Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Zpráva

Thermit8 · #1 Příspěvek od **Thermit8** » 15 led 2011 05:48

Zdravíčko,mám problém,večer sem serfoval na netu a bohužel sem kliknul na nějakej odkaz a něco se stáhlo a od tý doby mi nejdou prohlížeče,až na google chrome,který sem v pc neměl nainstalovanej,když zapnu operu,mozzilu či IE tak nic nenaběhne,mám v operě záložky o který nechci přijít..ale koukám že jsem o ně přišel...zde je log

Kód: Vybrat vše

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:42:45, on 15.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Bqytoa.exe
C:\DOCUME~1\Kaul\LOCALS~1\Temp\Bwd.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Dokumenty\Downloads\hijackthis (1).exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\Kaul\LOCALS~1\Temp\Bwd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB9FD199-B423-42A3-9F79-32051D771B0F}: NameServer = 8.8.4.4,8.8.8.8
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 5276 bytes

#2 Příspěvek od **cernohous13** » 15 led 2011 06:46

Vítám tě u nás Obrázek

Přidej log RSIT dle návodu zde: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895
a nedávej ho do Code

Znáš parametry připojení od svého poskytovatele?
Uměl bys je nastavit?

Thermit8 · #3 Příspěvek od **Thermit8** » 15 led 2011 09:52

Ahoj,díky za odpověd,s tím připojením,nevím jak to myslíš,jen chci dodat že DNS sem si nastavoval sám,kvúly neschopnosti DNS serverú mého providenta

info.txt logfile of random's system information tool 1.08 2011-01-15 09:48:42

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABL 2.1.2-->"D:\VstPlugins\Vstplugins\AudioRealism\ABL2\unins000.exe"
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10l_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\System32\Macromed\Flash\FlashUtil10l_Plugin.exe -maintain plugin
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
Aktualizace systému Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Aktualizace systému Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Aktualizace zabezpečení aplikace Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"
Aktualizace zabezpečení produktu Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2416400)-->"C:\WINDOWS\$NtUninstallKB2416400$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Aktualizace zabezpečení systému Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Aktualizace zabezpečení systému Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Antares Autotune VST v5.09-->"C:\Program Files\Antares Audio Technologies\Uninstall\unins000.exe"
ARIA Engine v1.1.0.6-->"D:\VstPlugins\Aria\unins000.exe"
ASAPI Update-->C:\WINDOWS\system32\IWUNIN~1.EXE -uninstall C:\WINDOWS\ISUNINST.EXE -fC:\PROGRA~1\VOB\ASAPIU~1\ASAPI.isu
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Assassin's Creed II 1.0.1.0-->"C:\Program Files\Assassin's Creed II\unins000.exe"
ATI - Software Uninstall Utility-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Audiorealism Bassline Pro v1.0.1-->D:\VSTPLU~1\AUDIOR~2\UNINST~1\UNWISE.EXE D:\VSTPLU~1\AUDIOR~2\UNINST~1\INSTALL.LOG
avast! Pro Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Bass Station 1.50-->"C:\Program Files\Uninstall Information\{ABAF1232-6213-4062-9D52-04E04A730CEA}\unins000.exe"
Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67}
BiFilter v2.2-->"D:\VstPlugins\Vstplugins\Tone2BIFilter2\unins000.exe"
BitTorrent-->"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL
Bytescout XLS Viewer 2.30a (FREEWARE)-->"C:\Program Files\Bytescout XLS Viewer\unins000.exe"
Cakewalk Rapture 1.2.1-->"D:\VstPlugins\Rapture\unins000.exe"
Camel Audio Cameleon 5000 v1.7 VSTi-->D:\VSTPLU~1\VSTPLU~1\CAMELE~1\UNWISE.EXE D:\VSTPLU~1\VSTPLU~1\CAMELE~1\INSTALL.LOG
Catalyst Control Center - Branding-->MsiExec.exe /I{D3B1C799-CB73-42DE-BA0F-2344793A095C}
Catanya 1.0.1-->"D:\VstPlugins\Catanya\unins000.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Command & Conquer 3-->MsiExec.exe /I{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}
Command & Conquer Generals-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{06F80017-8F98-4C94-B868-52358569FC32}
Command and ConquerTM Generals Zero Hour-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}
Counter-Strike 1.6-->C:\Program Files\Counter-Strike 1.6\Uninstal.exe
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
DirectX10 CF (Critical Fix)-->"C:\Program Files\Common Files\unins000.exe"
Dirt 2-->"D:\Dirt 2game\unins000.exe"
Dual-Core Optimizer-->MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5}
Flash Game Downloader 1.0-->"C:\Program Files\Flash Game Downloader\unins000.exe"
Fraps (remove only)-->"C:\Fraps\uninstall.exe"
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
GamePark-->"C:\Program Files\GamePark\unins000.exe"
Golden ASET Mythospheric Space Synthesizer VSTi-->D:\VSTPLU~1\VSTPLU~1\GOLDEN~1\UNINST~1\UNWISE.EXE D:\VSTPLU~1\VSTPLU~1\GOLDEN~1\UNINST~1\INSTALL.LOG
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000B8302}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8301}
Grand Theft Auto IV-->MsiExec.exe /I{5454083B-1308-4485-BF17-1110000D8302}
Hamachi 1.0.2.5-->C:\Program Files\Hamachi\uninstall.exe
HijackThis 2.0.2-->"C:\Documents and Settings\Kaul\Dokumenty\Downloads\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hydra VSTi/DXi v1.2-->D:\VstPlugins\Vstplugins\Hydra\unins000.exe
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
IL Gross Beat-->D:\Image-Line\IL Gross Beat\uninstall.exe
Intel(R) C++ Redistributables for Windows* on IA-64-->MsiExec.exe /X{5F7807CA-B1F1-4CB1-A519-A205D894A37D}
iZotope Ozone 3-->"D:\iZotope\Ozone 3\unins000.exe"
iZotope Ozone 4-->"D:\VstPlugins\Ozone 4\unins000.exe"
iZotope Spectron-->"D:\iZotope\Spectron\unins000.exe"
iZotope Trash-->"D:\VstPlugins\Trash\unins000.exe"
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
jetAudio Basic VX-->"C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -runfromtemp -l0x0405 -removeonly
KORG Legacy Collection - ANALOG EDITION 2007-->MsiExec.exe /X{620FE3A6-F576-4ECC-9734-FA2DCFA4FF82}
Live 8.0.5-->D:\Ableton\LIVE80~1.5\Install\UNWISE.EXE D:\Ableton\LIVE80~1.5\Install\INSTALL.LOG
Microsoft .NET Framework 2.0 Service Pack 1 Language Pack - CSY-->MsiExec.exe /I{129DDEC1-A6A3-3D60-AABE-76E6E5334922}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - CSY-->MsiExec.exe /I{6FE8B722-4D7E-3CD7-BB3A-3AD1684B1295}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 Language Pack - CSY-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack - csy\setup.exe
Microsoft .NET Framework 3.5 Language Pack - csy-->MsiExec.exe /I{74DCC43B-33C9-3389-BD0D-33EB37973657}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{1FDA5A37-B22D-43FF-B582-B8964050DC13}
Microsoft Games for Windows - LIVE-->MsiExec.exe /X{86A4C6D9-29EE-4719-AFA1-BA3341862B83}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Native Instruments B4 II-->D:\VSTPLU~1\B4II~1\UNWISE.EXE D:\VSTPLU~1\B4II~1\INSTALL.LOG
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS-->D:\VSTPLU~1\FM8\UNWISE.EXE D:\VSTPLU~1\FM8\INSTALL.LOG
Native Instruments Kontakt 3-->D:\NATIVE~1\KONTAK~1\UNWISE.EXE D:\NATIVE~1\KONTAK~1\INSTALL.LOG
OLYMPUS Master 2-->MsiExec.exe /X{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}
OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U
Opera 11.00-->"C:\Program Files\Opera\Opera.exe" /uninstall
Oprava Hotfix systému Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Oprava Hotfix systému Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Plogue chipsounds VSTi RTAS Standalone v1.5-->"D:\VstPlugins\chipsounds\unins000.exe"
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PSP MixPack2 2.0.3-->"D:\VstPlugins\PSP_Mix_Pack\uninstall.exe" "/U:D:\VstPlugins\PSP_Mix_Pack\irunin.xml"
PSP Nitro 1.1.2-->"D:\VstPlugins\PSP_Nitro\uninstall.exe" "/U:D:\VstPlugins\PSP_Nitro\irunin.xml"
PSP oldTimer 1.1.2 32bit-->"D:\VstPlugins\PSP_OLDTIMER\uninstall.exe" "/U:D:\VstPlugins\PSP_OLDTIMER\irunin.xml"
PSP VintageWarmer2 2.5.1 32bit-->"D:\VstPlugins\PSPVintageWarmer2\uninstall.exe" "/U:D:\VstPlugins\PSPVintageWarmer2\irunin.xml"
Q3E Minimizer v1.51-->"C:\Program Files\Q3E Minimizer v1.51\unins000.exe"
Quake III Arena Point Release 1.32-->C:\WINDOWS\unvise32.exe C:\Program Files\Quake III Arena\uninstal5.log
Quake III Arena-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Quake III Arena\QIII.isu"
quantum-fx 1.06-->"D:\VstPlugins\quantum-fx\uninstall.exe"
Reaktor 5 Addon-->D:\VSTPLU~1\REAKTO~1\Library\ENSEMB~1\ADDON-~1\UNWISE.EXE D:\VSTPLU~1\REAKTO~1\Library\ENSEMB~1\ADDON-~1\INSTALL.LOG
Reaktor 5-->D:\VSTPLU~1\REAKTO~1\UNWISE.EXE D:\VSTPLU~1\REAKTO~1\INSTALL.LOG
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x5 -removeonly
Reese Machine VSTi-->D:\VstPlugins\Vstplugins\Reese Machine\uninstall.exe
reFX Nexus VSTi RTAS v2.2.0-->"D:\VstPlugins\Nexus2\Uninstall Nexus\unins000.exe"
rgcAudio Pentagon I VSTi v1.0-->"D:\Vstplugins\rgcAudio Pentagon I\unins000.exe"
Rob Papen SubBoomBass 1.0.3.c RTAS-->"C:\Program Files\Common Files\Digidesign\DAE\Plug-Ins\unins000.exe"
Rob Papen SubBoomBass 1.0.3c 64Bits Multi-core-->"D:\VstPlugins\SubBoomBass\unins000.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Steinberg WaveLab 5.01a-->D:\STEINB~1\WaveLab\UNWISE.EXE D:\STEINB~1\WaveLab\INSTALL.LOG
The KMPlayer (remove only)-->"C:\Program Files\The KMPlayer\uninstall.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Virtual DJ Pro Full - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
VLC media player 1.1.5-->C:\Program Files\VideoLAN\VLC\uninstall.exe
V-Station 1.50-->"C:\Program Files\Uninstall Information\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}\unins000.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft FREE Trial-->MsiExec.exe /X{02EBDBB9-4600-41D3-B566-40CB861511D2}
XML Paper Specification Shared Components Language Pack 1.0-->"C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: TERMITNATOR
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 17. prosince 2010 v 3:00):
- Aktualizace zabezpečení systému Windows XP (KB2360937)
- Aktualizace zabezpečení systému Windows XP (KB2423089)
- Aktualizace zabezpečení pro jazyk Jscript 5.7 pro systém Windows XP (KB971961)
- Aktualizace zabezpečení dále distribuovatelného balíčku Microsoft Visual C++ 2005 Service Pack 1 (KB973923)
- Aktualizace zabezpečení systému Windows XP (KB982665)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 3.5 SP1 a .NET Framework 2.0 SP2 pro Windows 2000, Windows Server 2003 a Windows XP x86 (KB979909)
- Aktualizace systému Windows XP (KB2141007)
- Aktualizace rozhraní Microsoft .NET Framework 3.5 SP1 pro systémy Windows Server 2003 a Windows XP x86 (KB982168)
- Aktualizace zabezpečení systému Windows XP (KB981997)
- Aktualizace zabezpečení systému Windows XP (KB2286198)
- Kumulativní aktualizace zabezpečení aplikace Internet Explorer 6 pro systém Windows XP (KB2416400)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB952069)
- Aktualizace sady Windows Me

