pro vyosek

Zpráva

pavlafree · #1 Příspěvek od **pavlafree** » 25 dub 2011 19:34

Ahoj, taky jsem před chvílí chytla tuhle "Best Malware Protection" havěť. Postupovala jsem podle vašich předchozích rad - použila jsem RKill log z RSIT je níže. PROSÍM nějakého odborníka o zkontrolování logu, já si s tím nevím rady.

RSIT - log.txt:

Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2011-04-25 20:09:10
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 27 GB (45%) free of 60 GB
Total RAM: 2047 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:09:37, on 25.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 6926 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-15 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"avast5"=C:\Program Files\Avast5\avastUI.exe [2011-01-13 3396624]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-06-25 33753712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]
"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"DXDllRegExe"=C:\WINDOWS\system32\dxdllreg.exe [2002-12-12 46592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-12-03 14944136]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2011-01-28 1239040]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\games\Gumboy Tournament\GumboyTournament.exe"="D:\games\Gumboy Tournament\GumboyTournament.exe:*:Enabled:GumboyTournament"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-04-25 20:09:10 ----D---- C:\rsit
2011-04-25 20:09:10 ----D---- C:\Program Files\trend micro
2011-04-25 20:01:18 ----D---- C:\WINDOWS\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-04-25 20:01:11 ----D---- C:\WINDOWS\LastGood.Tmp
2011-04-25 19:59:45 ----SHD---- C:\WINDOWS\CSC
2011-04-25 19:59:40 ----A---- C:\WINDOWS\ntbtlog.txt
2011-04-24 23:12:59 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-04-24 22:13:58 ----D---- C:\Program Files\Trine
2011-04-24 21:50:22 ----D---- C:\Program Files\De Blob
2011-04-24 21:40:17 ----D---- C:\Documents and Settings\admin\Data aplikací\Crayon Physics Deluxe
2011-04-24 21:39:11 ----D---- C:\Program Files\Crayon Physics Deluxe
2011-04-24 21:34:25 ----D---- C:\Program Files\Armadillo Run
2011-04-24 21:12:37 ----D---- C:\Program Files\World of Goo
2011-04-24 21:12:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\2DBoy
2011-04-24 21:08:21 ----D---- C:\Program Files\OpenAL
2011-04-24 21:08:21 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-04-24 21:08:21 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-04-24 21:08:10 ----D---- C:\Program Files\And Yet It Moves
2011-04-24 20:05:52 ----D---- C:\Documents and Settings\admin\Data aplikací\Broken Rules
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-04-24 19:27:00 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-04-24 19:25:39 ----HD---- C:\WINDOWS\msdownld.tmp
2011-04-22 11:52:25 ----D---- C:\Documents and Settings\admin\Data aplikací\Braid
2011-04-22 11:51:38 ----D---- C:\Program Files\Braid
2011-04-21 22:49:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Trymedia
2011-04-16 22:08:08 ----A---- C:\WINDOWS\BlendSettings.ini
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-04-16 14:34:42 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-04-16 14:34:42 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-04-16 14:34:41 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-04-16 14:34:40 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-04-16 14:34:40 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-04-16 14:34:39 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-04-16 14:34:39 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-04-16 14:34:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-04-16 14:34:27 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-04-16 14:34:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-04-16 14:34:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-04-16 14:34:25 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-04-16 14:34:25 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-04-16 14:30:59 ----D---- C:\Program Files\GooseGogs-Game
2011-04-14 21:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-14 21:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-14 21:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-14 21:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-14 21:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-14 21:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-14 21:49:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-14 21:49:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-04-14 21:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-14 21:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-14 21:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-14 21:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-14 18:35:40 ----D---- C:\Program Files\DtsFilter
2011-04-12 18:39:41 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-12 18:37:29 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2011-04-12 18:37:29 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2011-04-12 18:37:20 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2011-04-12 18:37:20 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagX7.dll
2011-04-12 18:37:19 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2011-04-12 18:37:18 ----D---- C:\Program Files\Common Files\Ahead
2011-04-12 18:37:18 ----D---- C:\Program Files\Ahead
2011-04-09 23:31:03 ----D---- C:\Documents and Settings\admin\Data aplikací\fretsonfire
2011-04-09 11:57:09 ----D---- C:\Documents and Settings\admin\Data aplikací\USBSafelyRemove
2011-04-09 11:56:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\USBSRService
2011-04-09 11:56:26 ----D---- C:\Program Files\USB Safely Remove
2011-04-09 09:31:39 ----D---- C:\The Pacific 2010
2011-04-06 16:44:59 ----D---- C:\Documents and Settings\admin\Data aplikací\f2fIntermediate
2011-04-06 16:44:58 ----SHD---- C:\WINDOWS\ftpcache
2011-04-05 18:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-04-05 18:33:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-04-05 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-04-05 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-04-05 18:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-04-05 18:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-04-05 18:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-04-05 18:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-04-05 18:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-04-05 18:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-04-05 18:31:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-03-31 23:06:08 ----RA---- C:\WINDOWS\system32\Audio3D.dll
2011-03-31 23:06:08 ----RA---- C:\WINDOWS\system32\A3D.dll
2011-03-31 23:06:07 ----RA---- C:\WINDOWS\system32\drivers\viahduaa.sys
2011-03-31 23:05:48 ----N---- C:\WINDOWS\system32\difxapi.dll
2011-03-31 23:05:47 ----D---- C:\Program Files\VIA
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoZht.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoZhc.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoSv.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoRu.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoPtb.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoNo.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoNl.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoKo.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoJa.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoIt.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoFr.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoFi.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEsm.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEs.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoENU.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEng.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoDe.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoDa.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\nvraiins.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\nvraidco.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\drivers\nvgts.sys
2011-03-31 23:03:56 ----RA---- C:\WINDOWS\system32\cohelper.dll
2011-03-31 23:03:36 ----RA---- C:\WINDOWS\system32\NVCOSMB.DLL
2011-03-31 23:03:21 ----D---- C:\Program Files\NVIDIA Corporation
2011-03-31 22:55:08 ----RA---- C:\WINDOWS\system32\drivers\ASACPI.sys
2011-03-31 22:54:36 ----A---- C:\WINDOWS\Language_trs.ini
2011-03-31 22:54:27 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-03-31 22:54:25 ----A---- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nwiz.exe
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrses.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwimg.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwddi.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvshell.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvmccs.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nview.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvhwvid.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvcodins.dll
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvcod.dll
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvappbar.exe
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrszht.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrstr.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssv.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssk.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsru.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrspt.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrspl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsno.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsko.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsja.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsit.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrshu.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrshe.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrses.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrseng.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsel.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsde.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsda.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrscs.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsar.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvmctray.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvcpl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvcolor.exe
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\keystone.exe
2011-03-31 16:16:34 ----D---- C:\WINDOWS\system32\WinFast

