kontrola logu

[fiveseven]

kontrola logu problém z SUPERAntiSpyware Free Edition proces z esetu ekrn.exe zacne pracovať niekedy až na 99 percent pri kontrole program SUPERAntiSpyware Free Edition


Logfile of random's system information tool 1.08 (written by random/random)
Run by Inst at 2010-10-05 14:11:08
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 13 GB (25%) free of 50 GB
Total RAM: 1023 MB (30% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:33, on 5. 10. 2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Jozef Križan\Plocha\RSIT.exe
C:\Program Files\trend micro\Inst.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: SecureBrowsingBho Helper - {7632ABCA-B104-4fbc-9C70-419C4147061B} - C:\Program Files\Finjan Secure Browsing\bho.dll
O2 - BHO: PriceGong - {D2A2595C-4FE4-4315-AA9B-19DBD6271B71} - C:\Program Files\PriceGong\1.5.0\PriceGongIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Finjan Secure Browsing - {B99F805C-F0B1-48EA-8C8B-753BFCBED913} - C:\Program Files\Finjan Secure Browsing\bho.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Monitor] C:\WINDOWS\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [DAEMON Tools] "D:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [{5BBF8482-B77B-C376-388B-31A2001C69A9}] C:\Program Files\Bifrost\server.exe (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [{B4B5961F-D9F3-C7D8-7BC2-AB6A9413B068}] C:\Documents and Settings\Jozef Križan\Data aplikací\winupdt.exe (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [Windows Update] C:\Documents and Settings\Jozef Križan\Data aplikací\winupdt.exe (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Jozef Križan')
O4 - HKUS\S-1-5-21-299502267-1708537768-682003330-1007\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Jozef Križan')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Akcelerátor spuštění AutoCADu.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe
O9 - Extra 'Tools' menuitem: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - C:\Program Files\Active Whois\ieshow.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6806458687
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.6.0_11) -
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe

--
End of file - 7855 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7632ABCA-B104-4fbc-9C70-419C4147061B}]
SecureBrowsingBho Helper - C:\Program Files\Finjan Secure Browsing\bho.dll [2007-08-27 393848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
PriceGongCtrl Class - C:\Program Files\PriceGong\1.5.0\PriceGongIE.dll [2009-08-11 288056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B99F805C-F0B1-48EA-8C8B-753BFCBED913} - Finjan Secure Browsing - C:\Program Files\Finjan Secure Browsing\bho.dll [2007-08-27 393848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe [2004-06-29 135168]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-18 13574144]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2009-05-14 2029640]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-09-18 86016]
"Monitor"=C:\WINDOWS\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-09-10 2424560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
C:\Program Files\D-Tools\daemon.exe [2003-12-27 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
D:\Program Files\QuickTime\qttask.exe [2009-11-11 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Akcelerátor spuštění AutoCADu.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

C:\Documents and Settings\Inst\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rootrepeal.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=475
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=475
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"

======List of files/folders created in the last 1 months======

2010-10-01 19:28:20 ----A---- C:\WINDOWS\system32\drivers\SbFwIm.sys
2010-10-01 19:28:19 ----RA---- C:\WINDOWS\system32\drivers\SbFw.sys
2010-09-29 18:46:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2158563$
2010-09-21 09:21:06 ----AD---- C:\WINDOWS\rundll16.exe
2010-09-21 09:21:06 ----AD---- C:\WINDOWS\logo1_.exe
2010-09-21 09:17:57 ----A---- C:\RootRepeal report 09-21-10 (09-17-57).txt
2010-09-21 08:51:12 ----A---- C:\WINDOWS\ntbtlog.txt
2010-09-20 12:10:41 ----D---- C:\Documents and Settings\Inst\Data aplikací\SUPERAntiSpyware.com
2010-09-20 12:10:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2010-09-20 12:10:28 ----D---- C:\Program Files\SUPERAntiSpyware
2010-09-20 09:46:35 ----D---- C:\rsit
2010-09-14 19:20:26 ----D---- C:\Program Files\D-Tools
2010-09-12 11:48:14 ----A---- C:\RootRepeal report 09-12-10 (11-48-14).txt
2010-09-11 10:32:08 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2010-09-11 10:32:08 ----A---- C:\WINDOWS\REGEDIT.COM
2010-09-10 22:55:19 ----D---- C:\Program Files\PTC
2010-09-10 16:41:54 ----A---- C:\dirdat.txt
2010-09-10 15:47:25 ----SHD---- C:\RECYCLER
2010-09-10 15:46:32 ----D---- C:\Documents and Settings\Inst\Data aplikací\PriceGong
2010-09-10 15:30:19 ----RASHD---- C:\cmdcons
2010-09-10 15:27:22 ----A---- C:\WINDOWS\SWREG.exe
2010-09-10 15:27:21 ----A---- C:\WINDOWS\SWSC.exe
2010-09-10 15:27:16 ----D---- C:\ComboFix
2010-09-06 15:54:12 ----D---- C:\Documents and Settings\Inst\Data aplikací\Malwarebytes
2010-09-06 15:53:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-09-06 15:13:53 ----D---- C:\Program Files\Trend Micro

