Trojan.ExOptions.gen

[papushka]

Dobrý den,

Spyware terminator mi pořád hlasí Trojan.ExOptions.gen a když ho chci odstranit, píše:
Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe
Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe

Nejdou smazat ani přes Editor registru, ani Mbam nic nenašel, NOD nic nenašel, PC jsem pročistila ComboFixem, CCleanerem, přes TuneUp Utilities a pořád to tu je. Navíc po tom pročištění se přestala ukazovat tapeta plochy a miniatury souborů ve složkách.


Vkládám log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by asus at 2010-04-24 15:13:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 64 GB (42%) free of 153 GB
Total RAM: 3070 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:00, on 24.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Users\asus\Desktop\RSIT.exe
C:\Program Files\trend micro\asus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\Windows\system32\bmwebcfg.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7460 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{644F4F77-DDCF-4B16-8612-6592AABB26DA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-03-16 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-25 13548064]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-12 6265376]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-17 102400]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-07-08 2173440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-06-12 3055616]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2010-03-16 5739472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - %SystemRoot%\system32\NOTEPAD.EXE %1
.txt - open -

======List of files/folders created in the last 1 months======

2010-04-24 15:07:41 ----D---- C:\Program Files\trend micro
2010-04-24 15:07:40 ----D---- C:\rsit
2010-04-24 12:59:41 ----A---- C:\Windows\ntbtlog.txt
2010-04-24 11:57:11 ----D---- C:\Program Files\CCleaner
2010-04-24 11:43:01 ----D---- C:\32788R22FWJFW
2010-04-24 11:30:57 ----SHD---- C:\$RECYCLE.BIN
2010-04-24 11:30:55 ----D---- C:\Windows\temp
2010-04-24 11:20:38 ----A---- C:\Windows\PEV.exe
2010-04-24 11:20:38 ----A---- C:\Windows\MBR.exe
2010-04-24 11:20:33 ----D---- C:\Windows\ERDNT
2010-04-23 23:36:12 ----D---- C:\Users\asus\AppData\Roaming\Malwarebytes
2010-04-23 23:35:51 ----D---- C:\ProgramData\Malwarebytes
2010-04-23 23:35:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-22 17:53:02 ----A---- C:\Windows\wininit.ini
2010-04-22 17:52:55 ----AH---- C:\setup95.exe
2010-04-17 00:13:06 ----D---- C:\Program Files\Crawler
2010-04-17 00:08:35 ----A---- C:\Windows\system32\browserchoice.exe
2010-04-16 21:40:12 ----D---- C:\Users\asus\AppData\Roaming\ESET
2010-04-16 21:38:30 ----D---- C:\ProgramData\ESET
2010-04-16 21:38:30 ----D---- C:\Program Files\ESET
2010-04-16 19:02:23 ----A---- C:\Windows\system32\authuitu.dll
2010-04-16 19:00:10 ----A---- C:\Windows\system32\uxtuneup.dll
2010-04-16 16:35:49 ----A---- C:\Windows\system32\TURegOpt.exe
2010-04-16 16:32:06 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-04-16 16:31:30 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-16 09:08:27 ----D---- C:\Program Files\XVideoConverter
2010-04-15 17:42:57 ----D---- C:\ProgramData\DivX
2010-04-14 07:47:40 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 07:47:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 07:47:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 07:47:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 07:46:56 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 07:45:31 ----A---- C:\Windows\system32\cabview.dll
2010-04-11 11:49:16 ----D---- C:\Users\asus\AppData\Roaming\MathematicaPlayer
2010-04-11 11:49:16 ----D---- C:\ProgramData\MathematicaPlayer
2010-04-11 09:43:41 ----D---- C:\Users\asus\AppData\Roaming\Mathematica
2010-04-11 09:43:41 ----D---- C:\ProgramData\Mathematica
2010-04-11 09:42:58 ----D---- C:\Windows\Downloaded Installations
2010-04-11 09:41:54 ----A---- C:\Windows\system32\mlmodule32.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i3.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i2.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i1.dll
2010-04-11 09:38:22 ----D---- C:\Program Files\Wolfram Research
2010-03-31 07:18:05 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 07:18:03 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 07:18:00 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 07:17:48 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 07:17:43 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 07:17:42 ----A---- C:\Windows\system32\mshtmled.dll
2010-03-31 07:17:38 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 07:17:37 ----A---- C:\Windows\system32\ieencode.dll
2010-03-31 07:17:33 ----A---- C:\Windows\system32\ieapfltr.dll
2010-03-27 14:46:37 ----D---- C:\A__P_ILET____P__KR_LOVNO