======List of files/folders modified in the last 1 months======

2011-04-25 20:09:10 ----RD---- C:\Program Files
2011-04-25 20:08:59 ----D---- C:\WINDOWS\system32
2011-04-25 20:08:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-25 20:02:22 ----D---- C:\WINDOWS\Temp
2011-04-25 20:02:04 ----D---- C:\WINDOWS
2011-04-25 20:01:42 ----D---- C:\WINDOWS\system32\config
2011-04-25 20:01:27 ----D---- C:\WINDOWS\system32\wbem
2011-04-25 20:01:27 ----D---- C:\WINDOWS\Registration
2011-04-25 20:01:18 ----SHD---- C:\WINDOWS\Installer
2011-04-25 19:58:42 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-04-25 19:58:31 ----D---- C:\WINDOWS\system32\drivers\etc
2011-04-25 19:58:26 ----D---- C:\Documents and Settings\admin\Data aplikací\Skype
2011-04-25 19:57:26 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-25 19:56:44 ----D---- C:\WINDOWS\Prefetch
2011-04-25 19:56:44 ----D---- C:\Documents and Settings\admin\Data aplikací\Winamp
2011-04-25 15:11:15 ----D---- C:\Program Files\FreeRapid-0.85u1
2011-04-25 13:55:19 ----D---- C:\WINDOWS\WinSxS
2011-04-25 10:36:37 ----D---- C:\Documents and Settings\admin\Data aplikací\Apple Computer
2011-04-25 10:18:02 ----D---- C:\Documents and Settings\admin\Data aplikací\skypePM
2011-04-25 10:17:54 ----HD---- C:\WINDOWS\inf
2011-04-24 23:12:59 ----D---- C:\Program Files\Common Files
2011-04-24 21:21:29 ----D---- C:\Fringe
2011-04-24 19:27:37 ----D---- C:\WINDOWS\system32\DirectX
2011-04-24 19:27:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-24 19:27:30 ----D---- C:\WINDOWS\RegisteredPackages
2011-04-24 19:27:25 ----D---- C:\WINDOWS\system32\drivers
2011-04-23 10:15:22 ----D---- C:\WINDOWS\Minidump
2011-04-22 21:13:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-20 19:56:24 ----A---- C:\WINDOWS\win.ini
2011-04-17 21:51:38 ----D---- C:\Program Files\Mozilla Firefox
2011-04-16 16:04:50 ----D---- C:\WINDOWS\Debug
2011-04-16 14:32:57 ----D---- C:\WINDOWS\Logs
2011-04-14 21:51:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-14 21:50:41 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-14 21:48:22 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-07 22:13:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-04-07 22:12:01 ----SD---- C:\Documents and Settings\admin\Data aplikací\Microsoft
2011-04-07 22:12:01 ----D---- C:\Documents and Settings\admin\Data aplikací\Adobe
2011-03-31 23:08:36 ----A---- C:\WINDOWS\system32\wpa.bak
2011-03-31 23:07:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-31 23:04:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-03-31 16:18:00 ----D---- C:\WINDOWS\nview
2011-03-31 16:18:00 ----D---- C:\WINDOWS\Help
2011-03-31 16:15:25 ----D---- C:\Program Files\Avast5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-08 168040]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-02 218688]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S0 Si3114r5;SiI-3114 SoftRaid 5 Controller; C:\WINDOWS\system32\DRIVERS\Si3114r5.sys []
S0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys []
S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
S2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
S3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-05-15 2136224]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2011-01-13 40384]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-15 136176]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-15 153376]
S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
S2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2011-01-28 251736]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-01-15 435008]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 25 dub 2011 20:02

Zdravim a pekny vecer preji

Takhle hezky ve svem vlastnim tematu, to je jina

Doporucuji odinstalovat Spybot - Search & Destroy - program ma uz nejlepsi leta davno za sebou a posledni cca 3 roky neni schopen celit aktualnim hrozbam - po ukonceni leceni tam dame nejakou lepcejsi nahradu

Pokud jste po aplikaci RKillu nerestartovala PC, tak v poradku, pokud ano, tak jej pouzijte znovu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

pavlafree · #3 Příspěvek od **pavlafree** » 25 dub 2011 20:24

Tak už to je, akorát si nejsem jistá, že se řádně vypnul avast. Jsem stále v nouzovém režimu a nějak mi nešel celkově vypnout, ale všechny štíty jsem mu vypnula - možná to mám znovu spustit v běžném režimu?

