MÁM PROBLÉM SE ZVUKEM VE WINDOWS 7 ASI VIR POMOCCCC!!!!!!!!!

[mys2005]

miýslím že to zavinil vir!!!!!!!! prosím o napovědu našel jsem si na netu že se to ma zapínat ve službách tam jsme najel a je to opravdu tim!!!!! ale kdyz se pokusim zapnout sluzbu se zvukem nahodí mi to chybu 1053 službu nelze zapnout prosím o radu jak zase sprovoznit zvuk mam windows 7 ultimate cz 64bit verzi. pls všechny moje pokusy selhali!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! a to počítačum dost rozumim!!!!!!!!!!!!!!

[motji]

Dobrý večer
Začněte tím, že vložíte log ze rsitu, viz můj podpis

[mys2005]

gele trochu pomaleji zase tak dobře počítačúm nerozumím co mam udelat trochu podrobneji diky moc CESTA!!!

[motji]

V mém podpise máte odkaz na Rsit, klikněte na něj.
Rsit stahnete,nainstalujte, spustíte. Objeví se Vám dva logy, oba sem zkopírujete


stáhněte MBR
http://www2.gmer.net/mbr/mbr.exe
-uložte ho na plochu


start-spustit
do okénka zkopírujte

Kód: Vybrat vše

"%userprofile%\plocha\mbr" -t

ok

vytvoří se log s názvem mbr.log, vložte ho zde

[mys2005]

Logfile of random's system information tool 1.08 (written by random/random)
Run by David at 2010-12-17 16:25:52
Microsoft Windows 7 Ultimate
System drive C: has 204 GB (86%) free of 238 GB
Total RAM: 1984 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:26:16, on 17.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\David\AppData\Local\Temp\Hwh.exe
O4 - HKCU\..\Run: [lsass.exe] C:\Windows\lsass.exe
O4 - HKCU\..\Run: [winlogo.exe] C:\Users\David\AppData\Local\Temp\winlogo.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: rawr.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - net.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8219 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\David\AppData\Local\Temp\winlogo.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2860.7dda440.616398770 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2860 plugin \\.\pipe\gecko-crash-server-pipe.2860
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\David\Desktop\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-09-11 2716216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"JP595IR86O"=C:\Users\David\AppData\Local\Temp\Hwh.exe []
"lsass.exe"=C:\Windows\lsass.exe []
"winlogo.exe"=C:\Users\David\AppData\Local\Temp\winlogo.exe [2010-12-14 133157]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files (x86)\ESET\MiNODLogin\MiNODLogin.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
rawr.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-17 16:25:52 ----D---- C:\rsit
2010-12-17 16:25:52 ----D---- C:\Program Files\trend micro
2010-12-16 16:14:34 ----A---- C:\Windows\RtlExUpd.dll
2010-12-16 16:12:47 ----A---- C:\Windows\DIFxAPI.dll
2010-12-16 16:12:22 ----A---- C:\Windows\HideWin.exe
2010-12-16 05:43:58 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-16 05:43:58 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\schtasks.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 05:43:57 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-16 05:43:57 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-16 05:43:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-16 05:43:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-16 05:43:56 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 05:43:56 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 05:43:56 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 05:43:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-16 05:43:51 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 05:43:46 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 05:43:46 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 05:43:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-16 05:43:45 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 05:43:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 05:43:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-16 05:43:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-16 05:43:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-16 05:43:41 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 05:43:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-16 05:43:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-16 05:43:40 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 05:43:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 05:43:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 05:43:36 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-16 05:43:36 ----A---- C:\Windows\system32\webio.dll
2010-12-16 05:43:08 ----A---- C:\Windows\system32\consent.exe
2010-12-14 18:32:54 ----D---- C:\Users\David\AppData\Roaming\Dev-Cpp
2010-12-14 18:06:34 ----D---- C:\Dev-Cpp
2010-12-12 11:02:49 ----D---- C:\Program Files (x86)\Cenega Czech
2010-12-11 16:37:55 ----D---- C:\Program Files\Zrychleni Pocitace
2010-12-09 16:38:49 ----A---- C:\Users\David\AppData\Roaming\adgs.bat
2010-12-09 16:35:53 ----D---- C:\Program Files (x86)\izySoft
2010-12-08 20:55:33 ----D---- C:\Program Files\ESET
2010-12-08 19:58:10 ----A---- C:\Windows\SYSWOW64\HMIPCore.dll
2010-12-06 20:10:38 ----D---- C:\Program Files (x86)\Google
2010-12-06 18:41:38 ----D---- C:\Program Files (x86)\Stardock
2010-12-06 16:37:26 ----A---- C:\Windows\ODBC.INI
2010-12-06 16:36:10 ----D---- C:\Windows\Msagent
2010-12-06 16:36:06 ----D---- C:\Program Files (x86)\Microsoft Office
2010-12-05 18:31:37 ----D---- C:\Program Files (x86)\CommViewWiFi
2010-12-05 18:02:19 ----D---- C:\ProgramData\TamoSoft
2010-12-05 18:02:08 ----D---- C:\Program Files (x86)\CommView
2010-12-05 17:10:03 ----D---- C:\ProgramData\NVIDIA
2010-12-05 16:27:39 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-05 16:26:45 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-05 16:26:45 ----A---- C:\Windows\system32\cohelper.dll
2010-12-05 16:26:35 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-12-05 15:14:07 ----SHD---- C:\Windows\ftpcache
2010-12-04 17:02:26 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2010-12-04 17:01:40 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-12-04 17:01:25 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-12-04 17:01:16 ----D---- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2010-12-04 17:01:14 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-12-04 15:56:01 ----D---- C:\ProgramData\Apple Computer
2010-12-04 15:56:01 ----D---- C:\Program Files (x86)\QuickTime
2010-12-04 15:55:23 ----D---- C:\ProgramData\Apple
2010-12-04 15:55:23 ----D---- C:\Program Files (x86)\Apple Software Update
2010-12-03 15:41:19 ----D---- C:\ProgramData\Adobe
2010-12-03 15:41:11 ----D---- C:\Program Files (x86)\Adobe
2010-12-02 20:21:10 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-02 18:23:49 ----A---- C:\Windows\system32\uxtheme.dll.backup
2010-12-02 18:23:47 ----A---- C:\Windows\system32\themeui.dll.backup
2010-12-02 18:23:45 ----A---- C:\Windows\system32\themeservice.dll.backup
2010-12-02 18:01:22 ----D---- C:\Users\David\AppData\Roaming\Nero
2010-12-02 17:56:00 ----D---- C:\ProgramData\Nero
2010-12-02 17:55:13 ----D---- C:\Program Files (x86)\Nero
2010-12-02 17:42:26 ----D---- C:\Program Files (x86)\Ask.com
2010-12-02 17:42:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-12-02 17:41:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-12-02 17:41:13 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-12-02 17:40:52 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-12-02 17:40:30 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-12-02 17:40:08 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-12-02 17:39:47 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-12-02 17:21:35 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-12-02 17:21:35 ----A---- C:\Windows\system32\rtutils.dll
2010-12-02 17:21:28 ----A---- C:\Windows\system32\spoolsv.exe
2010-12-02 17:21:06 ----D---- C:\Users\David\AppData\Roaming\Macromedia
2010-12-02 17:21:06 ----D---- C:\Users\David\AppData\Roaming\Adobe
2010-12-02 17:14:21 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2010-12-02 17:14:20 ----D---- C:\ProgramData\ICQ
2010-12-02 17:13:48 ----D---- C:\Program Files (x86)\The KMPlayer
2010-12-02 17:13:27 ----D---- C:\Users\David\AppData\Roaming\ICQ
2010-12-02 17:13:22 ----D---- C:\Program Files (x86)\ICQ7.2
2010-12-02 17:09:16 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2010-12-02 17:08:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-02 17:07:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-12-02 17:07:36 ----A---- C:\Windows\system32\msv1_0.dll
2010-12-02 17:07:28 ----D---- C:\ProgramData\CentrumczToolbar
2010-12-02 17:07:26 ----D---- C:\Program Files (x86)\CentrumczToolbar
2010-12-02 17:07:10 ----D---- C:\Windows\SYSWOW64\Macromed
2010-12-02 17:04:25 ----N---- C:\Windows\system32\MpSigStub.exe
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\PresentationHost.exe
2010-12-02 17:01:47 ----A---- C:\Windows\system32\netfxperf.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\mscoree.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\dfshim.dll
2010-12-02 17:01:24 ----A---- C:\Windows\system32\browserchoice.exe
2010-12-02 16:57:35 ----A---- C:\Windows\system32\MRT.exe
2010-12-02 16:56:06 ----D---- C:\ProgramData\Sun
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-12-02 16:55:46 ----D---- C:\Program Files (x86)\Java
2010-12-02 16:55:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-02 16:54:24 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-12-02 16:54:24 ----A---- C:\Windows\system32\CertEnroll.dll
2010-12-02 16:53:39 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-12-02 16:53:39 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-02 16:53:38 ----A---- C:\Windows\system32\psisdecd.dll
2010-12-02 16:53:38 ----A---- C:\Windows\system32\msdri.dll
2010-12-02 16:53:37 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-12-02 16:53:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-12-02 16:53:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-12-02 16:53:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-12-02 16:53:31 ----A---- C:\Windows\system32\inetcomm.dll
2010-12-02 16:53:30 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-12-02 16:53:25 ----A---- C:\Windows\system32\ole32.dll
2010-12-02 16:53:24 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-12-02 16:53:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-12-02 16:53:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-12-02 16:53:22 ----A---- C:\Windows\system32\ntdll.dll
2010-12-02 16:53:19 ----A---- C:\Windows\system32\shell32.dll
2010-12-02 16:53:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-12-02 16:53:12 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-12-02 16:53:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-12-02 16:53:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-12-02 16:53:11 ----A---- C:\Windows\system32\schannel.dll
2010-12-02 16:53:03 ----A---- C:\Windows\system32\lsasrv.dll
2010-12-02 16:53:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-12-02 16:53:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-12-02 16:53:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-12-02 16:52:25 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-12-02 16:52:25 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-12-02 16:52:21 ----A---- C:\Windows\system32\wmp.dll
2010-12-02 16:52:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-12-02 16:52:16 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-12-02 16:52:16 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-02 16:51:48 ----D---- C:\Program Files (x86)\ESET
2010-12-02 16:51:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-12-02 16:51:35 ----A---- C:\Windows\explorer.exe
2010-12-02 16:51:34 ----A---- C:\Windows\system32\winlogon.exe
2010-12-02 16:51:33 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-12-02 16:51:33 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-12-02 16:51:09 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-12-02 16:51:09 ----A---- C:\Windows\system32\t2embed.dll
2010-12-02 16:50:52 ----D---- C:\Users\David\AppData\Roaming\ESET
2010-12-02 16:50:44 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-12-02 16:50:44 ----A---- C:\Windows\system32\fontsub.dll
2010-12-02 16:50:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-02 16:50:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-12-02 16:50:42 ----A---- C:\Windows\system32\msxml3.dll
2010-12-02 16:50:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-12-02 16:50:20 ----A---- C:\Windows\system32\cdd.dll
2010-12-02 16:50:19 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-12-02 16:50:19 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-02 16:50:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-12-02 16:50:08 ----A---- C:\Windows\system32\jscript.dll
2010-12-02 16:50:01 ----D---- C:\ProgramData\ESET
2010-12-02 16:49:47 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-12-02 16:49:47 ----A---- C:\Windows\system32\msasn1.dll
2010-12-02 16:49:46 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate.exe
2010-12-02 16:49:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-12-02 16:49:43 ----A---- C:\Windows\system32\vbscript.dll
2010-12-02 16:49:43 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\tsbyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\quartz.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msvidc32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msrle32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\iyuv_32.dll
2010-12-02 16:49:41 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-12-02 16:49:41 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-12-02 16:49:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-12-02 16:49:40 ----A---- C:\Windows\system32\asycfilt.dll
2010-12-02 16:49:38 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-12-02 16:49:38 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-12-02 16:49:38 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-12-02 16:49:38 ----A---- C:\Windows\system32\comctl32.dll
2010-12-02 16:49:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-12-02 16:49:22 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-12-02 16:49:01 ----A---- C:\Windows\system32\wow64.dll
2010-12-02 16:49:00 ----A---- C:\Windows\SYSWOW64\user.exe
2010-12-02 16:49:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-12-02 16:48:57 ----SHD---- C:\Windows\Installer
2010-12-02 16:44:09 ----D---- C:\Windows\SYSWOW64\Wat
2010-12-02 16:44:09 ----D---- C:\Windows\system32\Wat
2010-12-02 16:37:28 ----D---- C:\Users\David\AppData\Roaming\WinRAR
2010-12-02 16:36:20 ----D---- C:\Program Files\WinRAR
2010-12-02 16:34:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2010-12-02 16:34:24 ----A---- C:\Windows\system32\wintrust.dll
2010-12-02 16:34:23 ----A---- C:\Windows\SYSWOW64\cabview.dll
2010-12-02 16:34:23 ----A---- C:\Windows\system32\cabview.dll
2010-12-02 16:31:39 ----D---- C:\ProgramData\InstallShield
2010-12-02 16:31:38 ----A---- C:\Windows\system32\drivers\rt61.sys
2010-12-02 16:31:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-02 16:31:37 ----D---- C:\Program Files (x86)\D-Link
2010-12-02 16:28:10 ----D---- C:\Users\David\AppData\Roaming\Identities
2010-12-02 16:27:51 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2010-12-02 16:27:51 ----D---- C:\Users\David\AppData\Roaming\Media Center Programs
2010-12-02 16:26:16 ----SHD---- C:\Recovery
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Šablony
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Plocha
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Oblíbené položky
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Nabídka Start
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Dokumenty
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Data aplikací
2010-12-02 16:18:05 ----D---- C:\Windows\SoftwareDistribution
2010-12-02 16:15:21 ----D---- C:\Windows\Prefetch
2010-12-02 16:15:06 ----ASH---- C:\pagefile.sys
2010-12-02 16:15:05 ----SHD---- C:\System Volume Information
2010-12-02 16:15:05 ----ASH---- C:\hiberfil.sys
2010-12-02 16:14:17 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 months======