Record Number: 1622
Source Name: Windows Update Agent
Time Written: 20101216122728.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 17. prosince 2010 v 3:00):
- Aktualizace zabezpečení systému Windows XP (KB2360937)
- Aktualizace zabezpečení systému Windows XP (KB2423089)
- Aktualizace zabezpečení pro jazyk Jscript 5.7 pro systém Windows XP (KB971961)
- Aktualizace zabezpečení dále distribuovatelného balíčku Microsoft Visual C++ 2005 Service Pack 1 (KB973923)
- Aktualizace zabezpečení systému Windows XP (KB982665)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 3.5 SP1 a .NET Framework 2.0 SP2 pro Windows 2000, Windows Server 2003 a Windows XP x86 (KB979909)
- Aktualizace systému Windows XP (KB2141007)
- Aktualizace rozhraní Microsoft .NET Framework 3.5 SP1 pro systémy Windows Server 2003 a Windows XP x86 (KB982168)
- Aktualizace zabezpečení systému Windows XP (KB981997)
- Aktualizace zabezpečení systému Windows XP (KB2286198)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB952069)
- Aktualizace sady Windows Media Format 11 SDK pro systém Windows XP (KB929399)
- Aktualizace zabezpečení pro systém Windows XP Se

Record Number: 1621
Source Name: Windows Update Agent
Time Written: 20101216122722.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 17. prosince 2010 v 3:00):
- Aktualizace zabezpečení systému Windows XP (KB2360937)
- Aktualizace zabezpečení systému Windows XP (KB2423089)
- Aktualizace zabezpečení pro jazyk Jscript 5.7 pro systém Windows XP (KB971961)
- Aktualizace zabezpečení dále distribuovatelného balíčku Microsoft Visual C++ 2005 Service Pack 1 (KB973923)
- Aktualizace zabezpečení systému Windows XP (KB982665)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 3.5 SP1 a .NET Framework 2.0 SP2 pro Windows 2000, Windows Server 2003 a Windows XP x86 (KB979909)
- Aktualizace systému Windows XP (KB2141007)
- Aktualizace rozhraní Microsoft .NET Framework 3.5 SP1 pro systémy Windows Server 2003 a Windows XP x86 (KB982168)
- Aktualizace zabezpečení systému Windows XP (KB981997)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB952069)
- Aktualizace sady Windows Media Format 11 SDK pro systém Windows XP (KB929399)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB973540)
- Aktualizace aplikace Internet E

Record Number: 1620
Source Name: Windows Update Agent
Time Written: 20101216122713.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 17. prosince 2010 v 3:00):
- Aktualizace zabezpečení systému Windows XP (KB2360937)
- Aktualizace zabezpečení systému Windows XP (KB2423089)
- Aktualizace zabezpečení pro jazyk Jscript 5.7 pro systém Windows XP (KB971961)
- Aktualizace zabezpečení dále distribuovatelného balíčku Microsoft Visual C++ 2005 Service Pack 1 (KB973923)
- Aktualizace zabezpečení systému Windows XP (KB982665)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 3.5 SP1 a .NET Framework 2.0 SP2 pro Windows 2000, Windows Server 2003 a Windows XP x86 (KB979909)
- Aktualizace rozhraní Microsoft .NET Framework 3.5 SP1 pro systémy Windows Server 2003 a Windows XP x86 (KB982168)
- Aktualizace zabezpečení systému Windows XP (KB981997)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB952069)
- Aktualizace sady Windows Media Format 11 SDK pro systém Windows XP (KB929399)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB973540)
- Aktualizace aplikace Internet Explorer pro Windows XP (KB2467659)
- Aktualiz

Record Number: 1619
Source Name: Windows Update Agent
Time Written: 20101216122713.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 18
Message: Instalace je připravena: Byly staženy následující aktualizace a jsou nyní připraveny k instalaci. Je naplánována úloha pro instalaci následujících aktualizací do tohoto počítače (plán: 17. prosince 2010 v 3:00):
- Aktualizace zabezpečení systému Windows XP (KB2360937)
- Aktualizace zabezpečení systému Windows XP (KB2423089)
- Aktualizace zabezpečení pro jazyk Jscript 5.7 pro systém Windows XP (KB971961)
- Aktualizace zabezpečení dále distribuovatelného balíčku Microsoft Visual C++ 2005 Service Pack 1 (KB973923)
- Aktualizace zabezpečení rozhraní Microsoft .NET Framework 3.5 SP1 a .NET Framework 2.0 SP2 pro Windows 2000, Windows Server 2003 a Windows XP x86 (KB979909)
- Aktualizace rozhraní Microsoft .NET Framework 3.5 SP1 pro systémy Windows Server 2003 a Windows XP x86 (KB982168)
- Aktualizace zabezpečení systému Windows XP (KB981997)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB952069)
- Aktualizace sady Windows Media Format 11 SDK pro systém Windows XP (KB929399)
- Aktualizace zabezpečení pro systém Windows XP Service Pack 3 (KB973540)
- Aktualizace aplikace Internet Explorer pro Windows XP (KB2467659)
- Aktualizace zabezpečení součásti Windows Media Format Runtime 9,

Record Number: 1618
Source Name: Windows Update Agent
Time Written: 20101216122713.000000+060
Event Type: Informace
User:

=====Application event log=====

Computer Name: TERMITNATOR
Event Code: 1800
Message: Služba Centrum zabezpečení systému Windows byla spuštěna.

Record Number: 557
Source Name: SecurityCenter
Time Written: 20101213164355.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 105
Message: The service was started.