ComboFix 11-04-25.01 - admin 25.04.2011 21:15:37.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1756 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-25 do 2011-04-25 )))))))))))))))))))))))))))))))
.
.
2011-04-25 18:09 . 2011-04-25 18:09 -------- d-----w- C:\rsit
2011-04-25 18:09 . 2011-04-25 18:09 -------- d-----w- c:\program files\trend micro
2011-04-25 18:01 . 2011-04-25 18:01 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-25 18:01 . 2011-04-25 18:01 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-04-25 18:01 . 2011-04-25 18:01 -------- d-----w- c:\windows\LastGood.Tmp
2011-04-24 21:12 . 2011-04-24 21:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-04-24 20:13 . 2011-04-24 20:47 -------- d-----w- c:\program files\Trine
2011-04-24 19:50 . 2011-04-24 19:58 -------- d-----w- c:\program files\De Blob
2011-04-24 19:40 . 2011-04-24 19:41 -------- d-----w- c:\documents and settings\admin\Data aplikací\Crayon Physics Deluxe
2011-04-24 19:39 . 2011-04-24 19:47 -------- d-----w- c:\program files\Crayon Physics Deluxe
2011-04-24 19:34 . 2011-04-24 19:47 -------- d-----w- c:\program files\Armadillo Run
2011-04-24 19:12 . 2011-04-24 19:13 -------- d-----w- c:\program files\World of Goo
2011-04-24 19:12 . 2011-04-24 19:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\2DBoy
2011-04-24 19:08 . 2011-04-24 19:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-24 19:08 . 2011-04-24 19:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-24 19:08 . 2011-04-24 19:08 -------- d-----w- c:\program files\OpenAL
2011-04-24 19:08 . 2011-04-24 19:08 -------- d-----w- c:\program files\And Yet It Moves
2011-04-24 18:05 . 2011-04-24 18:14 -------- d-----w- c:\documents and settings\admin\Data aplikací\Broken Rules
2011-04-24 17:25 . 2011-04-24 17:26 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-22 09:52 . 2011-04-22 09:53 -------- d-----w- c:\documents and settings\admin\Data aplikací\Braid
2011-04-22 09:51 . 2011-04-22 09:52 -------- d-----w- c:\program files\Braid
2011-04-21 20:49 . 2011-04-21 20:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-04-16 13:57 . 2011-04-16 13:57 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Oblivion
2011-04-16 12:30 . 2011-04-16 12:31 -------- d-----w- c:\program files\GooseGogs-Game
2011-04-14 16:35 . 2011-04-14 16:35 -------- d-----w- c:\program files\DtsFilter
2011-04-12 17:34 . 2011-04-12 17:34 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Ahead
2011-04-12 16:37 . 2005-09-01 09:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2011-04-12 16:37 . 2005-09-01 09:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2011-04-12 16:37 . 2004-07-09 06:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2011-04-12 16:37 . 2000-06-26 08:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2011-04-12 16:37 . 2004-07-26 14:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2011-04-12 16:37 . 2004-07-26 14:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2011-04-12 16:37 . 2004-07-26 14:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2011-04-12 16:37 . 2004-07-26 14:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2011-04-12 16:37 . 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2011-04-12 16:37 . 2011-04-12 16:37 -------- d-----w- c:\program files\Ahead
2011-04-12 16:37 . 2011-04-12 16:37 -------- d-----w- c:\program files\Common Files\Ahead
2011-04-09 21:31 . 2011-04-09 21:32 -------- d-----w- c:\documents and settings\admin\Data aplikací\fretsonfire
2011-04-09 09:57 . 2011-04-09 09:57 -------- d-----w- c:\documents and settings\admin\Data aplikací\USBSafelyRemove
2011-04-09 09:56 . 2011-04-09 09:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\USBSRService
2011-04-09 09:56 . 2011-04-09 09:56 -------- d-----w- c:\program files\USB Safely Remove
2011-04-09 07:31 . 2011-04-09 07:36 -------- d-----w- C:\The Pacific 2010
2011-04-06 14:44 . 2011-04-06 14:45 -------- d-----w- c:\documents and settings\admin\Data aplikací\f2fIntermediate
2011-04-06 14:44 . 2011-04-06 14:44 -------- d-sh--w- c:\windows\ftpcache
2011-03-31 21:06 . 2007-07-27 09:30 8704 ----a-r- c:\windows\system32\viahdcpl.cpl
2011-03-31 21:06 . 2004-11-17 01:29 254000 -c--a-w- c:\windows\system32\dllcache\a3d.dll
2011-03-31 21:06 . 2004-11-17 01:29 254000 ----a-r- c:\windows\system32\Audio3D.dll
2011-03-31 21:06 . 2004-11-17 01:29 254000 ----a-r- c:\windows\system32\A3D.dll
2011-03-31 21:06 . 2010-05-15 11:11 2136224 ----a-r- c:\windows\system32\drivers\viahduaa.sys
2011-03-31 21:05 . 2007-04-11 07:35 331184 ------w- c:\windows\system32\difxapi.dll
2011-03-31 21:05 . 2011-03-31 21:06 -------- d-----w- c:\program files\VIA
2011-03-31 21:03 . 2010-03-04 10:05 755200 ----a-r- c:\windows\system32\cohelper.dll
2011-03-31 21:03 . 2010-02-21 23:45 10084 ----a-r- c:\windows\system32\drivers\nvphy.bin
2011-03-31 21:03 . 2010-03-22 04:28 215656 ----a-r- c:\windows\system32\NVCOSMB.DLL
2011-03-31 21:03 . 2011-04-24 21:13 -------- d-----w- c:\program files\NVIDIA Corporation
2011-03-31 20:55 . 2004-08-13 02:56 5810 ----a-r- c:\windows\system32\drivers\ASACPI.sys
2011-03-31 20:54 . 2009-04-02 12:30 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2011-01-11 18:31 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:43 . 2008-04-14 12:00 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2008-04-14 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:51 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51 . 2008-04-14 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 13:50 . 2008-04-14 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2008-04-14 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2008-04-14 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2010-08-13 17:44 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 16:28 . 2011-02-02 16:28 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-02 07:58 . 2011-01-11 18:30 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2011-01-11 18:30 677888 ----a-w- c:\windows\system32\mstsc.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-12-03 14944136]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2011-01-28 1239040]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2010-06-25 33753712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"nwiz"="nwiz.exe" [2007-04-19 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"DXDllRegExe"="c:\windows\system32\dxdllreg.exe" [2002-12-11 46592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Total CMA Pack"=c:\program files\Total CMA Pack\Total CMA Pack.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\games\\Gumboy Tournament\\GumboyTournament.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2.2.2011 18:28 218688]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.1.2011 12:46 294608]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.1.2011 12:46 17744]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [15.1.2011 20:15 21992]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [15.1.2011 12:46 136176]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.9.2010 17:12 1051968]
S2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [9.4.2011 11:56 251736]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [31.3.2011 23:06 2136224]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:46]
.
2011-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:46]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\a8gg3hw3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-25 21:17
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2011-04-25 21:18:20
ComboFix-quarantined-files.txt 2011-04-25 19:18
.
Před spuštěním: Volných bajtů: 28 444 835 840
Po spuštění: Volných bajtů: 28 459 134 976
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - 6F1B31F7484DFDCE7124A86E7417E593