======List of files/folders modified in the last 1 months======

2010-10-05 14:11:34 ----D---- C:\WINDOWS\Temp
2010-10-05 14:10:58 ----D---- C:\WINDOWS\Prefetch
2010-10-05 14:06:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-10-05 13:56:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-04 22:05:47 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-03 10:39:40 ----D---- C:\WINDOWS\system32
2010-10-03 10:39:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-10-02 11:29:35 ----D---- C:\WINDOWS
2010-10-01 19:28:34 ----SHD---- C:\WINDOWS\Installer
2010-10-01 19:28:33 ----RD---- C:\Program Files
2010-10-01 19:28:33 ----D---- C:\WINDOWS\system32\drivers
2010-10-01 19:28:25 ----D---- C:\WINDOWS\inf
2010-09-29 19:07:30 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-20 11:58:36 ----D---- C:\Program Files\Spybot - Search & Destroy
2010-09-20 11:53:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2010-09-20 11:19:42 ----D---- C:\Program Files\CCleaner
2010-09-20 11:17:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-09-20 11:17:26 ----D---- C:\Program Files\Common Files\Apple
2010-09-20 11:16:10 ----SD---- C:\WINDOWS\Tasks
2010-09-20 11:15:45 ----A---- C:\WINDOWS\vissim.ini
2010-09-20 11:15:43 ----D---- C:\Commsim
2010-09-20 11:14:36 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-09-20 11:14:01 ----D---- C:\Program Files\Skype
2010-09-20 09:46:01 ----SHD---- C:\System Volume Information
2010-09-20 09:46:01 ----D---- C:\WINDOWS\system32\Restore
2010-09-20 08:09:51 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-20 08:04:33 ----D---- C:\WINDOWS\Debug
2010-09-20 08:04:32 ----D---- C:\WINDOWS\Minidump
2010-09-19 13:12:07 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-09-14 19:21:58 ----A---- C:\WINDOWS\system32\MRT.exe
2010-09-14 19:19:59 ----DC---- C:\WINDOWS\system32\dllcache
2010-09-14 19:19:10 ----D---- C:\WINDOWS\$hf_mig$
2010-09-14 13:56:17 ----D---- C:\Documents and Settings
2010-09-10 15:45:06 ----D---- C:\Qoobox
2010-09-10 15:42:52 ----A---- C:\WINDOWS\system.ini
2010-09-10 15:41:03 ----D---- C:\WINDOWS\system
2010-09-10 15:38:41 ----D---- C:\WINDOWS\AppPatch
2010-09-10 15:38:38 ----D---- C:\Program Files\Common Files
2010-09-10 15:30:23 ----AH---- C:\boot.ini
2010-09-07 15:33:04 ----D---- C:\WINDOWS\system32\DirectX
2010-09-07 15:32:21 ----RSD---- C:\WINDOWS\assembly
2010-09-07 15:30:47 ----D---- C:\WINDOWS\WinSxS
2010-09-06 15:44:35 ----D---- C:\Program Files\DAEMON Tools Toolbar

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 d344bus;d344bus; C:\WINDOWS\system32\DRIVERS\d344bus.sys [2003-12-27 137216]
R0 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2004-06-29 477952]
R0 iteraid;ITERAID_Service_Install; C:\WINDOWS\system32\DRIVERS\iteraid.sys [2004-07-16 24971]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-09-19 43528]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 aslm75;aslm75; \??\C:\WINDOWS\system32\drivers\aslm75.sys []
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2009-05-14 94360]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R1 SbFw;SbFw; C:\WINDOWS\system32\drivers\SbFw.sys [2008-10-31 270888]
R1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys []
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2009-05-14 114472]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2005-02-23 11776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 cmudax;C-Media High Definition Audio Interface; C:\WINDOWS\system32\drivers\cmudax.sys [2005-05-12 1287296]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-18 6132576]
R3 PAC7311;VGA USB Camera; C:\WINDOWS\system32\DRIVERS\PA707UCM.SYS [2006-11-08 530304]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport; C:\WINDOWS\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2004-10-27 223104]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-02-23 25280]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2009-06-17 12648]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
R2 IAANTMon;IAA Event Monitor; C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe [2004-06-29 73852]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-18 163908]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-25 70968]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-08-26 189672]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2009-06-27 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2009-12-29 85096]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-05-14 20680]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-03-09 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-10-09 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[motji]

Dobrý večer

Máte to zavirované, takže to nejdřív vyčistíme a pak se uvidí . Vidím to spíš na konflikt NOdu a SAS.


Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix

[fiveseven]

ComboFix 10-10-05.04 - Inst . 10. 2010 14:48:03.3.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.666 [GMT 2:00]
Spuštěný z: c:\documents and settings\Inst\Dokumenty\Preberanie\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Inst\Data aplikací\PriceGong
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Inst\Data aplikací\PriceGong\Data\z.xml
c:\documents and settings\Jozef Križan\Data aplikací\PriceGong
c:\documents and settings\Jozef Križan\Data aplikací\PriceGong\Data\mru.xml
c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-09-06 do 2010-10-06 )))))))))))))))))))))))))))))))
.

2010-10-01 17:28 . 2008-06-21 02:54 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-10-01 17:28 . 2008-10-31 05:09 270888 ----a-w- c:\windows\system32\drivers\SbFw.sys
2010-09-21 07:21 . 2010-09-21 07:23 8787289 ----a-w- c:\windows\REGBK03.ZIP
2010-09-21 07:21 . 2010-09-21 07:21 -------- d---a-w- c:\windows\rundll16.exe
2010-09-21 07:21 . 2010-09-21 07:21 -------- d---a-w- c:\windows\logo1_.exe
2010-09-20 12:48 . 2010-10-05 11:55 63488 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-09-20 12:48 . 2010-09-20 12:48 52224 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-09-20 12:48 . 2010-10-05 11:55 117760 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-20 10:11 . 2010-09-20 10:11 63488 ----a-w- c:\documents and settings\Inst\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-09-20 10:11 . 2010-09-20 10:11 52224 ----a-w- c:\documents and settings\Inst\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-09-20 10:11 . 2010-09-20 10:11 117760 ----a-w- c:\documents and settings\Inst\Data aplikací\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-09-20 10:10 . 2010-09-20 10:11 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-09-20 07:46 . 2010-09-20 07:46 -------- d-----w- C:\rsit
2010-09-14 17:20 . 2010-09-14 17:20 -------- d-----w- c:\program files\D-Tools
2010-09-12 16:28 . 2010-09-12 16:30 8958475 ----a-w- c:\windows\REGBK02.ZIP
2010-09-12 10:30 . 2010-09-12 10:30 -------- d-----w- c:\documents and settings\Inst\DoctorWeb
2010-09-10 20:55 . 2010-09-10 20:55 -------- d-----w- c:\program files\PTC
2010-09-06 13:13 . 2010-09-06 13:13 388096 ----a-r- c:\documents and settings\Inst\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-09-06 13:13 . 2010-10-05 12:11 -------- d-----w- c:\program files\Trend Micro

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-03 08:39 . 2006-03-02 12:00 91160 ----a-w- c:\windows\system32\perfc005.dat
2010-10-03 08:39 . 2006-03-02 12:00 459078 ----a-w- c:\windows\system32\perfh005.dat
2010-09-29 17:07 . 2008-07-23 12:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-20 09:58 . 2008-07-23 07:44 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-09-20 09:19 . 2010-01-07 17:07 -------- d-----w- c:\program files\CCleaner
2010-09-20 09:17 . 2009-09-19 18:01 -------- d-----w- c:\program files\Common Files\Apple
2010-09-20 09:14 . 2010-02-16 11:16 -------- d-----w- c:\program files\Skype
2010-09-19 11:12 . 2010-02-16 10:51 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-09-19 11:11 . 2010-02-16 10:51 53632 ----a-w- c:\documents and settings\Default User\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-19 11:11 . 2010-02-16 10:51 53632 ----a-w- c:\documents and settings\Default User\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-09-06 13:44 . 2009-03-26 12:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-09-05 13:40 . 2008-07-23 07:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-05 13:40 . 2009-09-04 16:34 -------- d-----w- c:\program files\Image-Line
2010-09-05 13:38 . 2009-09-04 16:36 -------- d-----w- c:\program files\VstPlugins
2010-09-05 13:27 . 2009-12-20 10:53 -------- d-----w- c:\program files\ICQ Status Checker
2010-09-01 06:49 . 2010-08-17 18:20 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL
2010-08-30 18:36 . 2010-08-30 18:36 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-30 18:36 . 2010-03-22 14:11 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-26 19:36 . 2010-08-25 10:46 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-25 10:46 . 2010-08-25 10:46 70968 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-08-17 18:23 . 2010-08-17 18:23 -------- d-----w- c:\program files\Team17
2010-08-17 13:17 . 2006-03-02 12:00 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-08 18:14 . 2010-08-08 18:14 371272 ----a-r- c:\documents and settings\Jozef Križan\Data aplikací\Microsoft\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
2010-08-05 08:55 . 2010-08-05 08:54 8504352 ----a-w- c:\windows\REGBK01.ZIP
2010-08-03 16:25 . 2010-08-03 16:25 503808 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-106ebf52-n\msvcp71.dll
2010-08-03 16:25 . 2010-08-03 16:25 499712 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-106ebf52-n\jmc.dll
2010-08-03 16:25 . 2010-08-03 16:25 348160 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-106ebf52-n\msvcr71.dll
2010-08-03 16:25 . 2010-08-03 16:25 61440 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3a2ec003-n\decora-sse.dll
2010-08-03 16:25 . 2010-08-03 16:25 12800 ----a-w- c:\documents and settings\Jozef Križan\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-3a2ec003-n\decora-d3d.dll
2010-08-03 13:04 . 2010-08-03 13:04 503808 ----a-w- c:\documents and settings\Inst\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-66553067-n\msvcp71.dll
2010-08-03 13:04 . 2010-08-03 13:04 499712 ----a-w- c:\documents and settings\Inst\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-66553067-n\jmc.dll
2010-08-03 13:04 . 2010-08-03 13:04 348160 ----a-w- c:\documents and settings\Inst\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-66553067-n\msvcr71.dll
2010-08-03 13:04 . 2010-08-03 13:04 61440 ----a-w- c:\documents and settings\Inst\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2a050a8c-n\decora-sse.dll
2010-08-03 13:04 . 2010-08-03 13:04 12800 ----a-w- c:\documents and settings\Inst\Data aplikací\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2a050a8c-n\decora-d3d.dll
2010-07-22 15:46 . 2006-03-02 12:00 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-15 15:43 . 2010-09-14 11:56 53632 ----a-w- c:\documents and settings\Administrator.KRIZAN\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-07-15 15:43 . 2010-07-15 15:44 53632 ----a-w- c:\documents and settings\Inst\Data aplikací\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
.