Record Number: 556
Source Name: ATI Smart
Time Written: 20101213164353.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 1004
Message:
Record Number: 555
Source Name: WgaSetup
Time Written: 20101213164353.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 1002
Message:
Record Number: 554
Source Name: WgaSetup
Time Written: 20101213164352.000000+060
Event Type: Informace
User:

Computer Name: TERMITNATOR
Event Code: 1006
Message:
Record Number: 553
Source Name: WgaSetup
Time Written: 20101213164352.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%C_IA64_REDIST11%bin\ia64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\iZotope\Runtimes
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"C_IA64_REDIST11"=C:\Program Files\Common Files\Intel\Shared Files\cpp\

-----------------EOF-----------------

#4 Příspěvek od **cernohous13** » 15 led 2011 10:00

Podle návodu očekávám obsah C:\rsit\log.txt

Thermit8 · #5 Příspěvek od **Thermit8** » 15 led 2011 10:07

Jo,promin zde to je

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kaul at 2011-01-15 09:48:36
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (17%) free of 38 GB
Total RAM: 3326 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:48:40, on 15.1.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\IObit\Game Booster\GameBox.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Tunngle\TnglCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\Bqytoa.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kaul\Dokumenty\Downloads\hijackthis (1).exe
C:\Documents and Settings\Kaul\Dokumenty\Downloads\RSIT.exe
C:\DOCUME~1\Kaul\LOCALS~1\Temp\Bwd.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Kaul.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" /OM
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [JP595IR86O] C:\DOCUME~1\Kaul\LOCALS~1\Temp\Bwd.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{BB9FD199-B423-42A3-9F79-32051D771B0F}: NameServer = 8.8.4.4,8.8.8.8
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 5542 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Game_Booster_Startup.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-01 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-12-01 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-05 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-05-28 16132608]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-12-31 3395600]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe [2009-04-17 54576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"OM2_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe [2009-04-17 95536]
"Google Update"=C:\Documents and Settings\Kaul\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
"JP595IR86O"=C:\DOCUME~1\Kaul\LOCALS~1\Temp\Bwd.exe [2011-01-15 216576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-05 1305408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files\PowerISO\PWRISOVM.EXE [2010-04-12 180224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-12-01 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Dirt 2game\dirt2_game.exe"="D:\Dirt 2game\dirt2_game.exe:*:Disabled:DiRT2 Executable"
"C:\Program Files\Counter-Strike 1.6\hl.exe"="C:\Program Files\Counter-Strike 1.6\hl.exe:*:Disabled:Half-Life Launcher"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\VirtualDJ\virtualdj_pro.exe"="C:\Program Files\VirtualDJ\virtualdj_pro.exe:*:Disabled:Virtual DJ Pro"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Disabled:quake3"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\Assassin's Creed II\AssassinsCreedIIGame.exe"="C:\Program Files\Assassin's Creed II\AssassinsCreedIIGame.exe:*:Disabled:AssassinsCreedIIGame"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\game.dat:*:Enabled:game"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\generals.exe:*:Enabled:Command and ConquerTM Generals Zero Hour"
"C:\Program Files\EA Games\Command and Conquer Generals\generals.exe"="C:\Program Files\EA Games\Command and Conquer Generals\generals.exe:*:Enabled:Command & Conquer Generals"
"C:\Program Files\EA Games\Command and Conquer Generals\WorldBuilder.exe"="C:\Program Files\EA Games\Command and Conquer Generals\WorldBuilder.exe:*:Enabled:Command & Conquer Generals Worldbuilder"
"C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\WorldBuilder.exe"="C:\Program Files\EA Games\Command & Conquer Generals Zero Hour\WorldBuilder.exe:*:Enabled:Command and ConquerTM Generals Zero Hour Worldbuilder"
"D:\Image-Line\FL Studio 9\FL.exe"="D:\Image-Line\FL Studio 9\FL.exe:*:Disabled:FL Studio engine launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-01-15 09:48:36 ----D---- C:\rsit
2011-01-15 09:48:36 ----D---- C:\Program Files\trend micro
2011-01-15 03:54:01 ----A---- C:\WINDOWS\Bqytoa.exe
2011-01-15 03:53:52 ----A---- C:\WINDOWS\system32\sshnas21.dll
2011-01-15 03:37:42 ----A---- C:\WINDOWS\system32\msvcsv60.dll
2011-01-15 03:26:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Identities
2011-01-15 03:18:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Cakewalk
2011-01-15 03:15:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\IK Multimedia
2011-01-15 02:37:47 ----D---- C:\Program Files\Common Files\Intel
2011-01-15 01:53:54 ----A---- C:\WINDOWS\system32\FxShared.dll
2011-01-15 01:53:54 ----A---- C:\WINDOWS\system32\com.fxpansion.fxshared.dll
2011-01-15 01:53:50 ----D---- C:\Program Files\FXpansion
2011-01-15 01:53:18 ----D---- C:\Documents and Settings\Kaul\Data aplikací\FXpansion
2011-01-15 01:22:30 ----A---- C:\WINDOWS\system32\audcon.sys
2011-01-15 01:21:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\eLicenser
2011-01-15 01:21:21 ----A---- C:\WINDOWS\system32\SYNSOPOS.exe.cfg
2011-01-15 01:19:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Syncrosoft
2011-01-14 14:18:59 ----D---- C:\Banks
2011-01-13 10:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-01-12 13:59:55 ----D---- C:\Program Files\Electronic Arts
2011-01-12 09:48:18 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Command and Conquer 3 Kanes Wrath
2011-01-12 05:25:30 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Command & Conquer 3 Tiberium Wars
2011-01-12 05:17:32 ----A---- C:\WINDOWS\system32\drivers\dtsoftbus01.sys
2011-01-12 05:17:07 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-01-12 05:16:59 ----D---- C:\Program Files\DAEMON Tools Lite
2011-01-12 05:16:42 ----D---- C:\Documents and Settings\Kaul\Data aplikací\DAEMON Tools Lite
2011-01-12 05:16:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-11 13:34:44 ----D---- C:\Program Files\EA Games
2011-01-10 19:41:19 ----D---- C:\Program Files\Ask.com
2011-01-10 19:40:41 ----D---- C:\Program Files\The KMPlayer
2011-01-10 19:33:54 ----D---- C:\Program Files\GRETECH
2011-01-07 23:06:43 ----D---- C:\Documents and Settings\Kaul\Data aplikací\.minecraft
2011-01-06 10:55:49 ----D---- C:\Program Files\Assassin's Creed II
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcrtnew.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcr90.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcr80d.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcr80.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcr70.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcp90.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcp80.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcp70.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\msvcm90.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\dxgi.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\dwmapi.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\d3d10core.dll
2011-01-05 19:51:30 ----A---- C:\WINDOWS\system32\d3d10.dll
2011-01-05 19:51:29 ----A---- C:\WINDOWS\system32\Vista.Emulation.dll
2011-01-05 19:51:29 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-01-05 19:51:29 ----A---- C:\WINDOWS\system32\msvcm80.dll
2011-01-05 19:51:29 ----A---- C:\WINDOWS\system32\msjava.dll
2011-01-05 19:51:28 ----A---- C:\WINDOWS\system32\M2000Twn.dll
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\D3DX10d_39.dll
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\d3dx10.dll
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\D3D10SDKLayers.DLL
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\d2d1.dll
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\CompressATI2.dll
2011-01-05 19:51:26 ----A---- C:\WINDOWS\system32\avrt.dll
2011-01-05 19:51:26 ----A---- C:\Program Files\Common Files\unins000.exe
2011-01-04 17:15:50 ----D---- C:\Program Files\Q3E Minimizer v1.51
2011-01-04 12:39:13 ----A---- C:\WINDOWS\system32\drivers\USBSTOR.SYS
2011-01-04 11:36:22 ----D---- C:\Program Files\OLYMPUS
2011-01-04 11:36:09 ----D---- C:\Program Files\MSXML 4.0
2011-01-03 16:10:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2011-01-03 16:06:56 ----D---- C:\Program Files\ATI
2011-01-03 16:04:29 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2011-01-03 16:03:46 ----D---- C:\Program Files\ATI Technologies
2011-01-03 16:02:46 ----D---- C:\ATI
2011-01-03 15:32:41 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atitvo32.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ATIODE.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atikvmag.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2011-01-03 15:32:40 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2011-01-03 00:03:43 ----D---- C:\Program Files\GamePark
2011-01-02 23:36:37 ----A---- C:\WINDOWS\unvise32.exe
2011-01-02 23:35:15 ----A---- C:\WINDOWS\QIII.INI
2011-01-02 23:35:12 ----D---- C:\Program Files\Mplayer
2011-01-02 23:34:32 ----D---- C:\Program Files\Quake III Arena
2011-01-02 19:18:58 ----D---- C:\Program Files\Flash Game Downloader
2011-01-02 19:13:50 ----D---- C:\Documents and Settings\Kaul\Data aplikací\ProgSense
2011-01-02 19:13:46 ----D---- C:\downloads
2011-01-02 19:13:46 ----D---- C:\Documents and Settings\Kaul\Data aplikací\GrabPro
2011-01-02 19:13:41 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Orbit
2011-01-02 17:58:04 ----D---- C:\Program Files\Bytescout XLS Viewer
2011-01-02 12:32:31 ----DC---- C:\WINDOWS\system32\DRVSTORE
2011-01-02 12:22:57 ----A---- C:\WINDOWS\WININIT.INI
2011-01-02 00:13:03 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Plogue Art et Technologie, Inc
2011-01-02 00:10:49 ----D---- C:\Program Files\Plogue
2011-01-01 23:57:12 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Plogue
2011-01-01 23:57:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Plogue
2011-01-01 11:47:51 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-12-31 06:29:23 ----D---- C:\Program Files\ASIO4ALL v2
2010-12-29 14:27:15 ----D---- C:\Program Files\VirtualDJ
2010-12-26 22:32:48 ----D---- C:\Documents and Settings\Kaul\Data aplikací\vlc
2010-12-26 22:31:35 ----D---- C:\Program Files\VideoLAN
2010-12-26 08:43:10 ----D---- C:\Program Files\Image-Line
2010-12-26 07:06:01 ----A---- C:\WINDOWS\system32\PSP oldTimer.dll
2010-12-25 00:41:46 ----D---- C:\Documents and Settings\Kaul\Data aplikací\KORG
2010-12-25 00:34:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\KORG
2010-12-25 00:34:14 ----D---- C:\Program Files\KORG
2010-12-25 00:34:14 ----D---- C:\Program Files\Common Files\KORG
2010-12-22 05:07:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Pinnacle
2010-12-22 04:40:11 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Antares
2010-12-22 04:40:01 ----D---- C:\Program Files\Antares Audio Technologies
2010-12-22 04:39:32 ----A---- C:\WINDOWS\system32\drivers\cledx.sys
2010-12-22 04:39:19 ----A---- C:\WINDOWS\system32\SYNSOPOS.exe
2010-12-22 04:39:18 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
2010-12-22 04:39:17 ----D---- C:\Program Files\Syncrosoft
2010-12-22 04:39:17 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
2010-12-22 04:39:17 ----A---- C:\WINDOWS\system32\drivers\NSynas32.sys
2010-12-22 01:54:48 ----A---- C:\WINDOWS\system32\PSP Nitro.dll
2010-12-22 01:10:02 ----A---- C:\WINDOWS\system32\PSP MixBass2.dll
2010-12-22 00:52:49 ----D---- C:\Program Files\VOB
2010-12-22 00:52:49 ----A---- C:\WINDOWS\system32\vobhw.dll
2010-12-22 00:52:49 ----A---- C:\WINDOWS\system32\IWUninstall.exe
2010-12-22 00:52:49 ----A---- C:\WINDOWS\system32\drivers\asapi.sys
2010-12-22 00:52:49 ----A---- C:\WINDOWS\system32\asapi.dll
2010-12-22 00:52:14 ----A---- C:\WINDOWS\IsUninst.exe
2010-12-22 00:36:41 ----D---- C:\Documents and Settings\Kaul\Data aplikací\iZotope
2010-12-22 00:32:05 ----D---- C:\Program Files\Common Files\VST3
2010-12-21 22:38:54 ----A---- C:\WINDOWS\system32\sqlite3.dll
2010-12-21 22:06:46 ----D---- C:\Program Files\VSTPlugins
2010-12-21 22:06:13 ----A---- C:\WINDOWS\system32\PSP VintageWarmer2.dll
2010-12-21 22:06:13 ----A---- C:\WINDOWS\system32\PSP MicroWarmer.dll
2010-12-21 22:06:12 ----A---- C:\WINDOWS\system32\PSP VintageWarmer.dll
2010-12-21 22:01:35 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Daichi
2010-12-21 21:53:14 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Xfer
2010-12-21 21:52:56 ----A---- C:\Minimaler_reg_Serial.txt
2010-12-21 21:52:28 ----A---- C:\debug.txt
2010-12-21 21:47:55 ----N---- C:\WINDOWS\system32\ReWire.dll
2010-12-21 21:47:55 ----A---- C:\WINDOWS\system32\REX Shared Library.dll
2010-12-21 20:49:49 ----D---- C:\Program Files\Common Files\Native Instruments
2010-12-21 20:13:32 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ableton
2010-12-21 20:13:31 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Ableton
2010-12-21 11:41:34 ----A---- C:\WINDOWS\system32\MRT.exe
2010-12-21 08:07:26 ----D---- C:\WINDOWS\ie8updates
2010-12-19 23:52:13 ----D---- C:\Documents and Settings\Kaul\Data aplikací\RigNRoll_usa_ws
2010-12-19 23:48:36 ----RA---- C:\WINDOWS\system32\tmp1F0.tmp
2010-12-19 23:48:36 ----RA---- C:\WINDOWS\system32\tmp1EF.tmp
2010-12-19 22:32:48 ----D---- C:\WINDOWS\WBEM
2010-12-19 22:31:04 ----HDC---- C:\WINDOWS\ie8
2010-12-19 10:33:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Windows Genuine Advantage
2010-12-17 20:45:07 ----D---- C:\Program Files\CCleaner
2010-12-17 19:57:52 ----SHD---- C:\RECYCLER
2010-12-17 19:57:07 ----A---- C:\WINDOWS\system32\wpa.bak
2010-12-17 18:53:46 ----A---- C:\Boot.bak
2010-12-17 18:53:40 ----RASHD---- C:\cmdcons
2010-12-17 18:01:18 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Malwarebytes
2010-12-17 18:01:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-12-17 18:01:00 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-12-17 16:58:12 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2010-12-17 16:58:11 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2010-12-17 16:58:10 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2010-12-17 16:58:09 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2010-12-17 16:58:08 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2010-12-17 16:58:06 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2010-12-17 16:58:06 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2010-12-17 16:58:06 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2010-12-17 16:57:51 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-12-17 16:57:43 ----D---- C:\Program Files\Alwil Software
2010-12-17 16:57:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Alwil Software
2010-12-17 12:54:56 ----A---- C:\WINDOWS\system32\drivers\AmdLLD.sys
2010-12-17 12:54:55 ----D---- C:\Program Files\AMD
2010-12-17 10:14:21 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Ubisoft
2010-12-17 10:14:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ubisoft
2010-12-17 09:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2010-12-17 09:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-12-17 09:01:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2010-12-17 09:01:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2010-12-17 09:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-12-17 09:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2010-12-17 09:01:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-12-17 09:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2010-12-17 09:01:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2296199$
2010-12-17 09:00:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2010-12-17 09:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-12-17 09:00:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2010-12-17 09:00:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-12-17 09:00:26 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2010-12-17 09:00:20 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2010-12-17 08:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2010-12-17 08:59:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-12-17 08:59:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2010-12-17 08:59:06 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-12-17 08:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2443685$
2010-12-17 08:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-12-17 08:57:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2010-12-17 08:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2010-12-17 08:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2010-12-17 08:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-12-17 08:53:44 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2010-12-17 08:53:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2436673$
2010-12-17 08:53:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-12-17 08:53:16 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2010-12-17 08:52:50 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-12-17 08:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2467659$
2010-12-17 08:52:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2416400$
2010-12-17 08:51:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-12-17 08:51:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-12-17 08:48:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2010-12-17 08:46:30 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-12-17 08:46:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2010-12-17 08:46:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2010-12-16 21:56:39 ----D---- C:\Program Files\Counter-Strike 1.6
2010-12-16 21:23:33 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Hamachi
2010-12-16 21:23:18 ----A---- C:\WINDOWS\system32\drivers\hamachi.sys
2010-12-16 21:23:17 ----D---- C:\Program Files\Hamachi
2010-12-16 21:06:57 ----D---- C:\Documents and Settings\Kaul\Data aplikací\Tunngle
2010-12-16 21:06:57 ----D---- C:\Documents and Settings\All Users\Data aplikací\Tunngle
2010-12-16 21:06:52 ----A---- C:\WINDOWS\system32\drivers\tap0901t.sys
2010-12-16 21:06:51 ----D---- C:\Program Files\Tunngle
2010-12-16 12:15:25 ----A---- C:\WINDOWS\system32\muweb.dll
2010-12-16 12:15:24 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2010-12-16 12:15:24 ----A---- C:\WINDOWS\system32\mucltui.dll