#4 Příspěvek od **vyosek** » 25 dub 2011 20:26

Nene, probehlo to v poradku, akorat mi dejte chvili nez napisu skript na docisteni logu...

#5 Příspěvek od **vyosek** » 25 dub 2011 20:37

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

File::
c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
c:\windows\msdownld.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=-

Driver::
gupdate

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

pavlafree · #6 Příspěvek od **pavlafree** » 25 dub 2011 20:53

Počítač restartován a windows naběhly v pořádku.

ComboFix 11-04-25.01 - admin 25.04.2011 21:46:14.2.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1706 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP"
"c:\windows\msdownld.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_GUPDATE
-------\Service_gupdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-25 do 2011-04-25 )))))))))))))))))))))))))))))))
.
.
2011-04-25 18:09 . 2011-04-25 18:09 -------- d-----w- C:\rsit
2011-04-25 18:09 . 2011-04-25 18:09 -------- d-----w- c:\program files\trend micro
2011-04-25 18:01 . 2011-04-25 18:01 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-25 18:01 . 2011-04-25 18:01 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2011-04-24 21:12 . 2011-04-24 21:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2011-04-24 20:13 . 2011-04-24 20:47 -------- d-----w- c:\program files\Trine
2011-04-24 19:50 . 2011-04-24 19:58 -------- d-----w- c:\program files\De Blob
2011-04-24 19:40 . 2011-04-24 19:41 -------- d-----w- c:\documents and settings\admin\Data aplikací\Crayon Physics Deluxe
2011-04-24 19:39 . 2011-04-24 19:47 -------- d-----w- c:\program files\Crayon Physics Deluxe
2011-04-24 19:34 . 2011-04-24 19:47 -------- d-----w- c:\program files\Armadillo Run
2011-04-24 19:12 . 2011-04-24 19:13 -------- d-----w- c:\program files\World of Goo
2011-04-24 19:12 . 2011-04-24 19:12 -------- d-----w- c:\documents and settings\All Users\Data aplikací\2DBoy
2011-04-24 19:08 . 2011-04-24 19:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2011-04-24 19:08 . 2011-04-24 19:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2011-04-24 19:08 . 2011-04-24 19:08 -------- d-----w- c:\program files\OpenAL
2011-04-24 19:08 . 2011-04-24 19:08 -------- d-----w- c:\program files\And Yet It Moves
2011-04-24 18:05 . 2011-04-24 18:14 -------- d-----w- c:\documents and settings\admin\Data aplikací\Broken Rules
2011-04-24 17:25 . 2011-04-24 17:26 -------- d--h--w- c:\windows\msdownld.tmp
2011-04-22 09:52 . 2011-04-22 09:53 -------- d-----w- c:\documents and settings\admin\Data aplikací\Braid
2011-04-22 09:51 . 2011-04-22 09:52 -------- d-----w- c:\program files\Braid
2011-04-21 20:49 . 2011-04-21 20:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Trymedia
2011-04-16 13:57 . 2011-04-16 13:57 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Oblivion
2011-04-16 12:30 . 2011-04-16 12:31 -------- d-----w- c:\program files\GooseGogs-Game
2011-04-14 16:35 . 2011-04-14 16:35 -------- d-----w- c:\program files\DtsFilter
2011-04-12 17:34 . 2011-04-12 17:34 -------- d-----w- c:\documents and settings\admin\Local Settings\Data aplikací\Ahead
2011-04-12 16:37 . 2005-09-01 09:03 5888 ------w- c:\windows\system32\drivers\imagedrv.sys
2011-04-12 16:37 . 2005-09-01 09:03 127488 ------w- c:\windows\system32\drivers\imagesrv.sys
2011-04-12 16:37 . 2004-07-09 06:43 364544 ------w- c:\windows\system32\TwnLib4.dll
2011-04-12 16:37 . 2000-06-26 08:45 106496 ----a-w- c:\windows\system32\TwnLib20.dll
2011-04-12 16:37 . 2004-07-26 14:16 476320 ------w- c:\windows\system32\ImagXpr7.dll
2011-04-12 16:37 . 2004-07-26 14:16 471040 ------w- c:\windows\system32\ImagXRA7.dll
2011-04-12 16:37 . 2004-07-26 14:16 262144 ------w- c:\windows\system32\ImagXR7.dll
2011-04-12 16:37 . 2004-07-26 14:16 1568768 ------w- c:\windows\system32\ImagX7.dll
2011-04-12 16:37 . 2001-07-09 08:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
2011-04-12 16:37 . 2011-04-12 16:37 -------- d-----w- c:\program files\Ahead
2011-04-12 16:37 . 2011-04-12 16:37 -------- d-----w- c:\program files\Common Files\Ahead
2011-04-09 21:31 . 2011-04-09 21:32 -------- d-----w- c:\documents and settings\admin\Data aplikací\fretsonfire
2011-04-09 09:57 . 2011-04-09 09:57 -------- d-----w- c:\documents and settings\admin\Data aplikací\USBSafelyRemove
2011-04-09 09:56 . 2011-04-09 09:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\USBSRService
2011-04-09 09:56 . 2011-04-09 09:56 -------- d-----w- c:\program files\USB Safely Remove
2011-04-09 07:31 . 2011-04-09 07:36 -------- d-----w- C:\The Pacific 2010
2011-04-06 14:44 . 2011-04-06 14:45 -------- d-----w- c:\documents and settings\admin\Data aplikací\f2fIntermediate
2011-04-06 14:44 . 2011-04-06 14:44 -------- d-sh--w- c:\windows\ftpcache
2011-03-31 21:06 . 2007-07-27 09:30 8704 ----a-r- c:\windows\system32\viahdcpl.cpl