2010-12-17 16:26:13 ----D---- C:\Windows\Temp
2010-12-17 16:25:52 ----RD---- C:\Program Files
2010-12-17 14:49:01 ----D---- C:\Windows\system32\config
2010-12-17 14:02:32 ----D---- C:\Windows\inf
2010-12-17 14:02:32 ----AD---- C:\Windows\System32
2010-12-17 14:02:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-17 13:58:48 ----D---- C:\Windows
2010-12-16 16:25:06 ----D---- C:\Windows\system32\wfp
2010-12-16 16:25:05 ----D---- C:\Windows\system32\wbem
2010-12-16 16:24:17 ----D---- C:\Windows\system32\DriverStore
2010-12-16 16:24:17 ----D---- C:\Windows\system32\drivers
2010-12-16 16:24:17 ----D---- C:\Windows\system32\catroot2
2010-12-16 16:24:16 ----D---- C:\Windows\registration
2010-12-16 16:24:08 ----RD---- C:\Program Files (x86)
2010-12-16 14:28:41 ----D---- C:\Windows\winsxs
2010-12-16 06:02:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-16 06:02:00 ----D---- C:\Windows\SysWOW64
2010-12-16 06:02:00 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 06:01:59 ----D---- C:\Program Files\Windows Mail
2010-12-16 06:01:59 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-16 06:01:59 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-16 06:01:58 ----D---- C:\Windows\SYSWOW64\migration
2010-12-16 06:01:58 ----D---- C:\Windows\system32\migration
2010-12-16 06:01:58 ----D---- C:\Program Files\Internet Explorer
2010-12-16 05:46:55 ----D---- C:\Windows\system32\catroot
2010-12-14 17:53:23 ----D---- C:\Windows\Logs
2010-12-10 14:28:43 ----D---- C:\Windows\Tasks
2010-12-09 19:27:46 ----D---- C:\Windows\system32\Tasks
2010-12-08 20:58:14 ----D---- C:\Windows\system32\LogFiles
2010-12-06 20:16:53 ----D---- C:\Windows\system32\wdi
2010-12-06 17:57:56 ----RSD---- C:\Windows\Fonts
2010-12-06 16:37:13 ----A---- C:\Windows\win.ini
2010-12-06 16:36:45 ----D---- C:\Windows\ShellNew
2010-12-06 16:36:44 ----D---- C:\Program Files (x86)\Common Files
2010-12-06 16:36:10 ----D---- C:\Windows\Help
2010-12-06 16:36:06 ----SD---- C:\ProgramData\Microsoft
2010-12-06 16:34:36 ----D---- C:\Windows\system
2010-12-05 18:02:19 ----HD---- C:\ProgramData
2010-12-05 16:16:36 ----RSD---- C:\Windows\assembly
2010-12-05 16:16:36 ----D---- C:\Windows\Microsoft.NET
2010-12-03 20:15:25 ----D---- C:\Windows\rescache
2010-12-03 15:30:08 ----D---- C:\Windows\SYSWOW64\en-US
2010-12-03 15:30:07 ----D---- C:\Windows\system32\en-US
2010-12-02 19:56:35 ----A---- C:\Windows\system32\uxtheme.dll
2010-12-02 19:56:33 ----A---- C:\Windows\system32\themeui.dll
2010-12-02 19:56:30 ----A---- C:\Windows\system32\themeservice.dll
2010-12-02 17:20:55 ----D---- C:\Windows\Downloaded Program Files
2010-12-02 17:16:07 ----D---- C:\Windows\ehome
2010-12-02 17:16:04 ----D---- C:\Windows\AppPatch
2010-12-02 17:15:57 ----D---- C:\Program Files\Windows Media Player
2010-12-02 17:15:57 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-02 16:57:35 ----D---- C:\Windows\debug
2010-12-02 16:44:19 ----A---- C:\Windows\SYSWOW64\slwga.dll
2010-12-02 16:44:19 ----A---- C:\Windows\system32\systemcpl.dll
2010-12-02 16:44:19 ----A---- C:\Windows\system32\slwga.dll
2010-12-02 16:44:18 ----A---- C:\Windows\SYSWOW64\user32.dll
2010-12-02 16:44:18 ----A---- C:\Windows\system32\user32.dll
2010-12-02 16:37:24 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-02 16:31:24 ----D---- C:\Windows\system32\restore
2010-12-02 16:28:08 ----SHD---- C:\$Recycle.Bin
2010-12-02 16:27:50 ----RD---- C:\Users
2010-12-02 16:26:16 ----D---- C:\Program Files\Windows NT
2010-12-02 16:17:22 ----D---- C:\Windows\system32\sysprep
2010-12-02 16:15:44 ----D---- C:\Windows\CSC
2010-12-02 16:13:50 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-04 834544]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-09-11 136584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-09-11 144824]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-09-11 168544]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-09-11 44944]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-06-19 33608]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
S3 acf9jl1p;acf9jl1p; C:\Windows\system32\drivers\acf9jl1p.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2006-12-11 362496]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-09-11 735960]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-09-11 23296]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-02 1255736]