======List of files/folders modified in the last 1 months======

2011-01-15 09:48:36 ----RD---- C:\Program Files
2011-01-15 09:48:27 ----SD---- C:\WINDOWS\Tasks
2011-01-15 09:48:06 ----D---- C:\WINDOWS\Prefetch
2011-01-15 09:28:17 ----D---- C:\WINDOWS\Temp
2011-01-15 05:06:43 ----D---- C:\Program Files\Opera
2011-01-15 04:52:02 ----HD---- C:\Program Files\InstallShield Installation Information
2011-01-15 04:46:20 ----SD---- C:\Documents and Settings\Kaul\Data aplikací\Microsoft
2011-01-15 04:37:27 ----D---- C:\WINDOWS
2011-01-15 04:27:30 ----D---- C:\WINDOWS\Help
2011-01-15 04:26:46 ----D---- C:\WINDOWS\system32
2011-01-15 04:26:46 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-01-15 04:23:07 ----D---- C:\WINDOWS\system32\CatRoot2
2011-01-15 04:23:03 ----HD---- C:\WINDOWS\inf
2011-01-15 04:13:56 ----D---- C:\Documents and Settings\Kaul\Data aplikací\BitTorrent
2011-01-15 04:13:46 ----D---- C:\WINDOWS\Debug
2011-01-15 02:38:33 ----SHD---- C:\WINDOWS\Installer
2011-01-15 02:37:47 ----D---- C:\Program Files\Common Files
2011-01-15 01:31:58 ----D---- C:\WINDOWS\system32\drivers
2011-01-15 01:22:26 ----D---- C:\WINDOWS\WinSxS
2011-01-14 13:28:51 ----RASH---- C:\boot.ini
2011-01-14 13:28:51 ----A---- C:\WINDOWS\win.ini
2011-01-14 13:28:51 ----A---- C:\WINDOWS\system.ini
2011-01-13 10:08:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-01-12 20:18:41 ----HD---- C:\WINDOWS\$hf_mig$
2011-01-12 14:07:59 ----D---- C:\WINDOWS\system32\DirectX
2011-01-11 14:43:29 ----D---- C:\WINDOWS\system32\config
2011-01-11 13:37:28 ----RSD---- C:\WINDOWS\Fonts
2011-01-11 12:00:56 ----D---- C:\Program Files\Common Files\InstallShield
2011-01-03 16:06:39 ----RSD---- C:\WINDOWS\assembly
2011-01-03 15:32:44 ----D---- C:\WINDOWS\system32\CatRoot
2010-12-31 08:30:00 ----D---- C:\WINDOWS\Logs
2010-12-22 02:02:56 ----HD---- C:\Program Files\Uninstall Information
2010-12-21 08:08:02 ----D---- C:\Program Files\Internet Explorer
2010-12-19 22:35:22 ----D---- C:\WINDOWS\system32\cs-cz
2010-12-19 22:32:40 ----D---- C:\WINDOWS\Media
2010-12-19 15:31:44 ----D---- C:\WINDOWS\system32\Restore
2010-12-19 11:29:09 ----D---- C:\WINDOWS\Microsoft.NET
2010-12-17 20:47:13 ----SHD---- C:\System Volume Information
2010-12-17 19:51:14 ----D---- C:\WINDOWS\AppPatch
2010-12-17 19:09:23 ----D---- C:\WINDOWS\system32\drivers\etc
2010-12-17 08:51:27 ----D---- C:\Program Files\Movie Maker
2010-12-17 08:46:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-12-17 08:46:13 ----D---- C:\Program Files\Outlook Express