2011-03-31 21:06 . 2004-11-17 01:29 254000 -c--a-w- c:\windows\system32\dllcache\a3d.dll
2011-03-31 21:06 . 2004-11-17 01:29 254000 ----a-r- c:\windows\system32\Audio3D.dll
2011-03-31 21:06 . 2004-11-17 01:29 254000 ----a-r- c:\windows\system32\A3D.dll
2011-03-31 21:06 . 2010-05-15 11:11 2136224 ----a-r- c:\windows\system32\drivers\viahduaa.sys
2011-03-31 21:05 . 2007-04-11 07:35 331184 ------w- c:\windows\system32\difxapi.dll
2011-03-31 21:05 . 2011-03-31 21:06 -------- d-----w- c:\program files\VIA
2011-03-31 21:03 . 2010-03-04 10:05 755200 ----a-r- c:\windows\system32\cohelper.dll
2011-03-31 21:03 . 2010-02-21 23:45 10084 ----a-r- c:\windows\system32\drivers\nvphy.bin
2011-03-31 21:03 . 2010-03-22 04:28 215656 ----a-r- c:\windows\system32\NVCOSMB.DLL
2011-03-31 21:03 . 2011-04-24 21:13 -------- d-----w- c:\program files\NVIDIA Corporation
2011-03-31 20:55 . 2004-08-13 02:56 5810 ----a-r- c:\windows\system32\drivers\ASACPI.sys
2011-03-31 20:54 . 2009-04-02 12:30 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-07 05:33 . 2011-01-11 18:31 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:43 . 2008-04-14 12:00 434176 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:53 . 2008-04-14 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-17 13:51 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-02-17 13:51 . 2008-04-14 12:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-02-17 13:51 . 2008-04-14 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-02-17 13:50 . 2008-04-14 12:00 370176 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2008-04-14 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2008-04-14 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:54 . 2010-08-13 17:44 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2008-04-14 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2008-04-14 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2008-04-14 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2008-04-14 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 16:28 . 2011-02-02 16:28 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-02-02 07:58 . 2011-01-11 18:30 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2011-01-11 18:30 677888 ----a-w- c:\windows\system32\mstsc.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-25_19.17.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-25 19:48 . 2011-04-25 19:48 16384 c:\windows\temp\Perflib_Perfdata_2fc.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"="c:\program files\USB Safely Remove\USBSafelyRemove.exe" [2011-01-28 1239040]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2010-06-25 33753712]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"nwiz"="nwiz.exe" [2007-04-19 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-04-19 86016]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Total CMA Pack"=c:\program files\Total CMA Pack\Total CMA Pack.exe
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\games\\Gumboy Tournament\\GumboyTournament.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
.
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.1.2011 12:46 294608]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2.2.2011 18:28 218688]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.1.2011 12:46 17744]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [15.1.2011 20:15 21992]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.9.2010 17:12 1051968]
R2 USBSafelyRemoveService;USB Safely Remove Assistant;c:\program files\USB Safely Remove\USBSRService.exe [9.4.2011 11:56 251736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [31.3.2011 23:06 2136224]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-01-15 10:46]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\a8gg3hw3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype extension: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-25 21:49
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????
.
skenování skrytých souborů ...
.
.
c:\windows\DirectX.log 158 bytes
.
sken byl úspešně dokončen
skryté soubory: 1
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Avast5\AvastSvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wdfmgr.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Celkový čas: 2011-04-25 21:51:13 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-25 19:51
ComboFix2.txt 2011-04-25 19:18
.
Před spuštěním: Volných bajtů: 28 468 719 616
Po spuštění: Volných bajtů: 28 310 716 416
.
- - End Of File - - 53111DBE78BD97D904E1587151C2B101

#7 Příspěvek od **vyosek** » 25 dub 2011 21:00

Tady uz havet nevidim, prihlaste se do normalniho rezimu a napiste jak se chova PC

pavlafree · #8 Příspěvek od **pavlafree** » 25 dub 2011 21:07

Všechno se zdá být v pořádku, bez problému a bez nějakých zvláštností naběhl běžný režim. Všechno funguje.