((((((((((((((((((((((((((((( SnapShot_2010-09-10_13.42.52 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-06 12:46 . 2010-10-06 12:46 16384 c:\windows\Temp\Perflib_Perfdata_1dc.dat
+ 2008-04-14 03:22 . 2010-06-21 14:46 46080 c:\windows\system32\tzchange.exe
- 2008-04-14 03:22 . 2010-04-21 13:28 46080 c:\windows\system32\tzchange.exe
+ 2006-03-02 12:00 . 2010-10-03 08:39 71630 c:\windows\system32\perfc009.dat
+ 2010-08-17 13:17 . 2010-08-17 13:17 58880 c:\windows\system32\dllcache\spoolsv.exe
+ 2010-09-19 11:12 . 2010-09-19 11:12 28160 c:\windows\Installer\f2a6d.msi
+ 2008-07-23 12:10 . 2010-09-14 17:21 23040 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 23040 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\unbndico.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 27136 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 27136 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 11264 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 11264 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 12288 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 12288 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 23040 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\unbndico.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 61440 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pubs.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 27136 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\oisicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 11264 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\mspicons.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 86016 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\inficon.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 12288 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\cagicon.exe
- 2010-06-04 18:01 . 2010-09-02 18:01 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-04 18:01 . 2010-09-29 16:47 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2008-07-23 12:10 . 2010-09-14 17:21 4096 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 4096 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 4096 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\opwicon.exe
- 2006-03-02 12:00 . 2008-04-14 03:22 293376 c:\windows\system32\winsrv.dll
+ 2006-03-02 12:00 . 2010-06-18 17:47 293376 c:\windows\system32\winsrv.dll
+ 2006-03-02 12:00 . 2010-04-16 15:38 406016 c:\windows\system32\usp10.dll
- 2006-03-02 12:00 . 2008-04-14 03:22 406016 c:\windows\system32\usp10.dll
+ 2006-03-02 12:00 . 2010-10-03 08:39 441694 c:\windows\system32\perfh009.dat
- 2006-10-18 19:47 . 2006-10-18 19:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 19:47 . 2010-03-30 10:24 317440 c:\windows\system32\mp4sdecd.dll
+ 2010-10-01 06:56 . 2010-10-01 06:56 232912 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe
+ 2010-10-01 06:56 . 2010-10-01 06:56 311760 c:\windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.dll
+ 2010-09-11 07:33 . 2010-09-11 07:33 232912 c:\windows\system32\Macromed\Flash\FlashUtil10i_Plugin.exe
+ 2008-07-23 07:33 . 2010-06-09 07:45 692736 c:\windows\system32\inetcomm.dll
+ 2010-06-18 17:47 . 2010-06-18 17:47 293376 c:\windows\system32\dllcache\winsrv.dll
+ 2010-04-16 15:38 . 2010-04-16 15:38 406016 c:\windows\system32\dllcache\usp10.dll
+ 2009-04-15 14:54 . 2010-07-22 15:46 590848 c:\windows\system32\dllcache\rpcrt4.dll
+ 2010-03-30 10:24 . 2010-03-30 10:24 317440 c:\windows\system32\dllcache\mp4sdecd.dll
+ 2009-03-26 09:21 . 2010-06-09 07:45 692736 c:\windows\system32\dllcache\inetcomm.dll
- 2008-07-23 12:10 . 2010-08-11 20:16 409600 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 409600 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 286720 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 286720 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 794624 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 794624 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2008-07-23 12:10 . 2010-08-11 20:16 135168 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2008-07-23 12:10 . 2010-09-14 17:21 135168 c:\windows\Installer\{9113041B-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 409600 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\xlicons.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 286720 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\wordicon.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 249856 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\pptico.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 794624 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\outicon.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 135168 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\misc.exe
+ 2009-04-06 16:11 . 2010-09-14 17:21 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
- 2009-04-06 16:11 . 2010-08-11 20:16 593920 c:\windows\Installer\{90110405-6000-11D3-8CFE-0150048383C9}\accicons.exe
+ 2010-01-27 01:07 . 2010-09-11 07:33 5969360 c:\windows\system32\Macromed\Flash\NPSWF32.dll
- 2008-07-23 09:17 . 2010-08-11 20:24 1512720 c:\windows\system32\FNTCACHE.DAT
+ 2008-07-23 09:17 . 2010-09-20 09:25 1512720 c:\windows\system32\FNTCACHE.DAT
+ 2010-08-05 11:39 . 2010-08-05 11:39 4031488 c:\windows\Installer\d5871.msp
+ 2010-08-05 09:31 . 2010-08-05 09:31 4040704 c:\windows\Installer\d5860.msp
+ 2010-08-25 15:06 . 2010-08-25 15:06 6479360 c:\windows\Installer\d5838.msp
+ 2010-08-20 11:50 . 2010-08-20 11:50 5518848 c:\windows\Installer\d5817.msp
+ 2010-09-10 20:55 . 2010-09-10 20:55 3127296 c:\windows\Installer\17e4631.msi
+ 2008-07-23 11:23 . 2010-09-14 17:21 35552200 c:\windows\system32\MRT.exe
+ 2010-09-29 16:46 . 2010-09-29 16:46 20303872 c:\windows\Installer\125e680.msp
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}]
2009-08-10 22:55 288056 ----a-w- c:\program files\PriceGong\1.5.0\PriceGongIE.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-09-10 2424560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Application Accelerator\iaanotif.exe" [2004-06-29 135168]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-17 86016]
"Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Inst\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Akceler tor spuçtŘnˇ AutoCADu.lnk - c:\program files\Common Files\Autodesk Shared\acstart16.exe [2004-2-25 10872]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rootrepeal.sys]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools-1033]
2003-12-27 19:43 81920 ----a-w- c:\program files\D-Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-09-17 22:55 1657376 ----a-w- c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-11-10 22:08 417792 ----a-w- d:\program files\QuickTime\QTTask.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ICQ"="c:\program files\ICQ7.0\ICQ.exe" silent loginmode=4
"Skype"="c:\program files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="d:\program files\QuickTime\QTTask.exe" -atboottime