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-12-31 29264]
R1 Asapi;Asapi; C:\WINDOWS\system32\drivers\Asapi.sys [2002-04-17 11264]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-12-31 23632]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2010-12-31 357968]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-12-31 293968]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-12-31 47440]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-12-31 17744]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-12-31 100176]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2003-04-16 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2003-04-16 55936]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-12-01 3452928]
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-01-12 218176]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-12-16 25280]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-06-01 4424704]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2003-04-16 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-04-16 12032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-12-01 598016]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-12-31 40384]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-12-01 153376]
R2 SSHNAS;SSHNAS; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-02-13 685816]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-12-01 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

#6 Příspěvek od **cernohous13** » 15 led 2011 10:44

Není to hezké - přitvrdíme

Stáhni si ComboFix
a ulož ho na plochu.
návod na použití: http://www.bleepingcomputer.com/combofi ... t-combofix
Ukonči všechna aktivní okna,vypni Antispy a Antivir a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna a nic nespouštěj
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Kdyby ti po použití ComboFixu systém nenaběhl - při restartu F8 a poslední známá funkční konfigurace

Thermit8 · #7 Příspěvek od **Thermit8** » 15 led 2011 11:44

Byl nalezen výskyt rootkitu mi to napsalo...jinak zde je log

ComboFix 11-01-14.01 - Kaul 15.01.2011 11:25:19.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2928 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kaul\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\d3d10core.dll
c:\windows\system32\msvcsv60.dll
c:\windows\system32\sqlite3.dll
c:\windows\system32\sshnas21.dll
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SSHNAS
-------\Service_SSHNAS

((((((((((((((((((((((((( Soubory vytvořené od 2010-12-15 do 2011-01-15 )))))))))))))))))))))))))))))))
.

2011-01-15 08:48 . 2011-01-15 08:48 -------- d-----w- C:\rsit
2011-01-15 08:48 . 2011-01-15 08:48 -------- d-----w- c:\program files\trend micro
2011-01-15 03:53 . 2011-01-15 03:54 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Temp
2011-01-15 03:53 . 2011-01-15 03:55 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Google
2011-01-15 03:53 . 2011-01-15 03:53 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Deployment
2011-01-15 02:54 . 2011-01-15 02:53 220672 ----a-w- c:\windows\Bqytoa.exe
2011-01-15 02:18 . 2011-01-15 02:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Cakewalk
2011-01-15 02:15 . 2011-01-15 02:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IK Multimedia
2011-01-15 01:37 . 2011-01-15 01:37 -------- d-----w- c:\program files\Common Files\Intel
2011-01-15 00:54 . 2011-01-15 00:54 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2011-01-15 00:53 . 2011-01-15 00:53 69632 ----a-w- c:\windows\system32\FxShared.dll
2011-01-15 00:53 . 2011-01-15 00:53 69632 ----a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2011-01-15 00:53 . 2011-01-15 00:53 -------- d-----w- c:\program files\FXpansion
2011-01-15 00:53 . 2011-01-15 00:55 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\FXpansion
2011-01-15 00:22 . 2011-01-15 00:22 2892 ----a-w- c:\windows\system32\audcon.sys
2011-01-15 00:21 . 2011-01-15 01:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\eLicenser
2011-01-15 00:19 . 2011-01-15 00:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Syncrosoft
2011-01-14 13:18 . 2011-01-14 13:18 -------- d-----w- C:\Banks
2011-01-12 12:59 . 2011-01-12 12:59 -------- d-----w- c:\program files\Electronic Arts
2011-01-12 08:48 . 2011-01-12 08:48 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Command and Conquer 3 Kanes Wrath
2011-01-12 04:25 . 2011-01-12 04:43 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Command & Conquer 3 Tiberium Wars
2011-01-12 04:17 . 2011-01-12 04:17 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-12 04:17 . 2011-01-15 03:42 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\AskToolbar
2011-01-12 04:17 . 2011-01-12 04:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-12 04:16 . 2011-01-13 09:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-12 04:16 . 2011-01-12 04:18 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\DAEMON Tools Lite
2011-01-12 04:16 . 2011-01-12 04:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-11 12:34 . 2011-01-11 12:44 -------- d-----w- c:\program files\EA Games
2011-01-10 18:41 . 2011-01-15 04:02 -------- d-----w- c:\program files\Ask.com
2011-01-10 18:40 . 2011-01-10 18:42 -------- d-----w- c:\program files\The KMPlayer
2011-01-10 18:33 . 2011-01-10 18:34 -------- d-----w- c:\program files\GRETECH
2011-01-07 22:06 . 2011-01-09 11:01 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\.minecraft
2011-01-07 14:57 . 2011-01-07 14:57 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Identities
2011-01-06 09:55 . 2011-01-06 10:14 -------- d-----w- c:\program files\Assassin's Creed II
2011-01-04 16:15 . 2011-01-04 16:15 -------- d-----w- c:\program files\Q3E Minimizer v1.51
2011-01-04 11:39 . 2008-04-13 23:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2011-01-04 10:37 . 2011-01-04 10:37 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\OLYMPUS
2011-01-04 10:36 . 2011-01-04 10:36 -------- d-----w- c:\program files\OLYMPUS
2011-01-04 10:36 . 2011-01-04 10:36 -------- d-----w- c:\program files\MSXML 4.0
2011-01-03 15:10 . 2011-01-03 15:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2011-01-03 15:06 . 2011-01-03 15:11 -------- d-----w- c:\program files\ATI
2011-01-03 15:04 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-01-03 15:04 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-01-03 15:04 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-01-03 15:04 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-01-03 15:04 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-01-03 15:04 . 2011-01-03 15:04 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-01-03 15:04 . 2011-01-03 15:04 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-01-03 15:04 . 2008-12-01 13:35 593920 ------w- c:\windows\system32\ati2sgag.exe
2011-01-03 15:03 . 2011-01-03 15:06 -------- d-----w- c:\program files\ATI Technologies
2011-01-03 15:02 . 2011-01-03 15:02 -------- d-----w- C:\ATI
2011-01-02 23:03 . 2011-01-05 19:03 -------- d-----w- c:\program files\GamePark
2011-01-02 22:36 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
2011-01-02 22:35 . 2011-01-02 22:35 -------- d-----w- c:\program files\Mplayer
2011-01-02 22:34 . 2011-01-05 19:19 -------- d-----w- c:\program files\Quake III Arena
2011-01-02 20:43 . 2011-01-02 20:43 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Unity
2011-01-02 18:18 . 2011-01-02 18:18 -------- d-----w- c:\program files\Flash Game Downloader
2011-01-02 18:13 . 2011-01-02 18:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\ProgSense
2011-01-02 18:13 . 2011-01-03 18:40 -------- d-----w- C:\downloads
2011-01-02 18:13 . 2011-01-02 18:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\GrabPro
2011-01-02 18:13 . 2011-01-03 18:40 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Orbit
2011-01-02 16:58 . 2011-01-02 16:58 -------- d-----w- c:\program files\Bytescout XLS Viewer
2011-01-02 11:32 . 2011-01-15 00:22 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-01 23:13 . 2011-01-01 23:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Plogue Art et Technologie, Inc
2011-01-01 23:10 . 2011-01-01 23:10 -------- d-----w- c:\program files\Plogue
2011-01-01 22:57 . 2011-01-01 23:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Plogue
2011-01-01 22:57 . 2011-01-01 22:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Plogue
2010-12-31 05:29 . 2010-12-31 05:29 -------- d-----w- c:\program files\ASIO4ALL v2
2010-12-29 13:27 . 2010-12-29 13:27 -------- d-----w- c:\program files\VirtualDJ
2010-12-26 21:32 . 2010-12-29 22:18 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\vlc
2010-12-26 21:31 . 2010-12-26 21:31 -------- d-----w- c:\program files\VideoLAN
2010-12-26 07:43 . 2010-12-31 03:59 -------- d-----w- c:\program files\Image-Line
2010-12-26 06:06 . 2010-12-26 06:06 6051840 ----a-w- c:\windows\system32\PSP oldTimer.dll
2010-12-24 23:41 . 2010-12-26 09:26 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\program files\Common Files\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\program files\KORG
2010-12-24 13:43 . 2010-12-24 13:43 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Mozilla
2010-12-22 04:07 . 2010-12-22 04:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Pinnacle
2010-12-22 03:40 . 2010-12-22 03:40 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Antares
2010-12-22 03:40 . 2010-12-22 03:40 -------- d-----w- c:\program files\Antares Audio Technologies
2010-12-22 03:39 . 2005-05-09 19:08 33792 ----a-w- c:\windows\system32\drivers\cledx.sys
2010-12-22 03:39 . 2009-05-19 14:21 86016 ----a-w- c:\windows\system32\SYNSOPOS.exe
2010-12-22 03:39 . 2004-05-10 23:58 147456 ----a-w- c:\windows\system32\SynsoLChk.dll
2010-12-22 03:39 . 2011-01-15 01:43 -------- d-----w- c:\program files\Syncrosoft
2010-12-22 03:39 . 2009-09-17 15:20 1261568 ----a-w- c:\windows\system32\SYNSOACC.dll
2010-12-22 03:39 . 2001-04-09 13:03 17784 ----a-w- c:\windows\system32\drivers\NSynas32.sys
2010-12-22 01:02 . 2010-12-22 01:07 691551 ----a-w- c:\program files\Uninstall Information\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}\unins000.exe
2010-12-22 01:00 . 2010-12-22 01:00 691551 ----a-w- c:\program files\Uninstall Information\{ABAF1232-6213-4062-9D52-04E04A730CEA}\unins000.exe
2010-12-22 00:54 . 2010-12-22 00:54 3191296 ----a-w- c:\windows\system32\PSP Nitro.dll
2010-12-22 00:10 . 2010-12-22 00:10 4332032 ----a-w- c:\windows\system32\PSP MixBass2.dll
2010-12-21 23:52 . 2010-12-21 23:52 -------- d-----w- c:\program files\VOB
2010-12-21 23:52 . 2002-09-26 16:34 153088 ----a-w- c:\windows\system32\IWUninstall.exe
2010-12-21 23:52 . 2002-08-28 10:09 611840 ----a-w- c:\windows\system32\vobhw.dll
2010-12-21 23:52 . 2002-04-17 19:27 11264 ----a-w- c:\windows\system32\drivers\asapi.sys
2010-12-21 23:52 . 2000-04-27 11:31 19456 ----a-w- c:\windows\system32\asapi.dll
2010-12-21 23:52 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-12-21 23:49 . 2010-12-21 23:49 -------- d-----w- c:\documents and settings\Kaul\WINDOWS
2010-12-21 23:36 . 2010-12-21 23:36 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\iZotope
2010-12-21 23:32 . 2010-12-21 23:32 -------- d-----w- c:\program files\Common Files\VST3
2010-12-21 21:06 . 2010-12-21 21:06 -------- d-----w- c:\program files\VSTPlugins
2010-12-21 21:06 . 2010-12-21 21:06 6618624 ----a-w- c:\windows\system32\PSP VintageWarmer2.dll
2010-12-21 21:06 . 2010-12-21 21:06 6580224 ----a-w- c:\windows\system32\PSP MicroWarmer.dll
2010-12-21 21:06 . 2010-12-21 21:06 6611456 ----a-w- c:\windows\system32\PSP VintageWarmer.dll
2010-12-21 21:01 . 2010-12-21 21:01 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Daichi
2010-12-21 20:53 . 2010-12-21 20:53 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Xfer
2010-12-21 20:47 . 2011-01-15 00:53 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-12-21 20:47 . 2009-09-08 21:01 368640 ------w- c:\windows\system32\ReWire.dll
2010-12-21 19:49 . 2010-12-22 06:01 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-12-21 19:13 . 2010-12-21 19:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ableton
2010-12-21 19:13 . 2010-12-21 20:50 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Ableton
2010-12-20 09:36 . 2010-11-06 00:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-20 09:36 . 2010-11-06 00:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-20 09:36 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-20 09:36 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-20 09:36 . 2010-11-06 00:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-20 09:36 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-20 09:36 . 2010-11-06 00:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-19 22:52 . 2010-12-19 22:52 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\RigNRoll_usa_ws
2010-12-19 22:48 . 2008-02-29 01:50 782336 ----a-r- c:\windows\system32\tmp1F0.tmp
2010-12-19 22:48 . 2008-02-29 01:50 782336 ----a-r- c:\windows\system32\tmp1EF.tmp
2010-12-19 21:39 . 2010-12-19 21:39 -------- d-sh--w- c:\documents and settings\Kaul\PrivacIE
2010-12-19 21:35 . 2010-12-19 21:35 -------- d-sh--w- c:\documents and settings\Kaul\IETldCache
2010-12-19 21:31 . 2010-12-19 21:33 -------- dc-h--w- c:\windows\ie8
2010-12-17 19:45 . 2010-12-17 19:45 -------- d-----w- c:\program files\CCleaner