#9 Příspěvek od **vyosek** » 25 dub 2011 21:10

Tak jeste uklidime

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Jak jsem psal o Spybotu, tak tu jsou nahradnici

Nahrady za Spybota:
- Spyware Terminator - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=44730
- SuperAntiSpyare - info o nem http://www.viry.cz/forum/viewtopic.php?f=29&t=51359
Samozrejme pouzivejte jen jeden z nich
Osobne doporucuji SuperAntiSpyware

Poprosim o novy log z RSIT a napiste jak se chova nas pacient

pavlafree · #10 Příspěvek od **pavlafree** » 25 dub 2011 21:43

Hotovo jest! Pacient se chová bezproblémově, vše OK.

RSIT:

Logfile of random's system information tool 1.08 (written by random/random)
Run by admin at 2011-04-25 22:40:33
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 31 GB (52%) free of 60 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:40:42, on 25.4.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\USB Safely Remove\USBSRService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\PixArt\PAC7302\Monitor.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Unknown owner - C:\Program Files\USB Safely Remove\USBSRService.exe

--
End of file - 6885 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-15 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-01-15 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"PAC7302_Monitor"=C:\WINDOWS\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2010-06-25 33753712]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-04-19 7700480]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-04-19 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"USB Safely Remove"=C:\Program Files\USB Safely Remove\USBSafelyRemove.exe [2011-01-28 1239040]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2011-04-20 2423752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\games\Gumboy Tournament\GumboyTournament.exe"="D:\games\Gumboy Tournament\GumboyTournament.exe:*:Enabled:GumboyTournament"
"C:\WINDOWS\system32\dpnsvr.exe"="C:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2011-04-25 22:40:33 ----D---- C:\rsit
2011-04-25 22:37:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2011-04-25 22:37:10 ----D---- C:\Documents and Settings\admin\Data aplikací\SUPERAntiSpyware.com
2011-04-25 22:37:06 ----D---- C:\Program Files\SUPERAntiSpyware
2011-04-25 22:22:12 ----SHD---- C:\RECYCLER
2011-04-25 21:47:43 ----D---- C:\WINDOWS\temp
2011-04-25 21:15:17 ----A---- C:\Boot.bak
2011-04-25 21:15:15 ----RASHD---- C:\cmdcons
2011-04-25 20:09:10 ----D---- C:\Program Files\trend micro
2011-04-25 19:59:45 ----SHD---- C:\WINDOWS\CSC
2011-04-24 23:12:59 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-04-24 22:13:58 ----D---- C:\Program Files\Trine
2011-04-24 21:50:22 ----D---- C:\Program Files\De Blob
2011-04-24 21:40:17 ----D---- C:\Documents and Settings\admin\Data aplikací\Crayon Physics Deluxe
2011-04-24 21:39:11 ----D---- C:\Program Files\Crayon Physics Deluxe
2011-04-24 21:34:25 ----D---- C:\Program Files\Armadillo Run
2011-04-24 21:12:37 ----D---- C:\Program Files\World of Goo
2011-04-24 21:12:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\2DBoy
2011-04-24 21:08:21 ----D---- C:\Program Files\OpenAL
2011-04-24 21:08:21 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2011-04-24 21:08:21 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2011-04-24 21:08:10 ----D---- C:\Program Files\And Yet It Moves
2011-04-24 20:05:52 ----D---- C:\Documents and Settings\admin\Data aplikací\Broken Rules
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\psisdecd.dll
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\msdv.sys
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\mpe.sys
2011-04-24 19:27:05 ----A---- C:\WINDOWS\system32\drivers\bdasup.sys
2011-04-24 19:27:00 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2011-04-22 11:52:25 ----D---- C:\Documents and Settings\admin\Data aplikací\Braid
2011-04-22 11:51:38 ----D---- C:\Program Files\Braid
2011-04-21 22:49:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Trymedia
2011-04-16 22:08:08 ----A---- C:\WINDOWS\BlendSettings.ini
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2011-04-16 14:34:45 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2011-04-16 14:34:44 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2011-04-16 14:34:43 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2011-04-16 14:34:42 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2011-04-16 14:34:42 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2011-04-16 14:34:41 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2011-04-16 14:34:40 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2011-04-16 14:34:40 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2011-04-16 14:34:39 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2011-04-16 14:34:39 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2011-04-16 14:34:38 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2011-04-16 14:34:37 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2011-04-16 14:34:36 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2011-04-16 14:34:35 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2011-04-16 14:34:34 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2011-04-16 14:34:33 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2011-04-16 14:34:32 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2011-04-16 14:34:31 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2011-04-16 14:34:30 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2011-04-16 14:34:29 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2011-04-16 14:34:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2011-04-16 14:34:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2011-04-16 14:34:27 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2011-04-16 14:34:26 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2011-04-16 14:34:26 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2011-04-16 14:34:25 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2011-04-16 14:34:25 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2011-04-16 14:34:24 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2011-04-16 14:34:23 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2011-04-16 14:34:22 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2011-04-16 14:34:21 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2011-04-16 14:34:20 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2011-04-16 14:30:59 ----D---- C:\Program Files\GooseGogs-Game
2011-04-14 21:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-04-14 21:50:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-04-14 21:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2506223$
2011-04-14 21:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-04-14 21:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-04-14 21:50:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2503658$
2011-04-14 21:49:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-04-14 21:49:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2497640$
2011-04-14 21:49:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-04-14 21:49:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2511455$
2011-04-14 21:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-04-14 21:48:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-04-14 18:35:40 ----D---- C:\Program Files\DtsFilter
