Nejdou hry

[Luk1s]

Prosím o kontrolu logu, při každém spustením hry mi to napise error, že daný exe neodpovída

Díky


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:05:44, on 23.12.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\igfxsrvc.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\PC Tools Security\BDT\FGuard.exe
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Xilisoft Download Youtube Toolbar\TbHelper2.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\PROGRA~1\WinRAR\WinRAR.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Documents and Settings\Dziry.Junior\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2790392
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/xilisoftdownl ... B3F5B8ED12}
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
R3 - URLSearchHook: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
R3 - URLSearchHook: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll
R3 - URLSearchHook: (no name) - {CA3EB689-8F09-4026-AA10-B9534C691CE0} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Xilisoft Download Youtube Toolbar\tbcore3.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: Softonic-Eng7 Toolbar - {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - C:\Program Files\Softonic-Eng7\tbSof2.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Xilisoft Download Youtube Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\Xilisoft Download Youtube Toolbar\tbcore3.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll
O3 - Toolbar: BitTorrentBar Toolbar - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - C:\Program Files\BitTorrentBar\tbBitT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\Audio\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [DAEMON Tools-1033] "G:\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCTools FGuard] C:\Program Files\PC Tools Security\BDT\FGuard.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\BitTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - C:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6626023781
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\PC Tools Security\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 14559 bytes

[Rudy]

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

Upozorňuji, že se zde nezabýváme problematikou her. Jsme bezpečnostní fórum, u nás je možné PC odvirovat, příp. se poradit nad zabezpečením PC.

[Luk1s]

Ano omlouvam se ,tady je vypis z combofixu

ComboFix 10-12-23.02 - Dziry.Junior 23.12.2010 21:48:14.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.3062.2197 [GMT 1:00]
Spuštěný z: c:\documents and settings\Dziry.Junior\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Microsoft
c:\documents and settings\All Users\Microsoft\OfficeSoftwareProtectionPlatform\Cache\cache.dat
c:\documents and settings\All Users\Microsoft\OfficeSoftwareProtectionPlatform\tokens.dat
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Dziry.Junior\Data aplikací\PriceGong\Data\z.xml
c:\windows\daemon.dll
c:\windows\system\msvcrt40.dll
c:\windows\system\olepro32.dll
c:\windows\system32\Desktop_.ini
c:\windows\system32\kernel1.exe
c:\windows\system32\Oeminfo.ini

Nakažená kopie c:\windows\regedit.exe byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe

Nakažená kopie c:\windows\system32\midimap.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NiwradSoft Shell Pack\Backup\midimap.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-11-23 do 2010-12-23 )))))))))))))))))))))))))))))))
.