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-06 14:06 . 2010-12-06 14:06 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-06 14:06 . 2010-12-06 14:06 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-03 11:00 . 2010-12-03 11:00 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-12-03 11:00 . 2010-12-03 11:00 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-12-03 10:37 . 2010-12-03 10:37 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-12-02 12:30 . 2010-12-02 12:30 96874 ----a-w- c:\documents and settings\Kaul\Data aplikací\Uninstal.exe
2010-12-01 15:49 . 2010-12-01 15:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-01 15:49 . 2010-12-01 15:49 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-01 13:55 . 2010-12-01 13:55 315392 ----a-w- c:\windows\HideWin.exe
2010-11-18 18:15 . 2010-12-01 13:32 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2003-04-16 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2003-04-16 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-01 17:12 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2003-04-16 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-16 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2003-04-16 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-13 08:47 120712 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]
"Google Update"="c:\documents and settings\Kaul\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2011-01-15 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-04-17 54576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 07:52 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-05 09:09 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Dirt 2game\\dirt2_game.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_pro.exe"=
"c:\\Program Files\\Quake III Arena\\quake3.exe"=
"c:\\Program Files\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\generals.exe"=
"c:\\Program Files\\EA Games\\Command and Conquer Generals\\generals.exe"=
"c:\\Program Files\\EA Games\\Command and Conquer Generals\\WorldBuilder.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\WorldBuilder.exe"=
"d:\\Image-Line\\FL Studio 9\\FL.exe"=

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [22.12.2010 0:52 11264]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.12.2010 16:58 357968]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.12.2010 16:58 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.12.2010 16:58 17744]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [16.12.2010 21:06 685816]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [22.12.2010 4:39 33792]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.1.2011 5:17 218176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-15 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster\GameBox.exe [2010-12-17 18:08]

2011-01-15 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-09-28 21:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
TCP: {BB9FD199-B423-42A3-9F79-32051D771B0F} = 8.8.4.4,8.8.8.8
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-15 11:36
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1275210071-562591055-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:52,1e,2d,6e,db,66,89,c1,16,c8,8c,03,94,e9,b1,42,19,d3,ab,81,e3,f1,07,
97,9a,8c,99,28,2f,fa,35,43,62,61,0d,ca,db,1e,88,8d,fc,57,92,b1,07,84,6b,96,\
"??"=hex:0a,ad,90,f0,65,3c,48,de,9a,dd,e5,c4,ed,13,f0,dd

[HKEY_USERS\S-1-5-21-1275210071-562591055-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:05,64,79,3b,0a,d0,5a,d8,e5,f0,ef,86,0c,ce,51,e0,f7,6c,ce,22,65,
ea,d1,52,5f,cc,3c,32,cd,3c,d4,e6,df,68,8e,dc,01,7d,a8,c8,8d,da,af,dd,ec,82,\
"rkeysecu"=hex:aa,8d,e3,8f,71,49,b7,39,3d,c5,e4,0e,ea,7b,cd,75

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2396)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-01-15 11:41:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-15 10:41

Před spuštěním: 6 740 660 224
Po spuštění: 6 660 472 832

- - End Of File - - 04130F03F8F98ABC7786551B1FBB5566

#8 Příspěvek od **cernohous13** » 15 led 2011 14:39

Otevři Poznámkový blok (Notepad) a zkopíruj celý zelený text z "CFscriptu".
Soubor ulož na plochu jako CFscript.txt a jeho ikonu přetáhni myší nad ikonu ComboFixu - tam pusť.

ComboFix se spustí - počkej na log a vlož ho sem.

CFscript

Kód: Vybrat vše

KillAll::

File::
c:\windows\unvise32.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003UA.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\WINDOWS\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\WINDOWS\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job

Collect::
c:\windows\Bqytoa.exe

Registry::
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{BB9FD199-B423-42A3-9F79-32051D771B0F}]
"nameserver"=""

Nastala nějaká změna?

Thermit8 · #9 Příspěvek od **Thermit8** » 15 led 2011 17:57

Ano pomohlo to,všechny prohlížeče fungují,určitě to zapříčinila aplikace c:\windows\Bqytoa.exe která byla ukázána v procesech a měla využití paměti až okolo 130 000 Kb,rozhodně díky

#10 Příspěvek od **cernohous13** » 15 led 2011 18:17

Mohl bys mi pro kontrolu dát poslední log ComboFixu?

Thermit8 · #11 Příspěvek od **Thermit8** » 15 led 2011 18:25

ComboFix 11-01-14.01 - Kaul 15.01.2011 17:37:56.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2943 [GMT 1:00]
Spuštěný z: c:\documents and settings\Kaul\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Kaul\Plocha\CFscript.txt.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job"
"c:\windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1275210071-562591055-839522115-1003UA.job"
"c:\windows\tasks\Scheduled Update for Ask Toolbar.job"
"c:\windows\unvise32.exe"

file zipped: c:\windows\Bqytoa.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Bqytoa.exe
c:\windows\tasks\Scheduled Update for Ask Toolbar.job
c:\windows\unvise32.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-12-15 do 2011-01-15 )))))))))))))))))))))))))))))))
.