-----------------EOF-----------------


info.txt logfile of random's system information tool 1.08 2010-12-17 16:26:17

======Uninstall list======

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Adobe Reader 9.4.1 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A94000000001}
AirPlus G-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{2B7E4354-0492-460A-BDB1-1F59EE141025}\setup.exe" -l0x5 -removeonly
Apple Application Support-->MsiExec.exe /I{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Aquarium Desktop-->C:\PROGRA~2\Stardock\DESKTO~1\AQUARI~1\UNWISE.EXE C:\PROGRA~2\Stardock\DESKTO~1\AQUARI~1\INSTALL.LOG
Ask Toolbar-->MsiExec.exe /I{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Centrum.cz Toolbar 1.202.012.001-->"C:\Program Files (x86)\CentrumczToolbar\unins000.exe"
DAEMON Tools Toolbar-->C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Dev-C++ 5 beta 9 release (4.9.9.2)-->"C:\Dev-Cpp\uninstall.exe"
ESET Antivirus Licence Finder (MiNODLogin)-->"C:\Program Files (x86)\ESET\MiNODLogin\MiNODLoginUninst.exe"
Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240}
High-Definition Video Playback 10-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
ICQ7.2-->"C:\Program Files (x86)\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe" -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Mafia-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\Cenega Czech\Mafia\Uninstall\setup.exe" -l0x5
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /x64 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{790E02A1-145A-3843-8C13-A4F41C9B48B7}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}
Microsoft Office XP Professional s aplikací FrontPage-->MsiExec.exe /I{90280405-6000-11D3-8CFE-0050048383C9}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Mozilla Firefox (3.6.13)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 10 Menu TemplatePack Basic-->MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
Nero 10 Movie ThemePack Basic-->MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero Burning ROM 10-->MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
Nero BurningROM 10 Help (CHM)-->MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Dolby Files 10-->MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero MediaHub 10 Help (CHM)-->MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
Nero MediaHub 10-->MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
Nero Multimedia Suite 10-->MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
Nero Recode 10 Help (CHM)-->MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
Nero Recode 10-->MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
Nero RescueAgent 10 Help (CHM)-->MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
Nero RescueAgent 10-->MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
Nero SoundTrax 10 Help (CHM)-->MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
Nero SoundTrax 10-->MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Nero Vision 10 Help (CHM)-->MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
Nero Vision 10-->MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
Nero WaveEditor 10 Help (CHM)-->MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
Nero WaveEditor 10-->MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel
NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI
PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}
QuickTime-->MsiExec.exe /I{E7004147-2CCA-431C-AA05-2AB166B9785D}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
The KMPlayer (remove only)-->"C:\Program Files (x86)\The KMPlayer\uninstall.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Zrychleni Pocitace-->"C:\Program Files\Zrychleni Pocitace\unins000.exe"

======System event log======

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Cryptographic Services byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714051424.262212-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Modules Installer byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714051424.168612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Software Protection byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714051424.059412-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Windows Event Log byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714051424.012612-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 7036
Message: Stav služby Volume Shadow Copy byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714051423.934612-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: PCI\VEN_1814&DEV_0302&SUBSYS_3C091186&REV_00
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI318A.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_892769ec269b8651e5131f3ec022ae81881af4_cab_07d231e8

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 3ad58680-fe27-11df-8ff9-c2a09028630d
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20101202151709.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20101202151553.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20101202151549.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20101202151544.596000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20101202151544.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101202151523.645200-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101202151523.629600-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x2f4b0
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101202151523.052400-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101202151520.556400-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20101202151520.462800-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=AMD64 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------




Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600

device: opened successfully
user: error reading MBR
error: Read Neplatný popisovač.
kernel: error reading MBR

[motji]

Pěkný , nádherně zavirováno, možná vím i příčinu Vašeho problému - musím si ověřit Mbr rootkita.

Ale vidím tam nelegální Nod - což je proti pravidlům tohoto fora.Takže Nod odinstalujte, nainstalujte Avast nebo Aviru - free, a pak budeme pokračovat

[mys2005]

ok udělám to!!!!!!!!!!!! a co pak????