2010-12-23 19:14 . 2010-12-23 19:14 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\Need for Speed World
2010-12-23 17:29 . 2010-12-23 17:29 -------- d-----w- c:\documents and settings\LocalService\Data aplikací\iolo
2010-12-23 17:29 . 2010-07-06 14:44 94384 ----a-w- c:\windows\system32\IncContxMenu.dll
2010-12-23 17:29 . 2010-07-06 14:44 2319536 ----a-w- c:\windows\system32\Incinerator.dll
2010-12-23 17:29 . 2010-02-03 09:21 12288 ----a-w- c:\windows\system32\smrgdf.exe
2010-12-23 17:29 . 2010-02-03 09:21 30208 ----a-w- c:\windows\system32\iolobtdfg.exe
2010-12-23 17:28 . 2010-12-23 17:28 -------- d-----w- c:\program files\iolo
2010-12-23 17:26 . 2010-12-23 17:26 74703 ----a-w- c:\windows\system32\mfc45.dll
2010-12-23 17:26 . 2010-12-23 17:49 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\iolo
2010-12-23 17:26 . 2010-12-23 17:41 -------- d-----w- c:\documents and settings\All Users\Data aplikací\iolo
2010-12-23 10:15 . 2010-12-23 10:15 61440 ----a-r- c:\documents and settings\Dziry.Junior\Data aplikací\Microsoft\Installer\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}\flatout.exe1_853599CE1B5C4FEFB643B8F48F508EDC.exe
2010-12-23 10:15 . 2010-12-23 10:15 61440 ----a-r- c:\documents and settings\Dziry.Junior\Data aplikací\Microsoft\Installer\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}\flatout.exe_853599CE1B5C4FEFB643B8F48F508EDC.exe
2010-12-23 10:15 . 2010-12-23 10:15 61440 ----a-r- c:\documents and settings\Dziry.Junior\Data aplikací\Microsoft\Installer\{A57D86AF-DE8E-4B26-972E-A1A28FFF7742}\ARPPRODUCTICON.exe
2010-12-23 10:10 . 2010-12-23 10:10 -------- d-----w- c:\program files\Empire Interactive
2010-12-23 10:10 . 2010-12-23 10:10 40960 ----a-w- c:\windows\_ds2FB.tmp
2010-12-23 09:28 . 2010-12-23 09:28 -------- d-----w- C:\Games
2010-12-23 09:28 . 1998-11-10 23:13 300032 ----a-w- c:\windows\unin0411.exe
2010-12-23 08:35 . 2010-12-23 08:35 -------- d-----w- c:\program files\THQ
2010-12-23 08:02 . 2010-12-23 08:02 2829 ----a-w- c:\windows\War3Unin.pif
2010-12-23 08:02 . 2010-12-23 08:02 126976 ----a-w- c:\windows\War3Unin.exe
2010-12-20 17:07 . 2010-12-20 17:07 -------- d-----w- c:\windows\system32\AGEIA
2010-12-20 17:07 . 2010-12-20 17:08 -------- d-----w- c:\program files\AGEIA Technologies
2010-12-20 17:07 . 2010-12-20 17:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-12-15 11:54 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2010-12-15 11:53 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2010-12-13 15:43 . 2010-12-23 08:17 -------- d-----w- c:\documents and settings\All Users\Data aplikací\TrackMania
2010-12-10 20:53 . 2010-12-10 21:05 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\Ulead Systems
2010-12-10 20:51 . 2010-12-10 20:51 -------- d-----w- c:\program files\Common Files\InterVideo
2010-12-10 20:51 . 2010-12-10 20:51 -------- d-----w- c:\documents and settings\All Users\Data aplikací\InterVideo
2010-12-10 20:51 . 2007-03-06 10:58 210456 ----a-w- c:\windows\system32\IVIresizeW7.dll
2010-12-10 20:51 . 2007-03-06 10:58 194072 ----a-w- c:\windows\system32\IVIresizePX.dll
2010-12-10 20:51 . 2007-03-06 10:58 198168 ----a-w- c:\windows\system32\IVIresizeP6.dll
2010-12-10 20:51 . 2007-03-06 10:58 198168 ----a-w- c:\windows\system32\IVIresizeM6.dll
2010-12-10 20:51 . 2007-03-06 10:58 206360 ----a-w- c:\windows\system32\IVIresizeA6.dll
2010-12-10 20:51 . 2007-03-06 10:58 26136 ----a-w- c:\windows\system32\IVIresize.dll
2010-12-10 20:51 . 2010-12-10 20:51 -------- d-----w- c:\documents and settings\DZIRY~1~JUN
2010-12-10 20:50 . 2010-12-10 20:50 -------- d-----w- c:\program files\Windows Media Components
2010-12-10 20:49 . 2010-12-10 20:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ulead Systems
2010-12-10 20:49 . 2010-12-10 20:50 -------- d-----w- c:\program files\Common Files\Ulead Systems
2010-12-10 20:49 . 2010-12-10 20:49 -------- d-----w- c:\program files\Ulead Systems
2010-12-10 19:38 . 2006-05-31 07:22 62232 ------r- c:\windows\system32\GameuxInstallHelper.dll
2010-12-10 18:51 . 2010-12-10 18:51 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\ImTOO
2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\program files\ImTOO
2010-12-10 18:50 . 2010-12-10 18:50 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ImTOO
2010-12-10 17:36 . 2010-12-10 21:44 -------- d-----w- c:\documents and settings\Dziry.Junior\Local Settings\Data aplikací\BitTorrentBar
2010-12-10 17:36 . 2010-12-10 17:36 -------- d-----w- C:\extensions
2010-12-10 17:35 . 2010-12-10 17:35 -------- d-----w- c:\program files\BitTorrent
2010-12-10 17:35 . 2010-12-23 20:58 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\BitTorrent
2010-12-08 15:37 . 2010-12-08 15:37 -------- d-----w- c:\documents and settings\Dziry.Junior\Local Settings\Data aplikací\Threat Expert
2010-12-04 20:36 . 2010-09-07 15:47 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-12-04 20:36 . 2010-09-07 15:52 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-12-04 20:36 . 2010-09-07 15:47 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-12-04 20:36 . 2010-09-07 15:52 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-12-04 20:36 . 2010-09-07 15:47 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-12-04 20:36 . 2010-09-07 15:47 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-12-04 20:36 . 2010-09-07 15:46 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-12-04 20:35 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
2010-12-04 20:35 . 2010-09-07 16:11 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-12-04 20:35 . 2010-12-04 20:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Alwil Software
2010-12-04 18:57 . 2010-09-24 11:19 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-12-04 18:57 . 2010-09-24 11:19 1914832 ----a-w- c:\windows\PCTBDCore.dll
2010-12-04 18:57 . 2010-09-24 11:19 767952 ----a-w- c:\windows\BDTSupport.dll
2010-12-04 18:57 . 2010-09-24 11:19 743376 ----a-w- c:\windows\PCTBDRes.dll
2010-12-04 18:53 . 2010-07-16 13:59 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys
2010-12-04 18:53 . 2010-07-16 13:59 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys
2010-12-04 18:53 . 2010-10-05 10:10 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-12-04 18:52 . 2010-09-30 07:58 159936 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-12-04 18:52 . 2010-08-18 12:51 237632 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-12-04 18:52 . 2010-10-05 10:11 123712 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2010-12-04 18:52 . 2010-09-03 11:28 87400 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2010-12-04 18:52 . 2010-08-10 16:58 31960 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2010-12-04 18:52 . 2010-08-27 08:26 70536 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-12-04 18:52 . 2010-12-14 18:52 -------- d-----w- c:\program files\PC Tools Security
2010-12-04 18:52 . 2010-12-04 18:55 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-04 18:52 . 2010-12-04 18:52 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\PC Tools
2010-12-04 18:49 . 2010-12-04 18:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PC Tools
2010-12-04 10:34 . 2010-12-04 10:34 -------- d-----w- c:\documents and settings\Dziry.Junior\Local Settings\Data aplikací\Xilisoft
2010-12-04 10:33 . 2010-12-04 10:33 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\Xilisoft
2010-12-04 10:32 . 2010-12-04 10:32 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\Toolbar4
2010-12-04 10:32 . 2010-12-04 10:32 -------- d-----w- c:\program files\Xilisoft Download Youtube Toolbar
2010-12-04 10:32 . 2010-12-04 10:32 -------- d-----w- c:\program files\Xilisoft
2010-12-03 14:43 . 2010-12-03 14:43 -------- d-----w- c:\windows\system32\wbem\Repository
2010-12-02 21:10 . 2010-12-02 21:10 -------- d-----w- c:\documents and settings\Administrator\IETldCache
2010-12-02 20:24 . 2010-12-03 14:21 -------- d-----w- c:\program files\Notebook Hardware Control
2010-12-02 20:20 . 2010-12-03 14:21 -------- d-----w- c:\program files\BatteryCare
2010-12-02 20:20 . 2010-12-02 20:21 -------- d-----w- c:\documents and settings\Dziry.Junior\Data aplikací\BatteryCare
2010-12-02 15:34 . 2010-12-03 14:40 -------- d-----w- c:\program files\RadarSync
2010-11-25 17:42 . 2010-11-25 17:42 -------- d-----w- c:\documents and settings\Dziry.Junior\Local Settings\Data aplikací\ConduitEngine
2010-11-25 17:42 . 2010-11-25 17:42 -------- d-----w- c:\program files\ConduitEngine