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R0 d344bus;d344bus;c:\windows\system32\drivers\d344bus.sys [25. 2. 2010 17:31 137216]
R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [19. 7. 2004 16:47 24971]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [14. 5. 2009 16:47 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [14. 5. 2009 16:49 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17. 2. 2010 20:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10. 5. 2010 20:41 67656]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [1. 10. 2010 19:28 270888]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [9. 3. 2010 16:15 93360]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14. 5. 2009 16:47 731840]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [12. 5. 2005 14:39 1287296]
R3 PAC7311;VGA USB Camera;c:\windows\system32\drivers\PA707UCM.SYS [18. 10. 2005 11:48 530304]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [1. 10. 2010 19:28 65576]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [17. 6. 2009 14:20 12648]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
.
------- Doplňkový sken -------
.
uDefault_Search_URL = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - c:\program files\Active Whois\ieshow.exe
FF - ProfilePath - c:\documents and settings\Inst\Data aplikací\Mozilla\Firefox\Profiles\rki3v69m.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: d:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin2.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin3.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin4.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin5.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin6.dll
FF - plugin: d:\program files\QuickTime\Plugins\npqtplugin7.dll

---- NASTAVENÍ FIREFOXU ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-SpybotSD TeaTimer - d:\program files\Spybot - Search & Destroy\TeaTimer.exe



Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x86C023F0]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf76d3f28
\Driver\ACPI -> ACPI.sys @ 0xf7604cb8
\Driver\atapi -> 0x86c023f0
\Driver\iaStor -> iaStor.sys @ 0xf7553aa8
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805e710a
ParseProcedure -> ntoskrnl.exe @ 0x80578f7a
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805e710a
ParseProcedure -> ntoskrnl.exe @ 0x80578f7a
NDIS: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller -> SendCompleteHandler -> NDIS.sys @ 0xf7428bb0
PacketIndicateHandler -> NDIS.sys @ 0xf7435a21
SendHandler -> NDIS.sys @ 0xf741387b
Warning: possible MBR rootkit infection !
user & kernel MBR OK