[motji]

Pak mi sem vložte nový log ze rsitu, já zjistím zda jste mě poslechl a budeme pokračovat v odvirování, máte tam toho

[mys2005]

Logfile of random's system information tool 1.08 (written by random/random)
Run by David at 2010-12-17 20:30:59
Microsoft Windows 7 Ultimate
System drive C: has 207 GB (87%) free of 238 GB
Total RAM: 1984 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:31:06, on 17.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16700)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: CentrumczToolbar BHO - {33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Centrum.cz Toolbar - {D5D47440-0750-463D-BAEF-A47D02414806} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [JP595IR86O] C:\Users\David\AppData\Local\Temp\Hwh.exe
O4 - HKCU\..\Run: [lsass.exe] C:\Windows\lsass.exe
O4 - HKCU\..\Run: [winlogo.exe] C:\Users\David\AppData\Local\Temp\winlogo.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: rawr.bat
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Zvuk systému Windows (AudioSrv) - Unknown owner - net.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8412 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Users\David\AppData\Local\Temp\winlogo.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1652.8688900.848359708 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 1652 plugin \\.\pipe\gecko-crash-server-pipe.1652
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Users\David\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33CD02D0-8C93-4926-A2FE-2CE72CE7DF1A}]
CentrumczToolbar BHO - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-02 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll [2010-03-25 1548096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806} - Centrum.cz Toolbar - C:\Program Files (x86)\CentrumczToolbar\IEToolbar.dll [2010-02-12 1274160]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll [2010-03-25 968000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [2004-06-16 221184]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"JP595IR86O"=C:\Users\David\AppData\Local\Temp\Hwh.exe []
"lsass.exe"=C:\Windows\lsass.exe []
"winlogo.exe"=C:\Users\David\AppData\Local\Temp\winlogo.exe [2010-12-14 133157]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"NBAgent"=C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2010-03-26 1234216]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2010-09-08 421888]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE
rawr.bat