2011-01-15 12:31 . 2011-01-15 12:31 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Cytomic
2011-01-15 08:48 . 2011-01-15 08:48 -------- d-----w- C:\rsit
2011-01-15 08:48 . 2011-01-15 08:48 -------- d-----w- c:\program files\trend micro
2011-01-15 03:53 . 2011-01-15 03:54 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Temp
2011-01-15 03:53 . 2011-01-15 03:55 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Google
2011-01-15 03:53 . 2011-01-15 03:53 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Deployment
2011-01-15 02:18 . 2011-01-15 02:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Cakewalk
2011-01-15 02:15 . 2011-01-15 02:15 -------- d-----w- c:\documents and settings\All Users\Data aplikací\IK Multimedia
2011-01-15 01:37 . 2011-01-15 01:37 -------- d-----w- c:\program files\Common Files\Intel
2011-01-15 00:54 . 2011-01-15 00:54 -------- d-----w- c:\documents and settings\All Users\Nabdka Start
2011-01-15 00:53 . 2011-01-15 00:53 69632 ----a-w- c:\windows\system32\FxShared.dll
2011-01-15 00:53 . 2011-01-15 00:53 69632 ----a-w- c:\windows\system32\com.fxpansion.fxshared.dll
2011-01-15 00:53 . 2011-01-15 00:53 -------- d-----w- c:\program files\FXpansion
2011-01-15 00:53 . 2011-01-15 00:55 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\FXpansion
2011-01-15 00:22 . 2011-01-15 00:22 2892 ----a-w- c:\windows\system32\audcon.sys
2011-01-15 00:21 . 2011-01-15 01:43 -------- d-----w- c:\documents and settings\All Users\Data aplikací\eLicenser
2011-01-15 00:19 . 2011-01-15 00:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Syncrosoft
2011-01-14 13:18 . 2011-01-14 13:18 -------- d-----w- C:\Banks
2011-01-12 12:59 . 2011-01-12 12:59 -------- d-----w- c:\program files\Electronic Arts
2011-01-12 08:48 . 2011-01-12 08:48 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Command and Conquer 3 Kanes Wrath
2011-01-12 04:25 . 2011-01-12 04:43 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Command & Conquer 3 Tiberium Wars
2011-01-12 04:17 . 2011-01-12 04:17 218176 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-01-12 04:17 . 2011-01-15 03:42 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\AskToolbar
2011-01-12 04:17 . 2011-01-12 04:17 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-01-12 04:16 . 2011-01-13 09:05 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-01-12 04:16 . 2011-01-12 04:18 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\DAEMON Tools Lite
2011-01-12 04:16 . 2011-01-12 04:16 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2011-01-11 12:34 . 2011-01-11 12:44 -------- d-----w- c:\program files\EA Games
2011-01-10 18:41 . 2011-01-15 04:02 -------- d-----w- c:\program files\Ask.com
2011-01-10 18:40 . 2011-01-10 18:42 -------- d-----w- c:\program files\The KMPlayer
2011-01-10 18:33 . 2011-01-10 18:34 -------- d-----w- c:\program files\GRETECH
2011-01-07 22:06 . 2011-01-09 11:01 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\.minecraft
2011-01-07 14:57 . 2011-01-07 14:57 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Identities
2011-01-06 09:55 . 2011-01-06 10:14 -------- d-----w- c:\program files\Assassin's Creed II
2011-01-04 16:15 . 2011-01-04 16:15 -------- d-----w- c:\program files\Q3E Minimizer v1.51
2011-01-04 11:39 . 2008-04-13 23:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2011-01-04 10:37 . 2011-01-04 10:37 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\OLYMPUS
2011-01-04 10:36 . 2011-01-04 10:36 -------- d-----w- c:\program files\OLYMPUS
2011-01-04 10:36 . 2011-01-04 10:36 -------- d-----w- c:\program files\MSXML 4.0
2011-01-03 15:10 . 2011-01-03 15:10 -------- d-----w- c:\documents and settings\All Users\Data aplikací\ATI
2011-01-03 15:06 . 2011-01-03 15:11 -------- d-----w- c:\program files\ATI
2011-01-03 15:04 . 2003-11-10 17:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2011-01-03 15:04 . 2003-11-10 17:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2011-01-03 15:04 . 2003-11-10 17:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2011-01-03 15:04 . 2003-11-10 17:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2011-01-03 15:04 . 2003-11-10 17:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2011-01-03 15:04 . 2011-01-03 15:04 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2011-01-03 15:04 . 2011-01-03 15:04 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2011-01-03 15:04 . 2008-12-01 13:35 593920 ------w- c:\windows\system32\ati2sgag.exe
2011-01-03 15:03 . 2011-01-03 15:06 -------- d-----w- c:\program files\ATI Technologies
2011-01-03 15:02 . 2011-01-03 15:02 -------- d-----w- C:\ATI
2011-01-02 23:03 . 2011-01-05 19:03 -------- d-----w- c:\program files\GamePark
2011-01-02 22:35 . 2011-01-02 22:35 -------- d-----w- c:\program files\Mplayer
2011-01-02 22:34 . 2011-01-05 19:19 -------- d-----w- c:\program files\Quake III Arena
2011-01-02 20:43 . 2011-01-02 20:43 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Unity
2011-01-02 18:18 . 2011-01-02 18:18 -------- d-----w- c:\program files\Flash Game Downloader
2011-01-02 18:13 . 2011-01-02 18:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\ProgSense
2011-01-02 18:13 . 2011-01-03 18:40 -------- d-----w- C:\downloads
2011-01-02 18:13 . 2011-01-02 18:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\GrabPro
2011-01-02 18:13 . 2011-01-03 18:40 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Orbit
2011-01-02 16:58 . 2011-01-02 16:58 -------- d-----w- c:\program files\Bytescout XLS Viewer
2011-01-02 11:32 . 2011-01-15 00:22 -------- dc----w- c:\windows\system32\DRVSTORE
2011-01-01 23:13 . 2011-01-01 23:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Plogue Art et Technologie, Inc
2011-01-01 23:10 . 2011-01-01 23:10 -------- d-----w- c:\program files\Plogue
2011-01-01 22:57 . 2011-01-01 23:13 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Plogue
2011-01-01 22:57 . 2011-01-01 22:57 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Plogue
2010-12-31 05:29 . 2010-12-31 05:29 -------- d-----w- c:\program files\ASIO4ALL v2
2010-12-29 13:27 . 2010-12-29 13:27 -------- d-----w- c:\program files\VirtualDJ
2010-12-26 21:32 . 2010-12-29 22:18 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\vlc
2010-12-26 21:31 . 2010-12-26 21:31 -------- d-----w- c:\program files\VideoLAN
2010-12-26 07:43 . 2010-12-31 03:59 -------- d-----w- c:\program files\Image-Line
2010-12-26 06:06 . 2010-12-26 06:06 6051840 ----a-w- c:\windows\system32\PSP oldTimer.dll
2010-12-24 23:41 . 2010-12-26 09:26 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\program files\Common Files\KORG
2010-12-24 23:34 . 2010-12-24 23:34 -------- d-----w- c:\program files\KORG
2010-12-24 13:43 . 2010-12-24 13:43 -------- d-----w- c:\documents and settings\Kaul\Local Settings\Data aplikací\Mozilla
2010-12-22 04:07 . 2010-12-22 04:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Pinnacle
2010-12-22 03:40 . 2010-12-22 03:40 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Antares
2010-12-22 03:40 . 2010-12-22 03:40 -------- d-----w- c:\program files\Antares Audio Technologies
2010-12-22 03:39 . 2005-05-09 19:08 33792 ----a-w- c:\windows\system32\drivers\cledx.sys
2010-12-22 03:39 . 2009-05-19 14:21 86016 ----a-w- c:\windows\system32\SYNSOPOS.exe
2010-12-22 03:39 . 2004-05-10 23:58 147456 ----a-w- c:\windows\system32\SynsoLChk.dll
2010-12-22 03:39 . 2011-01-15 01:43 -------- d-----w- c:\program files\Syncrosoft
2010-12-22 03:39 . 2009-09-17 15:20 1261568 ----a-w- c:\windows\system32\SYNSOACC.dll
2010-12-22 03:39 . 2001-04-09 13:03 17784 ----a-w- c:\windows\system32\drivers\NSynas32.sys
2010-12-22 01:02 . 2010-12-22 01:07 691551 ----a-w- c:\program files\Uninstall Information\{842C6AFC-7856-4fd9-99AF-8900554ACAA2}\unins000.exe
2010-12-22 01:00 . 2010-12-22 01:00 691551 ----a-w- c:\program files\Uninstall Information\{ABAF1232-6213-4062-9D52-04E04A730CEA}\unins000.exe
2010-12-22 00:54 . 2010-12-22 00:54 3191296 ----a-w- c:\windows\system32\PSP Nitro.dll
2010-12-22 00:10 . 2010-12-22 00:10 4332032 ----a-w- c:\windows\system32\PSP MixBass2.dll
2010-12-21 23:52 . 2010-12-21 23:52 -------- d-----w- c:\program files\VOB
2010-12-21 23:52 . 2002-09-26 16:34 153088 ----a-w- c:\windows\system32\IWUninstall.exe
2010-12-21 23:52 . 2002-08-28 10:09 611840 ----a-w- c:\windows\system32\vobhw.dll
2010-12-21 23:52 . 2002-04-17 19:27 11264 ----a-w- c:\windows\system32\drivers\asapi.sys
2010-12-21 23:52 . 2000-04-27 11:31 19456 ----a-w- c:\windows\system32\asapi.dll
2010-12-21 23:52 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-12-21 23:49 . 2010-12-21 23:49 -------- d-----w- c:\documents and settings\Kaul\WINDOWS
2010-12-21 23:36 . 2010-12-21 23:36 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\iZotope
2010-12-21 23:32 . 2010-12-21 23:32 -------- d-----w- c:\program files\Common Files\VST3
2010-12-21 21:06 . 2010-12-21 21:06 -------- d-----w- c:\program files\VSTPlugins
2010-12-21 21:06 . 2010-12-21 21:06 6618624 ----a-w- c:\windows\system32\PSP VintageWarmer2.dll
2010-12-21 21:06 . 2010-12-21 21:06 6580224 ----a-w- c:\windows\system32\PSP MicroWarmer.dll
2010-12-21 21:06 . 2010-12-21 21:06 6611456 ----a-w- c:\windows\system32\PSP VintageWarmer.dll
2010-12-21 21:01 . 2010-12-21 21:01 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Daichi
2010-12-21 20:53 . 2010-12-21 20:53 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Xfer
2010-12-21 20:47 . 2011-01-15 00:53 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2010-12-21 20:47 . 2009-09-08 21:01 368640 ------w- c:\windows\system32\ReWire.dll
2010-12-21 19:49 . 2010-12-22 06:01 -------- d-----w- c:\program files\Common Files\Native Instruments
2010-12-21 19:13 . 2010-12-21 19:13 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ableton
2010-12-21 19:13 . 2010-12-21 20:50 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\Ableton
2010-12-20 09:36 . 2010-11-06 00:23 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-12-20 09:36 . 2010-11-06 00:23 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-12-20 09:36 . 2010-11-06 00:23 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-12-20 09:36 . 2010-11-06 00:23 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-12-20 09:36 . 2010-11-06 00:23 1991680 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-12-20 09:36 . 2010-11-06 00:23 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-12-20 09:36 . 2010-11-06 00:23 11080704 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-12-19 22:52 . 2010-12-19 22:52 -------- d-----w- c:\documents and settings\Kaul\Data aplikací\RigNRoll_usa_ws
2010-12-19 22:48 . 2008-02-29 01:50 782336 ----a-r- c:\windows\system32\tmp1F0.tmp
2010-12-19 22:48 . 2008-02-29 01:50 782336 ----a-r- c:\windows\system32\tmp1EF.tmp
2010-12-19 21:39 . 2010-12-19 21:39 -------- d-sh--w- c:\documents and settings\Kaul\PrivacIE
2010-12-19 21:35 . 2010-12-19 21:35 -------- d-sh--w- c:\documents and settings\Kaul\IETldCache
2010-12-19 21:31 . 2010-12-19 21:33 -------- dc-h--w- c:\windows\ie8
2010-12-17 19:45 . 2010-12-17 19:45 -------- d-----w- c:\program files\CCleaner
2010-12-17 18:17 . 2010-12-31 20:06 38848 ----a-w- c:\windows\avastSS.scr