======List of files/folders modified in the last 1 months======

2010-04-24 15:13:34 ----D---- C:\Windows\Prefetch
2010-04-24 15:09:25 ----D---- C:\Windows\tracing
2010-04-24 15:07:41 ----RD---- C:\Program Files
2010-04-24 13:26:18 ----D---- C:\ProgramData\Spyware Terminator
2010-04-24 13:26:15 ----SHD---- C:\System Volume Information
2010-04-24 13:26:01 ----D---- C:\Program Files\Spyware Terminator
2010-04-24 13:23:36 ----D---- C:\Users\asus\AppData\Roaming\Spyware Terminator
2010-04-24 12:59:41 ----D---- C:\Windows
2010-04-24 12:53:48 ----A---- C:\Windows\system32\acovcnt.exe
2010-04-24 11:58:56 ----D---- C:\Windows\Debug
2010-04-24 11:28:48 ----A---- C:\Windows\system.ini
2010-04-24 11:28:11 ----D---- C:\Windows\System32
2010-04-24 11:25:35 ----D---- C:\Windows\system32\drivers
2010-04-24 11:25:34 ----D---- C:\Windows\AppPatch
2010-04-24 11:25:34 ----D---- C:\Program Files\Common Files
2010-04-24 11:19:40 ----D---- C:\ProgramData\Norton
2010-04-24 11:19:38 ----D---- C:\ProgramData\Symantec
2010-04-24 11:19:37 ----D---- C:\Windows\Tasks
2010-04-24 11:19:05 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-24 11:15:25 ----D---- C:\Windows\system32\Tasks
2010-04-23 23:55:33 ----A---- C:\Windows\NeroDigital.ini
2010-04-23 23:35:51 ----D---- C:\ProgramData
2010-04-23 18:06:28 ----D---- C:\Users\asus\AppData\Roaming\DivX
2010-04-22 22:51:42 ----D---- C:\Users\asus\AppData\Roaming\AIMP
2010-04-22 22:07:49 ----D---- C:\Program Files\DivX
2010-04-22 07:52:46 ----D---- C:\Windows\inf
2010-04-22 07:52:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-21 22:01:25 ----D---- C:\Users\asus\AppData\Roaming\ICQ
2010-04-21 21:52:43 ----D---- C:\Program Files\ICQ7.0
2010-04-20 20:14:46 ----D---- C:\Program Files\WinClamAVShield
2010-04-18 15:34:29 ----D---- C:\Boot
2010-04-18 15:34:24 ----D---- C:\Windows\system32\config
2010-04-17 00:09:11 ----D---- C:\Windows\winsxs
2010-04-17 00:09:01 ----D---- C:\Windows\system32\catroot
2010-04-16 23:57:35 ----SHD---- C:\Windows\Installer
2010-04-16 23:57:16 ----D---- C:\ProgramData\Lavasoft
2010-04-16 23:57:13 ----DC---- C:\Windows\system32\DRVSTORE
2010-04-16 18:51:47 ----D---- C:\Program Files\Electronic Arts
2010-04-16 18:46:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-16 18:45:59 ----D---- C:\Program Files\ASUS
2010-04-16 18:44:34 ----D---- C:\Program Files\Adobe
2010-04-16 18:43:10 ----D---- C:\Program Files\Winamp
2010-04-16 18:34:12 ----D---- C:\Windows\system32\catroot2
2010-04-16 16:49:01 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-04-16 16:31:40 ----D---- C:\ProgramData\TuneUp Software
2010-04-16 09:34:41 ----AD---- C:\ProgramData\Temp
2010-04-15 22:05:12 ----D---- C:\Program Files\Windows Mail
2010-04-15 21:22:33 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 21:18:25 ----D---- C:\Users\asus\AppData\Roaming\uTorrent
2010-04-15 17:45:49 ----D---- C:\Program Files\Common Files\DivX Shared
2010-04-14 08:10:19 ----D---- C:\Program Files\Google
2010-04-11 11:44:40 ----RSD---- C:\Windows\Fonts
2010-04-11 09:38:01 ----D---- C:\Users\asus\AppData\Roaming\vlc
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-06 17:08:16 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
2010-04-04 09:54:14 ----D---- C:\Program Files\Mozilla Firefox
2010-03-30 21:57:49 ----D---- C:\Windows\system32\WDI
2010-03-27 20:00:20 ----D---- C:\ProgramData\CyberLink
2010-03-27 20:00:20 ----D---- C:\Program Files\CyberLink
2010-03-27 14:46:20 ----D---- C:\ProgramData\DVD Shrink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2009-06-12 142592]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-13 73312]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-12 2159384]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-25 7547552]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-07-23 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-17 190512]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2008-03-06 18688]
S3 a59ut27s;a59ut27s; C:\Windows\system32\drivers\a59ut27s.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys []
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\E:\I386\AsProcOb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FlashUSB;Flash Loader utility driver; C:\Windows\System32\Drivers\FlashUSB.sys [2009-05-12 16896]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 bmwebcfg;Bytemobile Web Configurator; C:\Windows\system32\bmwebcfg.exe [2008-03-06 118784]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-25 196608]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-06-12 487424]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-13 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-24 435016]

-----------------EOF-----------------



Už nevím, co s tím. Prosím, poraďte.