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-18 18:01 . 2010-06-16 14:17 98304 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-11-18 18:15 . 2010-06-15 17:07 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-06 00:23 . 2002-09-23 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2002-09-23 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2002-09-23 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2002-09-23 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-30 17:02 . 2010-06-20 16:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-10-30 17:02 . 2010-06-20 16:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-10-30 17:02 . 2010-06-20 16:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-10-30 15:58 . 2002-09-23 12:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2010-10-30 14:32 . 2010-10-30 14:32 77824 ----a-w- c:\windows\iRODUninstall.exe
2010-10-30 14:26 . 2010-10-30 14:26 77824 ----a-w- c:\windows\SkycarUninstall.exe
2010-10-30 13:41 . 2010-10-30 13:41 102400 ----a-w- c:\windows\Segmento_AlphaUninstall.exe
2010-10-29 19:02 . 2010-10-29 19:02 22328 ----a-w- c:\documents and settings\Dziry.Junior\Data aplikací\PnkBstrK.sys
2010-10-28 13:09 . 2002-09-23 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2002-09-23 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
2010-09-25 15:41 . 2010-09-25 15:41 278728 ----a-w- c:\windows\system32\drivers\atksgt.sys
2010-09-25 15:41 . 2010-09-25 15:41 25416 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2006-10-18 19:46 64000 --sha-w- c:\windows\NiwradSoft Shell Pack\Backup\wmplayer.exe
.