2011-04-12 18:39:41 ----A---- C:\WINDOWS\NeroDigital.ini
2011-04-12 18:37:29 ----N---- C:\WINDOWS\system32\drivers\imagesrv.sys
2011-04-12 18:37:29 ----N---- C:\WINDOWS\system32\drivers\imagedrv.sys
2011-04-12 18:37:20 ----N---- C:\WINDOWS\system32\TwnLib4.dll
2011-04-12 18:37:20 ----A---- C:\WINDOWS\system32\TwnLib20.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXRA7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXR7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagXpr7.dll
2011-04-12 18:37:19 ----N---- C:\WINDOWS\system32\ImagX7.dll
2011-04-12 18:37:19 ----A---- C:\WINDOWS\system32\NeroCheck.exe
2011-04-12 18:37:18 ----D---- C:\Program Files\Common Files\Ahead
2011-04-12 18:37:18 ----D---- C:\Program Files\Ahead
2011-04-09 23:31:03 ----D---- C:\Documents and Settings\admin\Data aplikací\fretsonfire
2011-04-09 11:57:09 ----D---- C:\Documents and Settings\admin\Data aplikací\USBSafelyRemove
2011-04-09 11:56:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\USBSRService
2011-04-09 11:56:26 ----D---- C:\Program Files\USB Safely Remove
2011-04-09 09:31:39 ----D---- C:\The Pacific 2010
2011-04-06 16:44:59 ----D---- C:\Documents and Settings\admin\Data aplikací\f2fIntermediate
2011-04-06 16:44:58 ----SHD---- C:\WINDOWS\ftpcache
2011-04-05 18:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-04-05 18:33:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-04-05 18:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-04-05 18:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-04-05 18:32:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-04-05 18:32:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-04-05 18:32:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-04-05 18:32:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-04-05 18:31:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-04-05 18:31:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-04-05 18:31:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-03-31 23:06:08 ----RA---- C:\WINDOWS\system32\Audio3D.dll
2011-03-31 23:06:08 ----RA---- C:\WINDOWS\system32\A3D.dll
2011-03-31 23:06:07 ----RA---- C:\WINDOWS\system32\drivers\viahduaa.sys
2011-03-31 23:05:48 ----N---- C:\WINDOWS\system32\difxapi.dll
2011-03-31 23:05:47 ----D---- C:\Program Files\VIA
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoZht.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoZhc.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoSv.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoRu.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoPtb.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoNo.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoNl.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoKo.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoJa.dll
2011-03-31 23:04:27 ----RA---- C:\WINDOWS\system32\NvRCoIt.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoFr.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoFi.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEsm.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEs.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoENU.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoEng.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoDe.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\NvRCoDa.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\nvraiins.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\nvraidco.dll
2011-03-31 23:04:26 ----RA---- C:\WINDOWS\system32\drivers\nvgts.sys
2011-03-31 23:03:56 ----RA---- C:\WINDOWS\system32\cohelper.dll
2011-03-31 23:03:36 ----RA---- C:\WINDOWS\system32\NVCOSMB.DLL
2011-03-31 23:03:21 ----D---- C:\Program Files\NVIDIA Corporation
2011-03-31 22:55:08 ----RA---- C:\WINDOWS\system32\drivers\ASACPI.sys
2011-03-31 22:54:36 ----A---- C:\WINDOWS\Language_trs.ini
2011-03-31 22:54:27 ----A---- C:\WINDOWS\Ascd_tmp.ini
2011-03-31 22:54:25 ----A---- C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nwiz.exe
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrstr.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssv.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrssk.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsru.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrspt.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrspl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsno.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsnl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrshu.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrshe.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsfi.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsesm.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrses.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrseng.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsel.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsda.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrscs.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwrsar.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwimg.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwdmcpl.dll
2011-03-31 16:16:41 ----A---- C:\WINDOWS\system32\nvwddi.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvshell.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2011-03-31 16:16:40 ----A---- C:\WINDOWS\system32\nvnt4cpl.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvmccsrs.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvmccs.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nview.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvhwvid.dll
2011-03-31 16:16:39 ----A---- C:\WINDOWS\system32\nvdspsch.exe
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvcodins.dll
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvcod.dll
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvappbar.exe
2011-03-31 16:16:38 ----A---- C:\WINDOWS\system32\nvapi.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrszht.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrstr.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssv.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrssk.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsru.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrspt.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrspl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsno.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsko.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsja.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsit.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrshu.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrshe.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrses.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrseng.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsel.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsde.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsda.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrscs.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvrsar.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvmctray.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvcpl.dll
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\nvcolor.exe
2011-03-31 16:16:36 ----A---- C:\WINDOWS\system32\keystone.exe
2011-03-31 16:16:34 ----D---- C:\WINDOWS\system32\WinFast