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-12-17 18:34:56 ----D---- C:\Users\David\AppData\Roaming\Malwarebytes
2010-12-17 18:34:52 ----A---- C:\Windows\SYSWOW64\drivers\mbamswissarmy.sys
2010-12-17 18:34:51 ----D---- C:\ProgramData\Malwarebytes
2010-12-17 18:34:48 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-12-17 18:34:48 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-12-17 18:28:08 ----A---- C:\Windows\SYSWOW64\drivers\rootrepeal.sys
2010-12-17 18:26:13 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2010-12-17 18:26:11 ----A---- C:\Windows\system32\drivers\aswSP.sys
2010-12-17 18:26:08 ----A---- C:\Windows\system32\drivers\aswRdr.sys
2010-12-17 18:26:07 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2010-12-17 18:26:05 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2010-12-17 18:25:56 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2010-12-17 18:25:53 ----D---- C:\ProgramData\Alwil Software
2010-12-17 18:25:53 ----D---- C:\Program Files\Alwil Software
2010-12-17 16:25:52 ----D---- C:\rsit
2010-12-17 16:25:52 ----D---- C:\Program Files\trend micro
2010-12-16 16:14:34 ----A---- C:\Windows\RtlExUpd.dll
2010-12-16 16:12:47 ----A---- C:\Windows\DIFxAPI.dll
2010-12-16 16:12:22 ----A---- C:\Windows\HideWin.exe
2010-12-16 05:43:58 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2010-12-16 05:43:58 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskschd.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskeng.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\taskcomp.dll
2010-12-16 05:43:58 ----A---- C:\Windows\system32\schtasks.exe
2010-12-16 05:43:58 ----A---- C:\Windows\system32\schedsvc.dll
2010-12-16 05:43:57 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2010-12-16 05:43:57 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2010-12-16 05:43:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2010-12-16 05:43:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2010-12-16 05:43:56 ----A---- C:\Windows\system32\win32k.sys
2010-12-16 05:43:56 ----A---- C:\Windows\system32\atmlib.dll
2010-12-16 05:43:56 ----A---- C:\Windows\system32\atmfd.dll
2010-12-16 05:43:51 ----A---- C:\Windows\SYSWOW64\tzres.dll
2010-12-16 05:43:51 ----A---- C:\Windows\system32\tzres.dll
2010-12-16 05:43:46 ----A---- C:\Windows\system32\mshtml.dll
2010-12-16 05:43:46 ----A---- C:\Windows\system32\iertutil.dll
2010-12-16 05:43:45 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2010-12-16 05:43:45 ----A---- C:\Windows\system32\mstime.dll
2010-12-16 05:43:45 ----A---- C:\Windows\system32\ieframe.dll
2010-12-16 05:43:43 ----A---- C:\Windows\SYSWOW64\mstime.dll
2010-12-16 05:43:42 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2010-12-16 05:43:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2010-12-16 05:43:41 ----A---- C:\Windows\system32\wininet.dll
2010-12-16 05:43:40 ----A---- C:\Windows\SYSWOW64\wininet.dll
2010-12-16 05:43:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2010-12-16 05:43:40 ----A---- C:\Windows\system32\urlmon.dll
2010-12-16 05:43:40 ----A---- C:\Windows\system32\msfeeds.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2010-12-16 05:43:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\ieui.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\iepeers.dll
2010-12-16 05:43:39 ----A---- C:\Windows\system32\iedkcs32.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2010-12-16 05:43:38 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\mshtmled.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\msfeedssync.exe
2010-12-16 05:43:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\licmgr10.dll
2010-12-16 05:43:38 ----A---- C:\Windows\system32\jsproxy.dll
2010-12-16 05:43:36 ----A---- C:\Windows\SYSWOW64\webio.dll
2010-12-16 05:43:36 ----A---- C:\Windows\system32\webio.dll
2010-12-16 05:43:08 ----A---- C:\Windows\system32\consent.exe
2010-12-14 18:32:54 ----D---- C:\Users\David\AppData\Roaming\Dev-Cpp
2010-12-14 18:06:34 ----D---- C:\Dev-Cpp
2010-12-12 11:02:49 ----D---- C:\Program Files (x86)\Cenega Czech
2010-12-11 16:37:55 ----D---- C:\Program Files\Zrychleni Pocitace
2010-12-09 16:38:49 ----A---- C:\Users\David\AppData\Roaming\adgs.bat
2010-12-09 16:35:53 ----D---- C:\Program Files (x86)\izySoft
2010-12-08 19:58:10 ----A---- C:\Windows\SYSWOW64\HMIPCore.dll
2010-12-06 20:10:38 ----D---- C:\Program Files (x86)\Google
2010-12-06 18:41:38 ----D---- C:\Program Files (x86)\Stardock
2010-12-06 16:37:26 ----A---- C:\Windows\ODBC.INI
2010-12-06 16:36:10 ----D---- C:\Windows\Msagent
2010-12-06 16:36:06 ----D---- C:\Program Files (x86)\Microsoft Office
2010-12-05 18:31:37 ----D---- C:\Program Files (x86)\CommViewWiFi
2010-12-05 18:02:19 ----D---- C:\ProgramData\TamoSoft
2010-12-05 18:02:08 ----D---- C:\Program Files (x86)\CommView
2010-12-05 17:10:03 ----D---- C:\ProgramData\NVIDIA
2010-12-05 16:27:39 ----D---- C:\ProgramData\NVIDIA Corporation
2010-12-05 16:26:45 ----D---- C:\Program Files\NVIDIA Corporation
2010-12-05 16:26:45 ----A---- C:\Windows\system32\cohelper.dll
2010-12-05 16:26:35 ----A---- C:\Windows\system32\drivers\sffp_sd.sys
2010-12-05 15:14:07 ----SHD---- C:\Windows\ftpcache
2010-12-04 17:02:26 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2010-12-04 17:01:40 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-12-04 17:01:25 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2010-12-04 17:01:16 ----D---- C:\Users\David\AppData\Roaming\DAEMON Tools Lite
2010-12-04 17:01:14 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-12-04 15:56:01 ----D---- C:\ProgramData\Apple Computer
2010-12-04 15:56:01 ----D---- C:\Program Files (x86)\QuickTime
2010-12-04 15:55:23 ----D---- C:\ProgramData\Apple
2010-12-04 15:55:23 ----D---- C:\Program Files (x86)\Apple Software Update
2010-12-03 15:41:19 ----D---- C:\ProgramData\Adobe
2010-12-03 15:41:11 ----D---- C:\Program Files (x86)\Adobe
2010-12-02 20:21:10 ----D---- C:\Program Files (x86)\MSXML 4.0
2010-12-02 18:23:49 ----A---- C:\Windows\system32\uxtheme.dll.backup
2010-12-02 18:23:47 ----A---- C:\Windows\system32\themeui.dll.backup
2010-12-02 18:23:45 ----A---- C:\Windows\system32\themeservice.dll.backup
2010-12-02 18:01:22 ----D---- C:\Users\David\AppData\Roaming\Nero
2010-12-02 17:56:00 ----D---- C:\ProgramData\Nero
2010-12-02 17:55:13 ----D---- C:\Program Files (x86)\Nero
2010-12-02 17:42:26 ----D---- C:\Program Files (x86)\Ask.com
2010-12-02 17:42:04 ----D---- C:\Program Files (x86)\Microsoft.NET
2010-12-02 17:41:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2010-12-02 17:41:13 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2010-12-02 17:40:52 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-12-02 17:40:30 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-12-02 17:40:08 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-12-02 17:39:47 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-12-02 17:21:35 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2010-12-02 17:21:35 ----A---- C:\Windows\system32\rtutils.dll
2010-12-02 17:21:28 ----A---- C:\Windows\system32\spoolsv.exe
2010-12-02 17:21:06 ----D---- C:\Users\David\AppData\Roaming\Macromedia
2010-12-02 17:21:06 ----D---- C:\Users\David\AppData\Roaming\Adobe
2010-12-02 17:14:21 ----D---- C:\Program Files (x86)\ICQ6Toolbar
2010-12-02 17:14:20 ----D---- C:\ProgramData\ICQ
2010-12-02 17:13:48 ----D---- C:\Program Files (x86)\The KMPlayer
2010-12-02 17:13:27 ----D---- C:\Users\David\AppData\Roaming\ICQ
2010-12-02 17:13:22 ----D---- C:\Program Files (x86)\ICQ7.2
2010-12-02 17:09:16 ----D---- C:\Users\David\AppData\Roaming\Mozilla
2010-12-02 17:08:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-12-02 17:07:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2010-12-02 17:07:36 ----A---- C:\Windows\system32\msv1_0.dll
2010-12-02 17:07:28 ----D---- C:\ProgramData\CentrumczToolbar
2010-12-02 17:07:26 ----D---- C:\Program Files (x86)\CentrumczToolbar
2010-12-02 17:07:10 ----D---- C:\Windows\SYSWOW64\Macromed
2010-12-02 17:04:25 ----N---- C:\Windows\system32\MpSigStub.exe
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2010-12-02 17:01:47 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\PresentationHost.exe
2010-12-02 17:01:47 ----A---- C:\Windows\system32\netfxperf.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\mscoree.dll
2010-12-02 17:01:47 ----A---- C:\Windows\system32\dfshim.dll
2010-12-02 17:01:24 ----A---- C:\Windows\system32\browserchoice.exe
2010-12-02 16:57:35 ----A---- C:\Windows\system32\MRT.exe
2010-12-02 16:56:06 ----D---- C:\ProgramData\Sun
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\javaws.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\javaw.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\java.exe
2010-12-02 16:55:53 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2010-12-02 16:55:46 ----D---- C:\Program Files (x86)\Java
2010-12-02 16:55:01 ----A---- C:\Windows\system32\drivers\ks.sys
2010-12-02 16:54:24 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2010-12-02 16:54:24 ----A---- C:\Windows\system32\CertEnroll.dll
2010-12-02 16:53:39 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2010-12-02 16:53:39 ----A---- C:\Windows\system32\CPFilters.dll
2010-12-02 16:53:38 ----A---- C:\Windows\system32\psisdecd.dll
2010-12-02 16:53:38 ----A---- C:\Windows\system32\msdri.dll
2010-12-02 16:53:37 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2010-12-02 16:53:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-12-02 16:53:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2010-12-02 16:53:32 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2010-12-02 16:53:31 ----A---- C:\Windows\system32\inetcomm.dll
2010-12-02 16:53:30 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2010-12-02 16:53:25 ----A---- C:\Windows\system32\ole32.dll
2010-12-02 16:53:24 ----A---- C:\Windows\SYSWOW64\ole32.dll
2010-12-02 16:53:23 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-12-02 16:53:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2010-12-02 16:53:22 ----A---- C:\Windows\system32\ntdll.dll
2010-12-02 16:53:19 ----A---- C:\Windows\system32\shell32.dll
2010-12-02 16:53:16 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-12-02 16:53:12 ----A---- C:\Windows\system32\drivers\usbhub.sys
2010-12-02 16:53:12 ----A---- C:\Windows\system32\drivers\usbehci.sys
2010-12-02 16:53:11 ----A---- C:\Windows\SYSWOW64\schannel.dll
2010-12-02 16:53:11 ----A---- C:\Windows\system32\schannel.dll
2010-12-02 16:53:03 ----A---- C:\Windows\system32\lsasrv.dll
2010-12-02 16:53:02 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2010-12-02 16:53:02 ----A---- C:\Windows\SYSWOW64\secur32.dll
2010-12-02 16:53:02 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2010-12-02 16:52:25 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2010-12-02 16:52:25 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2010-12-02 16:52:21 ----A---- C:\Windows\system32\wmp.dll
2010-12-02 16:52:18 ----A---- C:\Windows\SYSWOW64\wmp.dll
2010-12-02 16:52:16 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2010-12-02 16:52:16 ----A---- C:\Windows\system32\wmploc.DLL
2010-12-02 16:51:48 ----D---- C:\Program Files (x86)\ESET
2010-12-02 16:51:35 ----A---- C:\Windows\SYSWOW64\explorer.exe
2010-12-02 16:51:35 ----A---- C:\Windows\explorer.exe
2010-12-02 16:51:34 ----A---- C:\Windows\system32\winlogon.exe
2010-12-02 16:51:33 ----A---- C:\Windows\SYSWOW64\sscore.dll
2010-12-02 16:51:33 ----A---- C:\Windows\system32\srvsvc.dll
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-12-02 16:51:33 ----A---- C:\Windows\system32\drivers\srv.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-12-02 16:51:10 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-12-02 16:51:09 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2010-12-02 16:51:09 ----A---- C:\Windows\system32\t2embed.dll
2010-12-02 16:50:52 ----D---- C:\Users\David\AppData\Roaming\ESET
2010-12-02 16:50:44 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2010-12-02 16:50:44 ----A---- C:\Windows\system32\fontsub.dll
2010-12-02 16:50:43 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2010-12-02 16:50:42 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2010-12-02 16:50:42 ----A---- C:\Windows\system32\msxml3.dll
2010-12-02 16:50:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-12-02 16:50:20 ----A---- C:\Windows\system32\cdd.dll
2010-12-02 16:50:19 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2010-12-02 16:50:19 ----A---- C:\Windows\system32\wmpmde.dll
2010-12-02 16:50:08 ----A---- C:\Windows\SYSWOW64\jscript.dll
2010-12-02 16:50:08 ----A---- C:\Windows\system32\jscript.dll
2010-12-02 16:50:01 ----D---- C:\ProgramData\ESET
2010-12-02 16:49:47 ----A---- C:\Windows\SYSWOW64\msasn1.dll
2010-12-02 16:49:47 ----A---- C:\Windows\system32\msasn1.dll
2010-12-02 16:49:46 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\secproc.dll
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc_isv.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\secproc.dll
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-12-02 16:49:44 ----A---- C:\Windows\system32\RMActivate.exe
2010-12-02 16:49:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2010-12-02 16:49:43 ----A---- C:\Windows\system32\vbscript.dll
2010-12-02 16:49:43 ----A---- C:\Windows\system32\drivers\fvevol.sys
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\quartz.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\tsbyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\quartz.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msyuv.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msvidc32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\msrle32.dll
2010-12-02 16:49:42 ----A---- C:\Windows\system32\iyuv_32.dll
2010-12-02 16:49:41 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2010-12-02 16:49:41 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2010-12-02 16:49:40 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2010-12-02 16:49:40 ----A---- C:\Windows\system32\asycfilt.dll
2010-12-02 16:49:38 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2010-12-02 16:49:38 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2010-12-02 16:49:38 ----A---- C:\Windows\system32\StructuredQuery.dll
2010-12-02 16:49:38 ----A---- C:\Windows\system32\comctl32.dll
2010-12-02 16:49:22 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2010-12-02 16:49:22 ----A---- C:\Windows\system32\oleaut32.dll
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\wow32.dll
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\setup16.exe
2010-12-02 16:49:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2010-12-02 16:49:01 ----A---- C:\Windows\system32\wow64.dll
2010-12-02 16:49:00 ----A---- C:\Windows\SYSWOW64\user.exe
2010-12-02 16:49:00 ----A---- C:\Windows\SYSWOW64\instnm.exe
2010-12-02 16:48:57 ----SHD---- C:\Windows\Installer
2010-12-02 16:44:09 ----D---- C:\Windows\SYSWOW64\Wat
2010-12-02 16:44:09 ----D---- C:\Windows\system32\Wat
2010-12-02 16:37:28 ----D---- C:\Users\David\AppData\Roaming\WinRAR
2010-12-02 16:36:20 ----D---- C:\Program Files\WinRAR
2010-12-02 16:34:24 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2010-12-02 16:34:24 ----A---- C:\Windows\system32\wintrust.dll
2010-12-02 16:34:23 ----A---- C:\Windows\SYSWOW64\cabview.dll
2010-12-02 16:34:23 ----A---- C:\Windows\system32\cabview.dll
2010-12-02 16:31:39 ----D---- C:\ProgramData\InstallShield
2010-12-02 16:31:38 ----A---- C:\Windows\system32\drivers\rt61.sys
2010-12-02 16:31:37 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-12-02 16:31:37 ----D---- C:\Program Files (x86)\D-Link
2010-12-02 16:28:10 ----D---- C:\Users\David\AppData\Roaming\Identities
2010-12-02 16:27:51 ----SD---- C:\Users\David\AppData\Roaming\Microsoft
2010-12-02 16:27:51 ----D---- C:\Users\David\AppData\Roaming\Media Center Programs
2010-12-02 16:26:16 ----SHD---- C:\Recovery
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Šablony
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Plocha
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Oblíbené položky
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Nabídka Start
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Dokumenty
2010-12-02 16:26:16 ----SHD---- C:\ProgramData\Data aplikací
2010-12-02 16:18:05 ----D---- C:\Windows\SoftwareDistribution
2010-12-02 16:15:21 ----D---- C:\Windows\Prefetch
2010-12-02 16:15:06 ----ASH---- C:\pagefile.sys
2010-12-02 16:15:05 ----SHD---- C:\System Volume Information
2010-12-02 16:15:05 ----ASH---- C:\hiberfil.sys
2010-12-02 16:14:17 ----D---- C:\Windows\Panther