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-06 14:06 . 2010-12-06 14:06 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-12-06 14:06 . 2010-12-06 14:06 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-12-03 11:00 . 2010-12-03 11:00 348160 ----a-w- c:\windows\system32\Msvcr71.dll
2010-12-03 11:00 . 2010-12-03 11:00 1060864 ----a-w- c:\windows\system32\mfc71.dll
2010-12-03 10:37 . 2010-12-03 10:37 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-12-02 12:30 . 2010-12-02 12:30 96874 ----a-w- c:\documents and settings\Kaul\Data aplikací\Uninstal.exe
2010-12-01 15:49 . 2010-12-01 15:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-12-01 15:49 . 2010-12-01 15:49 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-12-01 13:55 . 2010-12-01 13:55 315392 ----a-w- c:\windows\HideWin.exe
2010-11-18 18:15 . 2010-12-01 13:32 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2003-04-16 12:00 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-06 00:23 . 2003-04-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-11-06 00:23 . 2003-04-16 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:23 . 2003-04-16 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-01 17:12 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2003-04-16 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:09 . 2003-04-16 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:58 . 2003-04-16 12:00 1853312 ----a-w- c:\windows\system32\win32k.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-01-13 08:47 120712 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]
"Google Update"="c:\documents and settings\Kaul\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2011-01-15 136176]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-05-28 16132608]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-04-17 54576]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 07:52 15360 ----a-w- c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-01-05 09:09 1305408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 07:52 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2010-04-12 08:40 180224 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Dirt 2game\\dirt2_game.exe"=
"c:\\Program Files\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_pro.exe"=
"c:\\Program Files\\Quake III Arena\\quake3.exe"=
"c:\\Program Files\\Assassin's Creed II\\AssassinsCreedIIGame.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\generals.exe"=
"c:\\Program Files\\EA Games\\Command and Conquer Generals\\generals.exe"=
"c:\\Program Files\\EA Games\\Command and Conquer Generals\\WorldBuilder.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\WorldBuilder.exe"=
"d:\\Image-Line\\FL Studio 9\\FL.exe"=

R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [22.12.2010 0:52 11264]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [17.12.2010 16:58 357968]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [17.12.2010 16:58 294608]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [17.12.2010 16:58 17744]
R2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [16.12.2010 21:06 685816]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [22.12.2010 4:39 33792]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.1.2011 5:17 218176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
Obsah adresáře 'Naplánované úlohy'

2011-01-15 c:\windows\Tasks\Game_Booster_Startup.job
- c:\program files\IObit\Game Booster\GameBox.exe [2010-12-17 18:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.msn.com
mStart Page = hxxp://www.msn.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Quake III Arena Point Release 1.32 - c:\windows\unvise32.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-01-15 17:48
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-1275210071-562591055-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:52,1e,2d,6e,db,66,89,c1,16,c8,8c,03,94,e9,b1,42,19,d3,ab,81,e3,f1,07,
97,9a,8c,99,28,2f,fa,35,43,62,61,0d,ca,db,1e,88,8d,fc,57,92,b1,07,84,6b,96,\
"??"=hex:0a,ad,90,f0,65,3c,48,de,9a,dd,e5,c4,ed,13,f0,dd

[HKEY_USERS\S-1-5-21-1275210071-562591055-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:05,64,79,3b,0a,d0,5a,d8,e5,f0,ef,86,0c,ce,51,e0,f7,6c,ce,22,65,
ea,d1,52,5f,cc,3c,32,cd,3c,d4,e6,df,68,8e,dc,01,7d,a8,c8,8d,da,af,dd,ec,82,\
"rkeysecu"=hex:aa,8d,e3,8f,71,49,b7,39,3d,c5,e4,0e,ea,7b,cd,75

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(808)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(2800)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
.
**************************************************************************
.
Celkový čas: 2011-01-15 17:52:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-01-15 16:52
ComboFix2.txt 2011-01-15 10:41

Před spuštěním: 6 594 813 952
Po spuštění: 6 587 273 216

- - End Of File - - A844B1BDC0670799AEA3F8B22481EE5C

#12 Příspěvek od **cernohous13** » 15 led 2011 18:32

zdá se, že máš čisto
a jestli už nenacházíš nic podivného, tak po sobě uklidím

ComboFix odinstalujeme
jdi Start -> Spustit... a zkopíruj ComboFix /Uninstall (pozor, za x je mezera) -> OK

Stáhni TempFolderCleaner http://oldtimer.geekstogo.com/TFC.exe
Zavři všechny programy a spusť. Po ukončení akce bude PC restartován.
Pokud ne, restartuj sám.
(čistí Temp složky , nečistí URL, historii, prefetch ani cookies)

stáhni program OTC tady: http://oldtimer.geekstogo.com/OTC.exe - spusť ho -> "CleanUp" (smaže dříve použité čističe)

Mohu doporučit kontrolu a vyčištění Ccleanerem

Stáhni Ccleaner - http://www.slunecnice.cz/sw/ccleaner/
Při instalaci vyhodit fajfku u "Instalovat Yahoo! Toolbar"

zavřít Internetový prohlížeč a
spustit "Čistič" > "Spustit Ccleaner" - odstraní nepotřebné
spustit "Registry" > "Hledej problémy" > "Opravit vybrané problémy"
souhlas se zálohou registrů - opakovat dokud nebudou registry čisté.
spustit "Nástroje" > "Start" - tady můžeš zkusit deaktivovat procesy, které při spuštění nepotřebuješ (pokud by ti potom něco nechodilo, stejným způsobem je povolíš)

Návod:http://jnp.zive.cz/Clanky/Prirucka-do-k ... fault.aspx

Ten si můžeš nechat i na budoucí občasné čištění.

Nakonec mi dej současný RSIT log

Po vyčištění by se hodila defragmentace
doporučuji http://www.slunecnice.cz/sw/defraggler/ + čeština

Thermit8 · #13 Příspěvek od **Thermit8** » 15 led 2011 22:12

zítra ti to sem hodim,dneska už sem moc unavenej

VIRY.CZ

Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče

Re: Prosím o kontrolu logu,v pc mám vir,nejdou prohlížeče