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,ae,1a,ba,2d,ac,bd,4d,93,1d,8d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7b,ae,1a,ba,2d,ac,bd,4d,93,1d,8d,\

[HKEY_USERS\S-1-5-21-299502267-1708537768-682003330-1005\Software\SecuROM\License information*]
"datasecu"=hex:30,89,a2,aa,93,5d,1d,94,74,54,be,16,f5,56,2a,30,ce,65,5a,e1,c9,
6e,bc,83,52,17,67,8d,c4,2f,f5,f4,57,97,20,d0,67,a8,4d,19,66,a9,22,55,bf,44,\
"rkeysecu"=hex:4b,88,54,1a,36,c5,e0,e9,b1,e0,2c,6d,2b,9a,c5,8e

[HKEY_LOCAL_MACHINE\software\ASUS\ASUS Probe\2.24.03]
@DACL=(02 0000)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1008)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Celkový čas: 2010-10-06 14:56:44
ComboFix-quarantined-files.txt 2010-10-06 12:56
ComboFix2.txt 2010-02-09 14:41

Před spuštěním: Volných bajtů: 13 043 175 424
Po spuštění: Volných bajtů: 13 919 674 368

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0CF860E51AECC11330CD055B69D6446E

[motji]

Otestujte na www.virustotal.com
c:\windows\system32\KMVIDC32.DLL

[fiveseven]

nič sa nenašlo

[motji]

Jak to teď vypadá s počítačem?
Ještě si něco ověřím


odinstalujte všechny virtuální jednotky (Daemon nebo alcohol)

Stáhněte SPTD http://www.duplexsecure.com/en/downloads
-vyberte verzi podle svého operačního systému. SPTD for Windows (32 bit) nebo (64b)
-uložte na plochu a spusťte
- zvolte možnost Uninstall
- restart PC


Stahněte http://www.jpshortstuff.247fixes.com/Defogger.exe
- spustte,
- potvrdte disabled
-log vložte zde



Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, kliknete na Save a tím si uložíte log,který sem vložíte

-Podle návodu v odkazu proveďte druhý sken a log sem také vložte.

stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu


start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

[fiveseven]

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:07 on 07/10/2010 (Inst)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-

[fiveseven]

DDS (Ver_10-10-05.01) - NTFSx86
Run by Jozef Kri§an at 12:36:08,82 on so 09. 10. 2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_20
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1023.363 [GMT 2:00]

AV: ESET NOD32 Antivirus 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

============== Running Processes ===============

svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\PixArt\PAC7311\Monitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
D:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Jozef Križan\Plocha\dds.com

============== Pseudo HJT Report ===============

uStart Page = about:blank
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = local
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: SecureBrowsingBho Helper: {7632abca-b104-4fbc-9c70-419c4147061b} - c:\program files\finjan secure browsing\bho.dll
BHO: PriceGongCtrl Class: {d2a2595c-4fe4-4315-aa9b-19dbd6271b71} - c:\program files\pricegong\1.5.0\PriceGongIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Finjan Secure Browsing: {b99f805c-f0b1-48ea-8c8b-753bfcbed913} - c:\program files\finjan secure browsing\bho.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: &Zdroje informací: {ff059e31-cc5a-4e2e-bf3b-96e929d65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [IAAnotif] c:\program files\intel\intel application accelerator\iaanotif.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Monitor] c:\windows\pixart\pac7311\Monitor.exe
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\akcele~1.lnk - c:\program files\common files\autodesk shared\acstart16.exe
StartupFolder: c:\docume~1\alluse~1\nabdka~1\programy\posput~1\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
IE: Download all by Rapidown... - c:\documents and settings\jozef križan\local settings\temp\rar$ex00.094\rapidown\rapidown\rapidownGetAll.htm
IE: Download by Rapidown... - c:\documents and settings\jozef križan\local settings\temp\rar$ex00.094\rapidown\rapidown\rapidownGet.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Translate with &Babylon - d:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Translate.htm
IE: {88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\icq7.0\ICQ.exe
IE: {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - c:\program files\active whois\ieshow.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdat ... 6806458687
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\docume~1\jozefk~1\locals~1\dataap~1\skype\shared\SKYPE4~1.DLL
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\jozefk~1\dataap~1\mozilla\firefox\profiles\zrvhmah9.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q=
FF - component: c:\documents and settings\jozef križan\data aplikací\mozilla\firefox\profiles\zrvhmah9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\jozef križan\data aplikací\mozilla\firefox\profiles\zrvhmah9.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: d:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin4.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin5.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin6.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin7.dll
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - d:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
d:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.default.XMLHttpRequest.channel", "noAccess");
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.jit.chrome", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("security.checkloaduri", true);
d:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");