======List of files/folders modified in the last 1 months======

2010-12-17 20:31:04 ----D---- C:\Windows\Temp
2010-12-17 19:26:27 ----D---- C:\Windows\system32\config
2010-12-17 19:17:58 ----D---- C:\Windows\inf
2010-12-17 19:17:58 ----AD---- C:\Windows\System32
2010-12-17 19:17:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-12-17 19:14:37 ----D---- C:\Windows
2010-12-17 18:34:52 ----D---- C:\Windows\SYSWOW64\drivers
2010-12-17 18:34:51 ----HD---- C:\ProgramData
2010-12-17 18:34:48 ----RD---- C:\Program Files (x86)
2010-12-17 18:34:48 ----D---- C:\Windows\system32\drivers
2010-12-17 18:26:05 ----D---- C:\Windows\SysWOW64
2010-12-17 18:25:53 ----RD---- C:\Program Files
2010-12-17 18:19:11 ----D---- C:\Windows\system32\DriverStore
2010-12-17 18:19:11 ----D---- C:\Windows\system32\catroot
2010-12-16 16:25:06 ----D---- C:\Windows\system32\wfp
2010-12-16 16:25:05 ----D---- C:\Windows\system32\wbem
2010-12-16 16:24:17 ----D---- C:\Windows\system32\catroot2
2010-12-16 16:24:16 ----D---- C:\Windows\registration
2010-12-16 14:28:41 ----D---- C:\Windows\winsxs
2010-12-16 06:02:00 ----D---- C:\Windows\SYSWOW64\cs-CZ
2010-12-16 06:02:00 ----D---- C:\Windows\system32\cs-CZ
2010-12-16 06:01:59 ----D---- C:\Program Files\Windows Mail
2010-12-16 06:01:59 ----D---- C:\Program Files (x86)\Windows Mail
2010-12-16 06:01:59 ----D---- C:\Program Files (x86)\Internet Explorer
2010-12-16 06:01:58 ----D---- C:\Windows\SYSWOW64\migration
2010-12-16 06:01:58 ----D---- C:\Windows\system32\migration
2010-12-16 06:01:58 ----D---- C:\Program Files\Internet Explorer
2010-12-14 17:53:23 ----D---- C:\Windows\Logs
2010-12-10 14:28:43 ----D---- C:\Windows\Tasks
2010-12-09 19:27:46 ----D---- C:\Windows\system32\Tasks
2010-12-08 20:58:14 ----D---- C:\Windows\system32\LogFiles
2010-12-06 20:16:53 ----D---- C:\Windows\system32\wdi
2010-12-06 17:57:56 ----RSD---- C:\Windows\Fonts
2010-12-06 16:37:13 ----A---- C:\Windows\win.ini
2010-12-06 16:36:45 ----D---- C:\Windows\ShellNew
2010-12-06 16:36:44 ----D---- C:\Program Files (x86)\Common Files
2010-12-06 16:36:10 ----D---- C:\Windows\Help
2010-12-06 16:36:06 ----SD---- C:\ProgramData\Microsoft
2010-12-06 16:34:36 ----D---- C:\Windows\system
2010-12-05 16:16:36 ----RSD---- C:\Windows\assembly
2010-12-05 16:16:36 ----D---- C:\Windows\Microsoft.NET
2010-12-03 20:15:25 ----D---- C:\Windows\rescache
2010-12-03 15:30:08 ----D---- C:\Windows\SYSWOW64\en-US
2010-12-03 15:30:07 ----D---- C:\Windows\system32\en-US
2010-12-02 19:56:35 ----A---- C:\Windows\system32\uxtheme.dll
2010-12-02 19:56:33 ----A---- C:\Windows\system32\themeui.dll
2010-12-02 19:56:30 ----A---- C:\Windows\system32\themeservice.dll
2010-12-02 17:20:55 ----D---- C:\Windows\Downloaded Program Files
2010-12-02 17:16:07 ----D---- C:\Windows\ehome
2010-12-02 17:16:04 ----D---- C:\Windows\AppPatch
2010-12-02 17:15:57 ----D---- C:\Program Files\Windows Media Player
2010-12-02 17:15:57 ----D---- C:\Program Files (x86)\Windows Media Player
2010-12-02 16:57:35 ----D---- C:\Windows\debug
2010-12-02 16:44:19 ----A---- C:\Windows\SYSWOW64\slwga.dll
2010-12-02 16:44:19 ----A---- C:\Windows\system32\systemcpl.dll
2010-12-02 16:44:19 ----A---- C:\Windows\system32\slwga.dll
2010-12-02 16:44:18 ----A---- C:\Windows\SYSWOW64\user32.dll
2010-12-02 16:44:18 ----A---- C:\Windows\system32\user32.dll
2010-12-02 16:37:24 ----D---- C:\Windows\system32\CodeIntegrity
2010-12-02 16:31:24 ----D---- C:\Windows\system32\restore
2010-12-02 16:28:08 ----SHD---- C:\$Recycle.Bin
2010-12-02 16:27:50 ----RD---- C:\Users
2010-12-02 16:26:16 ----D---- C:\Program Files\Windows NT
2010-12-02 16:17:22 ----D---- C:\Windows\system32\sysprep
2010-12-02 16:15:44 ----D---- C:\Windows\CSC
2010-12-02 16:13:50 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-04 834544]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 28752]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 121936]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 51280]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 20048]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys [2010-08-12 350952]
R3 rt61x64;RT61 Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr6164.sys [2010-04-07 446304]
S3 aylry5xm;aylry5xm; C:\Windows\system32\drivers\aylry5xm.sys []
S3 CV2K1;CommView Network Monitor; C:\Windows\system32\DRIVERS\cv2k1.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 rootrepeal;rootrepeal; \??\C:\Windows\system32\drivers\rootrepeal.sys []
S3 RT61;D-Link Wireless Driver; C:\Windows\system32\DRIVERS\RT61.sys [2006-12-11 362496]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-07-09 159336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-12-02 1255736]

