09-22 21:40:28 ----A---- C:\Windows\system32\AVerIO.dll
2010-09-22 21:40:09 ----D---- C:\Program Files\Common Files\AVerMedia
2010-09-22 21:40:07 ----D---- C:\ProgramData\AVerMedia
2010-09-22 21:39:45 ----D---- C:\Windows\Driver Cache
2010-09-22 21:39:45 ----D---- C:\Program Files\AVerMedia
2010-09-22 21:39:45 ----A---- C:\Windows\system32\TVRate.dll
2010-09-22 21:39:45 ----A---- C:\Windows\system32\drivers\AVerA706.sys
2010-09-22 21:39:45 ----A---- C:\Windows\system32\34CoInstaller.dll
2010-09-22 21:39:22 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2010-09-22 21:37:36 ----D---- C:\Program Files\Intel
2010-09-22 21:37:36 ----A---- C:\Windows\system32\CSVer.dll
2010-09-22 21:37:29 ----D---- C:\Intel
2010-09-22 21:36:50 ----N---- C:\Windows\system32\MpSigStub.exe
2010-09-22 21:31:26 ----D---- C:\Program Files\ATI
2010-09-22 21:31:06 ----D---- C:\Program Files\ATI Technologies
2010-09-22 21:30:40 ----D---- C:\ATI
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Macromedia
2010-09-22 21:26:53 ----D---- C:\Users\TBE\AppData\Roaming\Adobe
2010-09-22 21:26:40 ----D---- C:\ProgramData\Sun
2010-09-22 21:26:40 ----D---- C:\Program Files\Common Files\Java
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaws.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\javaw.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\java.exe
2010-09-22 21:26:30 ----A---- C:\Windows\system32\deployJava1.dll
2010-09-22 21:26:26 ----D---- C:\Program Files\Java
2010-09-22 21:26:13 ----SHD---- C:\Windows\Installer
2010-09-22 21:25:30 ----D---- C:\Windows\system32\Macromed
2010-09-22 21:24:19 ----D---- C:\Users\TBE\AppData\Roaming\Mozilla
2010-09-22 21:24:16 ----D---- C:\Program Files\Mozilla Firefox
2010-09-22 21:22:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-22 21:18:48 ----D---- C:\Users\TBE\AppData\Roaming\Identities
2010-09-22 21:18:39 ----SD---- C:\Users\TBE\AppData\Roaming\Microsoft
2010-09-22 21:18:39 ----D---- C:\Users\TBE\AppData\Roaming\Media Center Programs
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Šablony
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Plocha
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Oblíbené položky
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Nabídka Start
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Dokumenty
2010-09-22 21:16:46 ----SHD---- C:\ProgramData\Data aplikací
2010-09-22 21:16:46 ----D---- C:\Recovery
2010-09-22 21:12:35 ----D---- C:\Windows\SoftwareDistribution
2010-09-22 21:09:58 ----D---- C:\Windows\Prefetch
2010-09-22 21:09:47 ----ASH---- C:\pagefile.sys
2010-09-22 21:09:46 ----SHD---- C:\System Volume Information
2010-09-22 21:09:46 ----ASH---- C:\hiberfil.sys
======List of files/folders modified in the last 1 months======
2010-10-07 02:02:23 ----D---- C:\Windows\system32\LogFiles
2010-10-06 20:17:23 ----D---- C:\Windows\System32
2010-10-06 20:17:22 ----D---- C:\Windows\inf
2010-10-06 20:16:32 ----D---- C:\Windows
2010-10-06 20:15:50 ----D---- C:\Windows\system32\config
2010-10-06 20:15:14 ----RD---- C:\Program Files
2010-10-06 20:11:15 ----D---- C:\Windows\system32\drivers
2010-10-06 20:04:54 ----D---- C:\Windows\system32\Tasks
2010-10-06 19:54:00 ----D---- C:\Windows\Resources
2010-10-06 18:53:46 ----D---- C:\ProgramData
2010-10-06 18:34:37 ----A---- C:\Windows\system.ini
2010-10-06 18:34:33 ----D---- C:\Windows\system32\drivers\etc
2010-10-06 18:33:28 ----D---- C:\Windows\AppPatch
2010-10-06 18:33:27 ----D---- C:\Program Files\Common Files
2010-10-06 18:15:46 ----D---- C:\Windows\Tasks
2010-10-05 23:17:34 ----D---- C:\Windows\winsxs
2010-10-04 17:32:24 ----RSD---- C:\Windows\Fonts
2010-10-02 19:23:58 ----D---- C:\Windows\Microsoft.NET
2010-10-02 19:23:48 ----RSD---- C:\Windows\assembly
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot2
2010-10-02 18:41:21 ----D---- C:\Windows\system32\catroot