============= SERVICES / DRIVERS ===============

R0 iteraid;ITERAID_Service_Install;c:\windows\system32\drivers\iteraid.sys [2004-7-19 24971]
R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [2010-10-9 12960]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-5-14 107256]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-5-14 94360]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2010-10-1 270888]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2010-3-9 93360]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-5-14 731840]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2005-5-12 1287296]
R3 PAC7311;VGA USB Camera;c:\windows\system32\drivers\PA707UCM.SYS [2005-10-18 530304]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2010-10-1 65576]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2009-6-17 12648]

============== File Associations ===============

.scr=AutoCADScriptFile

=============== Created Last 30 ================

2010-10-09 09:21:23 -------- d-----w- c:\program files\common files\BitDefender
2010-10-09 09:21:23 -------- d-----w- c:\docume~1\alluse~1\dataap~1\BitDefender
2010-10-09 09:17:20 253072 ----a-w- c:\windows\system32\drivers\Trufos.sys
2010-10-09 09:17:17 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys
2010-10-09 09:17:16 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys
2010-10-09 09:04:54 33586 ----a-w- c:\docume~1\alluse~1\dataap~1\bdinstall.bin
2010-10-09 08:11:23 -------- d-----w- C:\SPAC Start 2008
2010-10-09 08:06:49 -------- d-----w- c:\docume~1\jozefk~1\dataap~1\SdProget
2010-10-09 08:01:59 813568 ----a-w- c:\windows\system32\cmdw12.dll
2010-10-09 08:01:59 4375552 ----a-w- c:\windows\system32\cmll12.dll
2010-10-09 08:01:59 2216448 ----a-w- c:\windows\system32\cmct12.dll
2010-10-09 08:01:59 1456128 ----a-w- c:\windows\system32\cmbr12.dll
2010-10-09 08:01:51 260880 ----a-w- c:\windows\system32\msflxgrd.ocx
2010-10-09 08:00:56 -------- d-----w- c:\program files\SPAC Start 2008
2010-10-09 08:00:55 344064 ----a-w- c:\windows\system32\msexch35.dll
2010-10-09 08:00:55 294912 ----a-w- c:\windows\system32\msxbse35.dll
2010-10-09 08:00:55 166672 ----a-w- c:\windows\system32\mstext35.dll
2010-10-09 08:00:54 44304 ----a-w- c:\windows\system32\msrpfs35.dll
2010-10-09 08:00:54 39424 ----a-w- c:\windows\system32\JETCOMP.exe
2010-10-09 08:00:54 252688 ----a-w- c:\windows\system32\msexcl35.dll
2010-10-09 08:00:54 250128 ----a-w- c:\windows\system32\mspdox35.dll
2010-10-09 08:00:54 168720 ----a-w- c:\windows\system32\msltus35.dll
2010-10-09 08:00:54 1238288 ----a-w- c:\windows\system32\msjt4jlt.dll
2010-10-09 07:59:49 -------- d-----w- c:\docume~1\alluse~1\dataap~1\SDProget
2010-10-09 05:45:03 -------- d-----w- c:\docume~1\jozefk~1\dataap~1\PriceGong
2010-10-07 15:03:15 436792 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-01 17:28:20 65576 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2010-10-01 17:28:19 270888 ----a-w- c:\windows\system32\drivers\SbFw.sys
2010-09-21 07:21:17 8787289 ----a-w- c:\windows\REGBK03.ZIP
2010-09-21 07:21:06 -------- d---a-w- c:\windows\rundll16.exe
2010-09-21 07:21:06 -------- d---a-w- c:\windows\logo1_.exe
2010-09-20 10:28:52 -------- d-----w- c:\docume~1\jozefk~1\dataap~1\SUPERAntiSpyware.com
2010-09-20 10:10:41 -------- d-----w- c:\docume~1\alluse~1\dataap~1\SUPERAntiSpyware.com
2010-09-20 10:10:28 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-09-20 07:57:49 -------- d--h--r- c:\documents and settings\jozef križan\Recent
2010-09-14 18:01:08 736 ----a-r- c:\windows\system32\drivers\etc\hosts.20100914-200108.backup
2010-09-12 16:28:30 8958475 ----a-w- c:\windows\REGBK02.ZIP
2010-09-11 10:57:44 27 ----a-w- c:\windows\system32\drivers\etc\hosts.20100911-125744.backup
2010-09-10 20:55:19 -------- d-----w- c:\program files\PTC
2010-09-10 13:30:19 -------- d-sha-r- C:\cmdcons
2010-09-10 13:27:22 161792 ----a-w- c:\windows\SWREG.exe

==================== Find3M ====================

2010-09-01 06:49:52 47104 ----a-w- c:\windows\system32\KMVIDC32.DLL
2010-08-26 19:36:44 189672 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-25 10:46:12 70968 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-07-22 15:46:07 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 06:19:05 5632 ----a-w- c:\windows\system32\xpsp4res.dll