-----------------EOF-----------------






co dale potřebujete??? uš bych rád chtel myt zvuk ale vy neodepisujete!!!!! prosím poradte ja jdu us spat tak zitra napiste ok diky moc tak kolem 8 hodiny rano tu budu díky moc

[motji]

Omlouvám se, ale nesedím pořád u počítače

Spusťte combofix podle tohoto návodu
http://www.bleepingcomputer.com/combofi ... t-combofix


Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[mys2005]

ComboFix 10-12-16.05 - David 18.12.2010 7:34.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.1984.1166 [GMT 1:00]
Spuštěný z: c:\users\David\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
SP: avast! Antivirus *Enabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\David\AppData\Roaming\adgs.bat
c:\users\David\AppData\Roaming\install
c:\users\David\AppData\Roaming\Microsoft\Windows\Templates\QmlNu.exe.exe
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-18 do 2010-12-18 )))))))))))))))))))))))))))))))
.

2010-12-18 06:38 . 2010-12-18 06:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-12-17 17:34 . 2010-11-29 16:42 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2010-12-17 17:34 . 2010-12-17 17:34 -------- d-----w- c:\programdata\Malwarebytes
2010-12-17 17:34 . 2010-12-17 17:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2010-12-17 17:34 . 2010-11-29 16:42 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-17 17:28 . 2010-12-17 17:28 33280 ----a-w- c:\windows\SysWow64\drivers\rootrepeal.sys
2010-12-17 17:26 . 2010-09-07 15:47 20048 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-17 17:26 . 2010-09-07 15:52 121936 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-17 17:26 . 2010-09-07 15:47 28752 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-17 17:26 . 2010-09-07 15:52 51280 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-17 17:26 . 2010-09-07 15:47 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-12-17 17:25 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-17 17:25 . 2010-09-07 16:11 167592 ----a-w- c:\windows\SysWow64\aswBoot.exe
2010-12-17 17:25 . 2010-12-17 17:25 -------- d-----w- c:\programdata\Alwil Software
2010-12-17 17:25 . 2010-12-17 17:25 -------- d-----w- c:\program files\Alwil Software
2010-12-17 15:25 . 2010-12-17 19:31 -------- d-----w- c:\program files\trend micro
2010-12-17 15:25 . 2010-12-17 15:26 -------- d-----w- C:\rsit
2010-12-17 13:48 . 2010-11-16 11:01 8199504 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{26AF0A27-7A30-4A01-B1F6-A29BCF68A039}\mpengine.dll
2010-12-16 15:14 . 2007-01-12 08:54 520192 ----a-w- c:\windows\RtlExUpd.dll
2010-12-16 15:12 . 2010-12-16 15:12 319456 ----a-w- c:\windows\DIFxAPI.dll
2010-12-16 15:12 . 2010-12-16 15:12 315392 ----a-w- c:\windows\HideWin.exe
2010-12-16 15:04 . 2010-12-16 15:04 157 ----a-w- c:\windows\x.reg
2010-12-14 19:04 . 2010-12-14 19:04 36 ----a-w- c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\rawr.bat
2010-12-14 17:06 . 2010-12-14 17:32 -------- d-----w- C:\Dev-Cpp
2010-12-12 10:02 . 2010-12-12 10:02 -------- d-----w- c:\program files (x86)\Cenega Czech
2010-12-11 15:37 . 2010-12-11 15:49 -------- d-----w- c:\program files\Zrychleni Pocitace
2010-12-09 15:35 . 2010-12-09 15:36 -------- d-----w- c:\program files (x86)\izySoft
2010-12-08 18:58 . 2010-06-15 17:27 282928 ----a-w- c:\windows\SysWow64\HMIPCore.dll
2010-12-06 19:10 . 2010-12-06 19:10 -------- d-----w- c:\program files (x86)\Google
2010-12-06 17:41 . 2010-12-06 17:41 -------- d-----w- c:\program files (x86)\Stardock
2010-12-06 15:36 . 2010-12-06 15:36 -------- d-----w- c:\windows\Msagent
2010-12-05 17:02 . 2010-12-05 17:39 -------- d-----w- c:\programdata\TamoSoft
2010-12-05 17:02 . 2010-12-05 17:15 -------- d-----w- c:\program files (x86)\CommView
2010-12-05 16:10 . 2010-12-05 16:10 -------- d-----w- c:\programdata\NVIDIA
2010-12-05 15:27 . 2010-12-05 15:27 -------- d-----w- c:\programdata\NVIDIA Corporation
2010-12-05 15:26 . 2010-12-05 15:28 -------- d-----w- c:\program files\NVIDIA Corporation
2010-12-05 15:26 . 2010-08-12 10:46 758272 ----a-w- c:\windows\system32\cohelper.dll
2010-12-05 15:26 . 2010-08-09 21:33 11164 ----a-w- c:\windows\system32\drivers\nvphy.bin
2010-12-05 15:26 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2010-12-05 14:14 . 2010-12-05 14:14 -------- d-sh--w- c:\windows\ftpcache
2010-12-04 16:02 . 2010-12-04 16:02 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2010-12-04 16:01 . 2010-12-04 16:01 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-12-04 16:01 . 2010-12-04 16:02 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2010-12-04 16:01 . 2010-12-04 16:01 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2010-12-04 14:56 . 2010-12-04 14:56 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2010-12-04 14:56 . 2010-12-04 14:56 -------- d-----w- c:\program files (x86)\QuickTime
2010-12-04 14:56 . 2010-12-04 14:56 -------- d-----w- c:\programdata\Apple Computer
2010-12-04 14:55 . 2010-12-04 14:55 -------- d-----w- c:\program files (x86)\Common Files\Apple
2010-12-04 14:55 . 2010-12-04 14:55 -------- d-----w- c:\programdata\Apple
2010-12-04 14:55 . 2010-12-04 14:55 -------- d-----w- c:\program files (x86)\Apple Software Update
2010-12-03 14:41 . 2010-12-03 14:41 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2010-12-02 19:21 . 2010-12-02 19:21 -------- d-----w- c:\program files (x86)\MSXML 4.0
2010-12-02 17:23 . 2009-07-14 01:41 332288 ----a-w- c:\windows\system32\uxtheme.dll.backup
2010-12-02 17:23 . 2009-07-14 01:41 2851328 ----a-w- c:\windows\system32\themeui.dll.backup
2010-12-02 17:23 . 2009-07-14 01:41 44544 ----a-w- c:\windows\system32\themeservice.dll.backup
2010-12-02 16:56 . 2010-12-02 17:00 -------- d-----w- c:\programdata\Nero
2010-12-02 16:55 . 2010-12-02 16:56 -------- d-----w- c:\program files (x86)\Common Files\Nero
2010-12-02 16:55 . 2010-12-02 17:00 -------- d-----w- c:\program files (x86)\Nero
2010-12-02 16:42 . 2010-12-02 16:42 -------- d-----w- c:\program files (x86)\Ask.com
2010-12-02 16:42 . 2010-12-03 14:30 -------- d-----w- c:\program files (x86)\Microsoft.NET
2010-12-02 16:41 . 2009-09-04 16:29 1974616 ----a-w- c:\windows\SysWow64\D3DCompiler_42.dll
2010-12-02 16:41 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2010-12-02 16:40 . 2008-10-15 05:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2010-12-02 16:40 . 2007-07-19 17:14 3727720 ----a-w- c:\windows\SysWow64\d3dx9_35.dll
2010-12-02 16:40 . 2007-05-16 15:45 3497832 ----a-w- c:\windows\SysWow64\d3dx9_34.dll
2010-12-02 16:21 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
2010-12-02 16:21 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2010-12-02 16:21 . 2010-08-21 06:29 558592 ----a-w- c:\windows\system32\spoolsv.exe
2010-12-02 16:14 . 2010-12-02 16:14 -------- d-----w- c:\program files (x86)\ICQ6Toolbar
2010-12-02 16:14 . 2010-12-02 16:14 -------- d-----w- c:\programdata\ICQ
2010-12-02 16:13 . 2010-12-02 16:14 -------- d-----w- c:\program files (x86)\The KMPlayer
2010-12-02 16:13 . 2010-12-02 16:14 -------- d-----w- c:\program files (x86)\ICQ7.2
2010-12-02 16:07 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2010-12-02 16:07 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2010-12-02 16:07 . 2010-12-04 18:58 -------- d-----w- c:\programdata\CentrumczToolbar
2010-12-02 16:07 . 2010-12-02 16:07 -------- d-----w- c:\program files (x86)\CentrumczToolbar
2010-12-02 16:07 . 2010-12-02 16:07 -------- d-----w- c:\windows\SysWow64\Macromed
2010-12-02 16:04 . 2010-10-19 09:41 270720 ------w- c:\windows\system32\MpSigStub.exe
2010-12-02 16:01 . 2009-11-25 11:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2010-12-02 16:01 . 2009-11-25 11:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2010-12-02 16:01 . 2009-11-25 11:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2010-12-02 16:01 . 2009-11-25 11:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2010-12-02 16:01 . 2009-11-25 11:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2010-12-02 16:01 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2010-12-02 16:01 . 2009-11-25 11:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-12-02 16:01 . 2009-11-25 11:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2010-12-02 16:01 . 2009-11-25 11:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2010-12-02 16:01 . 2009-11-25 11:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2010-12-02 16:01 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2010-12-02 15:56 . 2010-12-02 15:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2010-12-02 15:55 . 2010-12-02 15:55 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2010-12-02 15:55 . 2010-12-02 15:55 -------- d-----w- c:\program files (x86)\Java
2010-12-02 15:55 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2010-12-02 15:54 . 2009-09-03 07:36 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2010-12-02 15:54 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2010-12-02 15:52 . 2010-08-31 04:32 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
2010-12-02 15:52 . 2010-08-31 04:32 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll
2010-12-02 15:52 . 2010-09-01 05:14 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2010-12-02 15:52 . 2010-09-01 04:26 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2010-12-02 15:52 . 2010-09-01 05:12 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2010-12-02 15:52 . 2010-09-01 04:23 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2010-12-02 15:50 . 2009-10-19 14:46 100864 ----a-w- c:\windows\system32\fontsub.dll
2010-12-02 15:49 . 2009-08-29 07:50 46592 ----a-w- c:\windows\system32\msasn1.dll
2010-12-02 15:48 . 2010-12-17 18:19 -------- d-sh--w- c:\windows\Installer
2010-12-02 15:44 . 2010-12-02 15:44 -------- d-----w- c:\windows\SysWow64\Wat
2010-12-02 15:44 . 2010-12-02 15:44 -------- d-----w- c:\windows\system32\Wat
2010-12-02 15:34 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll
2010-12-02 15:34 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll
2010-12-02 15:34 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll
2010-12-02 15:34 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll
2010-12-02 15:31 . 2010-12-02 15:31 -------- d-----w- c:\programdata\InstallShield
2010-12-02 15:31 . 2006-12-11 21:37 362496 ----a-w- c:\windows\system32\drivers\rt61.sys
2010-12-02 15:31 . 2010-12-16 15:12 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2010-12-02 15:31 . 2010-12-02 15:31 -------- d-----w- c:\program files (x86)\D-Link
2010-12-02 15:31 . 2004-06-16 05:03 73728 ----a-w- c:\windows\SysWow64\ISUSPM.cpl
2010-12-02 15:31 . 2010-12-05 16:10 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2010-12-02 15:27 . 2010-12-16 15:25 -------- d-----w- c:\users\David
2010-12-02 15:14 . 2010-12-02 15:26 -------- d-----w- c:\windows\Panther