2010-09-30 17:22:46 ----D---- C:\Windows\system32\DriverStore
2010-09-30 15:50:08 ----D---- C:\Windows\rescache
2010-09-30 15:19:19 ----D---- C:\Windows\Downloaded Program Files
2010-09-30 15:14:56 ----D---- C:\Windows\system32\migration
2010-09-30 15:14:56 ----D---- C:\Program Files\Internet Explorer
2010-09-30 15:04:06 ----D---- C:\Windows\system32\sk-SK
2010-09-30 15:04:06 ----D---- C:\Windows\system32\en-US
2010-09-30 15:04:06 ----D---- C:\Windows\system32\cs-CZ
2010-09-28 16:50:20 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-28 15:20:00 ----D---- C:\Windows\Help
2010-09-25 20:17:33 ----D---- C:\Windows\system32\wdi
2010-09-24 13:14:23 ----SD---- C:\ProgramData\Microsoft
2010-09-23 09:36:24 ----D---- C:\Windows\system32\drivers\UMDF
2010-09-23 05:39:28 ----D---- C:\Windows\debug
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Media Player
2010-09-23 05:20:02 ----D---- C:\Program Files\Windows Mail
2010-09-23 05:20:01 ----D---- C:\Windows\system32\Boot
2010-09-23 05:20:01 ----D---- C:\Windows\ehome
2010-09-23 01:57:48 ----D---- C:\Windows\Logs
2010-09-23 01:11:49 ----D---- C:\Windows\system
2010-09-22 21:45:28 ----D---- C:\Program Files\MSBuild
2010-09-22 21:45:23 ----D---- C:\Windows\ShellNew
2010-09-22 21:43:09 ----D---- C:\Program Files\Common Files\System
2010-09-22 21:43:09 ----A---- C:\Windows\win.ini
2010-09-22 21:40:04 ----RD---- C:\Users
2010-09-22 21:28:01 ----D---- C:\Windows\system32\CodeIntegrity
2010-09-22 21:26:14 ----D---- C:\Windows\system32\restore
2010-09-22 21:22:39 ----D---- C:\Windows\system32\wbem
2010-09-22 21:17:21 ----D---- C:\Windows\Setup
2010-09-22 21:16:46 ----D---- C:\Program Files\Windows NT
2010-09-22 21:13:57 ----D---- C:\Windows\system32\sysprep
2010-09-22 21:10:21 ----D---- C:\Windows\CSC
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2006-08-30 36528]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-22 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-08-26 221696]
R3 AVerA706;AVerMedia A706 BDA Service; C:\Windows\system32\DRIVERS\AVerA706.sys [2010-04-08 1223040]
R3 cmuda3;C-Media PCI Audio Interface; C:\Windows\system32\drivers\cmudax3.sys [2009-12-01 1872192]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-14 47104]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\System32\Drivers\LEqdUsb.Sys [2010-03-18 40912]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\System32\Drivers\LHidEqd.Sys [2010-03-18 10448]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2010-03-18 38864]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2010-03-18 37328]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 achg82lx;achg82lx; C:\Windows\system32\drivers\achg82lx.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-08-26 6380032]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-08-26 176128]
R2 AVerRemote;AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [2009-10-31 348160]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [2009-12-07 397312]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2010-05-06 293456]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-09-22 435016]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Re: Tool security - log
Otevrete si poznamkovy blok
- Start->spustit->notepad
- Vlozte text nize
Kód: Vybrat vše
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=-- Soubor ulozte jako oprava.reg
- Pri ukladani dejte ulozit jako typ Vsechny soubory (nastevni je uvedeno na obrazku nize)
- Zavrit notepad a spustit dvojklikem oprava.reg
- Pripadny dotaz na zmenu registru potvrdte
- Okno jen problikne a opravi regsitry - soubor muzete smazat
Jinak log vypada v poradku "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Tool security - log
Vše ok. Vám moc děkuji za rady a trpělivost a viry.cz letí do oblíbených. 
Přispějete na provoz fóra?