------- Sigcheck -------

[7] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . 471341D353962A35DA3C6324D59D09C4 . 547328 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[7] 2004-08-17 . 221C29AE1B4CC61D11D8B27DE78B2307 . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

[7] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 157577AE3ED2862091111184966FAB66 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[7] 2004-08-17 . 876C658C44F2BF4AF050E5534A9F066F . 611328 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll
[7] 2004-08-17 . F76B3003366A205E05AFC0D034C7D3E9 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[7] 2002-09-23 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2002-09-23 . D12F83B2037A01BB97A97F3EA54DD71F . 921600 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll

[7] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . CCB32D10C69A89822E9134C0C4894BE1 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[7] 2004-08-17 . 1B4CCC59980DA34E75F20E42B283B027 . 577024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\user32.dll

[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2008-04-14 . D63C59BB0CA2F83B62D003FD52863090 . 1541120 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2004-08-17 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe

[7] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\ServicePackFiles\i386\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 81206718E930BEF6D92A64725907D973 . 1312768 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll
[7] 2010-07-16 . C85BE0CF9C91EB64CECA1D639D71D4CC . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[7] 2008-04-14 . 21F836AAB269FF644E0E708B794B0DF7 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2004-08-17 . 7FE54C063DDA8EF226846510852E6B1B . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ole32.dll

[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[7] 2004-08-17 . A5BAA91475167161DEA02BA3C4CA4F59 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