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-02 18:56 . 2009-07-13 23:55 332288 ----a-w- c:\windows\system32\uxtheme.dll
2010-12-02 18:56 . 2009-07-13 23:54 2851328 ----a-w- c:\windows\system32\themeui.dll
2010-12-02 18:56 . 2009-07-13 23:54 44544 ----a-w- c:\windows\system32\themeservice.dll
2010-12-02 15:44 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2010-12-02 15:44 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll
2010-12-02 15:44 . 2009-07-13 23:36 13824 ----a-w- c:\windows\SysWow64\slwga.dll
2010-12-02 15:44 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2010-12-02 15:44 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll
2010-11-02 05:16 . 2010-12-16 04:43 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2010-11-02 05:10 . 2010-12-16 04:43 285696 ----a-w- c:\windows\system32\schtasks.exe
2010-11-02 04:34 . 2010-12-16 04:43 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
.

------- Sigcheck -------

[-] 2010-12-02 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] . . c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[-] 2010-12-02 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] . . c:\windows\system32\user32.dll

[-] 2010-12-02 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] . . c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] . . c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] . . c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[-] 2010-12-02 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] . . c:\windows\system32\user32.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 15:50 1197448 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"NBAgent"="c:\program files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-03-26 1234216]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
rawr.bat [2010-12-14 36]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-03-25 490280]

.
Obsah adresáře 'Naplánované úlohy'
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
Handler: centrumcztoolbar - {61A97628-7C82-4315-957A-C74C2CDD85DF} - c:\program files (x86)\CentrumczToolbar\IEToolbar.dll
FF - ProfilePath - c:\users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3xw0rc3b.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Wow6432Node-HKCU-Run-lsass.exe - c:\windows\lsass.exe
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AudioSrv]
"ImagePath"="net user %username% hacker "
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-12-18 07:40:46
ComboFix-quarantined-files.txt 2010-12-18 06:40

Před spuštěním: Volných bajtů: 217 264 418 816
Po spuštění: Volných bajtů: 218 826 272 768

- - End Of File - - 75DDA4E4FA5935277027DC2A9C86FF6A











a tohle je z toho malwere

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 5343

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

18.12.2010 8:12:40
mbam-log-2010-12-18 (08-12-29).txt

Typ kontroly: Úplný test (A:\|C:\|D:\|G:\|)
Testované objekty: 274599
Uplynulý čas: 27 minut, 31 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 2
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_CURRENT_USER\SOFTWARE\JP595IR86O (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Z30KYPG3WS (Trojan.FakeAlert) -> No action taken.

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


obrazek z malware nebo co to je xD

[motji]

V mbamu vše smažte.

Najděte soubor c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\rawr.bat
-klikněte na něj pravým myšítkem, otevřít v notepadu a text sem vložte.

[mys2005]

mam problem ten program jsem nasel ale nejde mi otevrit v notepadu!!!!!!!!! kliknu na nej pravim tlacitkem!!! ukazu obrazek ok!!!

[motji]

Nevadí, předpokládám že ten soubor neznáte.
Mám dvě teorie , buď si hrajete na hackera a nějak Vám to nejde , nebo naopak, někdo hacknul počítač Vám .

Neotvíral jste teď nějaký neznámý soubor?

[mys2005]

otevíral jsme jenom keygen na jednu hru kterej mi nakonec resetnul kompa ale to je vše!!! hrát si na hackera xDDD ani newim jak začít.