======List of files/folders modified in the last 1 months======

2011-04-25 22:40:41 ----D---- C:\WINDOWS\Prefetch
2011-04-25 22:38:43 ----D---- C:\WINDOWS\system32\CatRoot2
2011-04-25 22:37:06 ----RD---- C:\Program Files
2011-04-25 22:27:42 ----D---- C:\WINDOWS
2011-04-25 22:27:01 ----D---- C:\WINDOWS\system32
2011-04-25 22:27:01 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-04-25 22:22:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2011-04-25 22:12:56 ----SHD---- C:\System Volume Information
2011-04-25 22:12:56 ----D---- C:\WINDOWS\system32\Restore
2011-04-25 22:12:31 ----D---- C:\WINDOWS\system32\drivers
2011-04-25 22:01:52 ----SHD---- C:\WINDOWS\Installer
2011-04-25 22:01:51 ----D---- C:\WINDOWS\WinSxS
2011-04-25 21:49:03 ----HD---- C:\WINDOWS\inf
2011-04-25 21:48:46 ----A---- C:\WINDOWS\system.ini
2011-04-25 21:48:38 ----D---- C:\WINDOWS\system32\drivers\etc
2011-04-25 21:47:51 ----D---- C:\WINDOWS\system32\config
2011-04-25 21:47:39 ----SD---- C:\WINDOWS\Tasks
2011-04-25 21:46:50 ----D---- C:\WINDOWS\AppPatch
2011-04-25 21:46:48 ----D---- C:\Program Files\Common Files
2011-04-25 21:15:17 ----RASH---- C:\boot.ini
2011-04-25 21:06:27 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-04-25 20:01:27 ----D---- C:\WINDOWS\system32\wbem
2011-04-25 20:01:27 ----D---- C:\WINDOWS\Registration
2011-04-25 19:58:26 ----D---- C:\Documents and Settings\admin\Data aplikací\Skype
2011-04-25 19:56:44 ----D---- C:\Documents and Settings\admin\Data aplikací\Winamp
2011-04-25 15:11:15 ----D---- C:\Program Files\FreeRapid-0.85u1
2011-04-25 10:36:37 ----D---- C:\Documents and Settings\admin\Data aplikací\Apple Computer
2011-04-25 10:18:02 ----D---- C:\Documents and Settings\admin\Data aplikací\skypePM
2011-04-24 21:21:29 ----D---- C:\Fringe
2011-04-24 19:27:37 ----D---- C:\WINDOWS\system32\DirectX
2011-04-24 19:27:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-04-24 19:27:30 ----D---- C:\WINDOWS\RegisteredPackages
2011-04-23 10:15:22 ----D---- C:\WINDOWS\Minidump
2011-04-22 21:13:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-04-20 19:56:24 ----A---- C:\WINDOWS\win.ini
2011-04-17 21:51:38 ----D---- C:\Program Files\Mozilla Firefox
2011-04-16 16:04:50 ----D---- C:\WINDOWS\Debug
2011-04-16 14:32:57 ----D---- C:\WINDOWS\Logs
2011-04-14 21:51:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-04-14 21:50:41 ----HD---- C:\WINDOWS\$hf_mig$
2011-04-14 21:48:22 ----A---- C:\WINDOWS\system32\MRT.exe
2011-04-07 22:13:20 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-04-07 22:12:01 ----SD---- C:\Documents and Settings\admin\Data aplikací\Microsoft
2011-04-07 22:12:01 ----D---- C:\Documents and Settings\admin\Data aplikací\Adobe
2011-03-31 23:08:36 ----A---- C:\WINDOWS\system32\wpa.bak
2011-03-31 23:07:15 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-31 23:04:25 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-03-31 16:18:00 ----D---- C:\WINDOWS\nview
2011-03-31 16:18:00 ----D---- C:\WINDOWS\Help
2011-03-31 16:15:25 ----D---- C:\Program Files\Avast5

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvata;nvata; C:\WINDOWS\system32\DRIVERS\nvata.sys [2005-08-18 93568]
R0 nvgts;nvgts; C:\WINDOWS\system32\DRIVERS\nvgts.sys [2010-04-08 168040]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI VIA; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-04-28 44944]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-01-13 29392]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-01-13 23632]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-01-13 294608]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-01-13 47440]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-02-02 218688]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-01-13 17744]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-01-13 100176]
R2 cpuz135;cpuz135; \??\C:\WINDOWS\system32\drivers\cpuz135_x32.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-04-19 3988384]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2010-03-04 70912]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2010-03-04 13824]
R3 PAC7302;Eye 312; C:\WINDOWS\system32\DRIVERS\PAC7302.SYS [2007-06-14 457856]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2010-05-15 2136224]
S0 Si3114r5;SiI-3114 SoftRaid 5 Controller; C:\WINDOWS\system32\DRIVERS\Si3114r5.sys []
S0 SiFilter;SATALink driver accelerator; C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys []
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 36352]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MSICPL;MSICPL; \??\E:\install4\MSICPL.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 NTACCESS;NTACCESS; \??\E:\NTACCESS.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\E:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-10-16 37664]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast5\AvastSvc.exe [2011-01-13 40384]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-01-15 153376]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-04-19 159810]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; C:\Program Files\USB Safely Remove\USBSRService.exe [2011-01-28 251736]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-12-13 820008]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2011-01-15 435008]

-----------------EOF-----------------

#11 Příspěvek od **vyosek** » 25 dub 2011 21:46

V logu nevidim jiz tez nic spatneho ci skodliveho

pavlafree · #12 Příspěvek od **pavlafree** » 25 dub 2011 21:50

To je skvělé! Mockrát děkuju! Děláte dobrou práci

#13 Příspěvek od **vyosek** » 25 dub 2011 21:59

Nestraste s praci, tam je hodne z nas cely den, natoz pak jeste takhle vecer makat

forum je pro vetsinu tymu relaxem

Nemate zac, rad jsem pomohl

Zase nekdy Obrázek

VIRY.CZ

pro vyosek

pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek

Re: pro vyosek