[7] 2010-04-28 . 2FA1EF498F026847CF276DF9099ABE79 . 2069120 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[7] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . c:\windows\NiwradSoft Shell Pack\Backup\ntkrnlpa.exe
[-] 2010-04-28 . 0032A4AB047DAB34FBB22E64664D14D4 . 2230144 . . [5.1.2600.5973] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
[-] 2010-04-28 . 0032A4AB047DAB34FBB22E64664D14D4 . 2230144 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-04-28 . 0032A4AB047DAB34FBB22E64664D14D4 . 2230144 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[7] 2010-02-17 . 7F87EDF3C7C626D336533D2580940A00 . 2065920 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[7] 2010-02-16 . 27DE458FE1E1A618836ADB61873BC9E8 . 2060544 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[7] 2010-02-16 . 6C31566C176BC28C7D73BC6332642A58 . 2068992 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[7] 2010-02-16 . DCC3D91A3DEDBBA9ECFFA6028D872CF5 . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[7] 2009-02-10 . D721665942F74CA7FF4162A0761CBB0A . 2068224 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[7] 2009-02-09 . 73A13AA10E146A3E2B4AC6D007953A74 . 2059904 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntkrnlpa.exe
[7] 2009-02-09 . BB64DC108F8C4EE4D4B7998AA19E5FA7 . 2065152 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[7] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[7] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[7] 2004-08-17 . E86DD06F2B8F919DDF23F78A3BF2AA23 . 2059008 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntkrnlpa.exe

[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[7] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . c:\windows\NiwradSoft Shell Pack\Backup\ntoskrnl.exe
[-] 2010-04-28 . DC29D3ECEC81210252FBAED9CA53FF82 . 2353280 . . [5.1.2600.5973] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
[-] 2010-04-28 . DC29D3ECEC81210252FBAED9CA53FF82 . 2353280 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-04-28 . DC29D3ECEC81210252FBAED9CA53FF82 . 2353280 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[7] 2010-04-28 . 91FE668957FF51A2DBCEE0D8637BA77E . 2192256 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[7] 2010-02-17 . 4E8268B816B2D27E711A688D6FD0E319 . 2192128 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[7] 2010-02-16 . F24D47F956B2527F8771E38AFE750743 . 2183552 . . [5.1.2600.3670] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe
[7] 2010-02-16 . AEDD2FE6BEC6FB4E3B25DB1E15C97560 . 2189056 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[7] 2010-02-16 . 6B2312D847BA95F4E858CB4C3B5F51E1 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[7] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[7] 2009-02-09 . DF530FCAD41349C92945DF52EBA9F3E4 . 2182656 . . [5.1.2600.3520] . . c:\windows\$NtUninstallKB979683_0$\ntoskrnl.exe
[7] 2009-02-09 . C424407DDD99223BF3248044CBBE91F6 . 2188288 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[7] 2009-02-09 . F48662F55CD8DDD4DBBBCB69DE197725 . 2191232 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[7] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[7] 2004-08-17 . 12C80E46DCEC9B82473D1B1B9DA1F16B . 2183168 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572_0$\ntoskrnl.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]
2010-10-18 10:26 3908192 ----a-w- c:\program files\Softonic-Eng7\tbSof2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2010-11-29 14:26 3908192 ----a-w- c:\program files\BitTorrentBar\tbBitT.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 21:44 1400712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3}"= "c:\program files\Softonic-Eng7\tbSof2.dll" [2010-10-18 3908192]
"{88C7F2AA-F93F-432C-8F0E-B7D85967A527}"= "c:\program files\BitTorrentBar\tbBitT.dll" [2010-11-29 3908192]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}]