============= FINISH: 12:37:31,25 ===============

[fiveseven]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-10-05.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 26. 3. 2009 10:10:26
System Uptime: 10. 9. 2010 11:51:11 (697 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5AD2-E-Deluxe
Processor: Intel(R) Pentium(R) 4 CPU 3.20GHz | Socket 775 | 3211/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 49 GiB total, 11,023 GiB free.
D: is FIXED (NTFS) - 231 GiB total, 66,954 GiB free.
E: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

18 WoS Across America
Acrobat.com
Active Whois 3.1
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge 1.0
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Common File Installer
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Manager
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Center 1.0
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe Media Player
Adobe PDF Library Files
Adobe Photoshop CS2
Adobe Photoshop CS3
Adobe Reader 9.3.4 - Slovak
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos 1.0
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Aktualizace systému Windows Internet Explorer 8 (KB971180)
Aktualizace systému Windows Internet Explorer 8 (KB975364)
Aktualizace systému Windows Internet Explorer 8 (KB976662)
Aktualizace systému Windows Internet Explorer 8 (KB976749)
Aktualizace systému Windows Internet Explorer 8 (KB978506)
Aktualizace systému Windows Internet Explorer 8 (KB980182)
Aktualizace systému Windows Internet Explorer 8 (KB980302)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB938127-v2)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB956390)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB961260)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB963027)
Aktualizace zabezpečení systému Windows Internet Explorer 7 (KB969897)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2183461)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB969897)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB972260)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB974455)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB976325)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB978207)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB982381)
Aktualizace zabezpečení systému Windows XP (KB923789)
Apple Application Support
ArcSoft VideoImpression 2
ASUS Probe V2.24.03
AutoCAD 2005 - Český
AutoCAD 2009 - český
Autodesk DWF Viewer
Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
AutoUpdate
Balík Compatibility Pack pre systém Office 2007
Balíček zprostředkovatele služby Microsoft Base Smart Card Cryptographic Service
Bonjour
BS.Player PRO
C-Media High Definition Audio Driver
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CCleaner
Civil War - Secret Missions
Command & Conquer™ Red Alert™ 3
Counter-Strike 1.6
DAO 3.5
Defraggler
Diablo
DivX Converter
DivX Player
DivX Web Player
Download Divx Subtitles v2.0
DRAWings X3
EAX Unified
ESET NOD32 Antivirus
Far Manager v1.70
Finjan Secure Browsing
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB976002-v5)
HyperSnap 6
ICQ7
Intel Application Accelerator
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
K-Lite Mega Codec Pack 4.4.5
Kronika 2. sv. války
Kronika 2. sv. války (d:\Program Files\K2SVV\)
Marvell Miniport Driver
Men of War (Remove Only)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Czech Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - CSY
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - CSY
Microsoft .NET Framework 3.0 Czech Language Pack
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - CSY
Microsoft .NET Framework 3.5 Language Pack SP1 - csy
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Games for Windows - LIVE Redistributable
Microsoft Choice Guard
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Basic Edition 2003
Microsoft Office Live Add-in 1.4
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mission Pack
Mozilla Firefox (3.0.8)
Mozilla Firefox (3.6.10)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
Multisim 7
Need for Speed™ SHIFT
Need for Speed™ Undercover
Nero 7 Premium
neroxml
NHL 2004
NVIDIA Drivers
NVIDIA PhysX
Odovzdávací nástroj lokality Windows Live
Oprava Hotfix systému Windows XP (KB2158563)
PDF Settings
PhotoImpression
Polda V
PriceGong 1.5.0
PSPad editor
PTC ProDESKTOP 2000i2
QuickTime
Secunia PSI
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Segoe UI
SimCity 3000
Skype™ 4.2
SPAC Start 2008 (C:\Program Files\SPAC Start 2008) (CZ)
Sqirlz Morph
Star Wars Battlefront II
Star Wars Empire at War
Star Wars(R) Knights of the Old Republic(R) II: The Sith Lords(TM)
StarCraft
STARWARS: The Battle of Endor version 2.1
STARWARS: The Battle of Yavin version 1.1
SUPERAntiSpyware
The Sims 2
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VBA (2627.01)
Velvet Assassin
VGA USB Camera
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 0.9.8a
Vuze
WebFldrs XP
Windows Communication Foundation Language Pack - CSY
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows Presentation Foundation Language Pack (CSY)
Windows Workflow Foundation CS Language Pack
Windows XP Service Pack 3
WinRAR archiver
Worms2
XML Paper Specification Shared Components Language Pack 1.0
XML Paper Specification Shared Components Pack 1.0
Xpand Rally Xtreme

==== End Of File ===========================

[motji]

ale já po Vás nechtěla DDS, ale Gmer . DDS je něco jako Rsit, Gmer je antirootkit, každý program je na uplně něco jiného