[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-12-13 395640]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"VistaStartMenu"="c:\program files\Vista Start Menu\VistaStartMenu.exe" [2009-04-06 2589184]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-07-23 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2010-12-10 397688]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 40448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-30 16861696]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2008-05-30 53248]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2008-05-30 141848]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2008-05-30 166424]
"Persistence"="c:\windows\System32\igfxpers.exe" [2008-05-30 137752]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-01-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-01-19 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-01-19 217088]
"PCTools FGuard"="c:\program files\PC Tools Security\BDT\FGuard.exe" [2010-09-24 108496]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"UVS11 Preload"="c:\program files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe" [2007-03-03 341488]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 40448]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-06-16 11:26 12464 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [26.7.2010 14:25 155136]
R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [26.7.2010 14:25 5248]
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [4.12.2010 19:52 237632]
R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [4.12.2010 19:53 338880]
R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [4.12.2010 19:53 656320]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [18.7.2010 14:10 697328]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [4.12.2010 21:36 165584]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [16.6.2010 12:26 216200]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [16.6.2010 12:26 242896]
R1 prodrv04;Star Force copy protection driver v4;c:\windows\system32\drivers\prodrv04.sys [1.9.2010 16:59 114496]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [4.12.2010 21:36 17744]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\PC Tools Security\BDT\BDTUpdateService.exe [4.12.2010 19:57 235472]
R2 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [16.9.2010 15:43 16872]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [23.6.2010 12:49 246520]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [23.12.2010 18:29 711352]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [23.12.2010 18:29 711352]
S2 avg9emc;AVG Free E-mail Scanner;"c:\program files\AVG\AVG9\avgemc.exe" --> c:\program files\AVG\AVG9\avgemc.exe [?]
S2 avg9wd;AVG Free WatchDog;"c:\program files\AVG\AVG9\avgwdsvc.exe" --> c:\program files\AVG\AVG9\avgwdsvc.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1.7.2010 13:02 136176]
S3 lac97inf;lac97inf;\??\c:\docume~1\DZIRY~1.JUN\LOCALS~1\Temp\lac97inf.sys --> c:\docume~1\DZIRY~1.JUN\LOCALS~1\Temp\lac97inf.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\PC Tools Security\pctsAuxs.exe [4.12.2010 19:52 366840]
.
Obsah adresáře 'Naplánované úlohy'

2010-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cb6ec08b0bea82.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 12:02]

2010-12-23 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2790392
mStart Page = hxxp://www.bigseekpro.com/xilisoftdownloadyout ... B3F5B8ED12}
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Download with Xilisoft Download YouTube Video - c:\program files\Xilisoft\Download YouTube Video\upod_link.HTM
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
------- Asociace souborů -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-DAEMON Tools-1033 - G:\daemon.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-23 21:56
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-448539723-162531612-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a8,34,82,d3,8d,8d,f4,f4,a1,d0,5f,e6,6c,8c,96,9a,cc,11,dd,21,9d,52,1f,
6e,27,36,8a,15,b2,d2,57,19,2b,03,68,1d,f1,27,7b,96,f7,2d,e4,02,7b,3a,19,3e,\
"??"=hex:5d,94,da,36,d0,67,20,67,69,50,87,09,40,d7,0b,75

[HKEY_USERS\S-1-5-21-448539723-162531612-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:55,21,17,7a,1f,93,9e,3f,25,34,71,f8,88,b2,04,47,8b,a7,81,04,7b,
c7,9a,f3,ef,be,c8,34,2e,5d,63,66,c7,1d,30,dd,e9,ad,b0,82,4b,22,52,d9,a5,f5,\
"rkeysecu"=hex:9c,6f,66,a2,37,8a,8e,fe,eb,5c,8f,d6,0c,38,7c,c5
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\cscui.dll
c:\windows\system32\COMRes.dll

- - - - - - - > 'lsass.exe'(936)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll

- - - - - - - > 'explorer.exe'(3052)
c:\program files\RocketDock\RocketDock.dll
c:\windows\system32\COMRes.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\System32\cscui.dll
c:\windows\system32\msi.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Common Files\EPSON\EBAPI\SAgent2.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\RTHDCPL.EXE
c:\windows\System32\igfxsrvc.exe
c:\program files\Logitech\Video\FxSvr2.exe
.
**************************************************************************
.
Celkový čas: 2010-12-23 22:04:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-12-23 21:04

Před spuštěním: Volných bajtů: 15 668 076 544
Po spuštění: Volných bajtů: 15 658 041 344

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - 6F96722E7E1966B844652C3BCA8BC1AB

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\_ds2FB.tmp

Folder::
c:\program files\Ask.com

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
[-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

http://img138.imageshack.us/img138/6433/cfscript.gif