Díky moc za odpověď.

[papushka]

Bohužel máme doma hodně počítačů a všechny měly nějaký problém, tak proto tolik logů Omlouvám se, že takhle přidělávám práci...

Tady je log z CF:

ComboFix 10-04-21.01 - asus 24.04.2010 16:39:01.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1845 [GMT 2:00]
Spuštěný z: c:\users\asus\Desktop\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-24 do 2010-04-24 )))))))))))))))))))))))))))))))
.

2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\asus\AppData\Local\temp
2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-24 13:07 . 2010-04-24 13:13 -------- d-----w- c:\program files\trend micro
2010-04-24 13:07 . 2010-04-24 13:08 -------- d-----w- C:\rsit
2010-04-24 09:57 . 2010-04-24 09:57 -------- d-----w- c:\program files\CCleaner
2010-04-23 21:36 . 2010-04-23 21:36 -------- d-----w- c:\users\asus\AppData\Roaming\Malwarebytes
2010-04-23 21:35 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-23 21:35 . 2010-04-23 21:35 -------- d-----w- c:\programdata\Malwarebytes
2010-04-23 21:35 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 21:35 . 2010-04-23 21:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-22 20:07 . 2010-04-22 20:07 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-04-22 20:07 . 2010-04-22 20:07 57679 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-04-22 20:06 . 2010-04-22 20:06 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54629 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-04-22 20:03 . 2010-04-22 20:03 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-04-22 20:03 . 2010-04-22 20:03 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-04-22 20:00 . 2010-04-22 20:00 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-04-22 15:52 . 1996-09-16 02:00 202240 ---ha-w- C:\setup95.exe
2010-04-16 22:13 . 2010-04-24 14:28 -------- d-----w- c:\program files\Crawler
2010-04-16 22:08 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-16 19:40 . 2010-04-16 19:40 -------- d-----w- c:\users\asus\AppData\Local\ESET
2010-04-16 19:38 . 2010-04-24 09:09 -------- d-----w- c:\program files\ESET
2010-04-16 17:02 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-04-16 17:00 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-04-16 17:00 . 2009-08-30 09:59 147456 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Bubbles.tla.dll
2010-04-16 17:00 . 2009-06-14 13:13 331776 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Forcefield.tla.dll
2010-04-16 17:00 . 2009-06-14 13:12 237568 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Aurora.tla.dll
2010-04-16 17:00 . 2010-01-19 13:21 3092480 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Giraffe.tls.dll
2010-04-16 17:00 . 2009-12-04 20:30 442368 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Merry Xmas.tls.dll
2010-04-16 17:00 . 2009-12-04 20:28 507904 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Merry Christmas.tls.dll
2010-04-16 17:00 . 2009-12-04 20:19 2265088 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Star.tls.dll
2010-04-16 17:00 . 2009-08-30 10:05 4268032 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Tower bridge.tls.dll
2010-04-16 17:00 . 2009-07-11 00:34 3465216 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Borabora.tls.dll
2010-04-16 14:35 . 2010-02-25 10:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-04-16 14:32 . 2010-04-24 10:05 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-04-16 14:31 . 2010-04-16 14:31 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-16 07:08 . 2010-04-16 07:08 -------- d-----w- c:\program files\XVideoConverter
2010-04-15 15:47 . 2010-04-22 20:08 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-04-15 15:46 . 2010-04-22 20:00 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-04-15 15:46 . 2010-04-22 19:59 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-04-15 15:46 . 2009-07-18 17:26 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Player\DivXPlayerUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe
2010-04-15 15:46 . 2010-04-15 15:46 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-15 15:45 . 2010-04-15 15:45 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-15 15:42 . 2010-04-22 20:08 -------- d-----w- c:\programdata\DivX
2010-04-14 05:47 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 05:47 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 05:47 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 05:47 . 2010-03-04 17:33 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 05:47 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 05:47 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 05:47 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-14 05:47 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 05:47 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 05:46 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 05:45 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\users\asus\AppData\Local\MathematicaPlayer
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\users\asus\AppData\Roaming\MathematicaPlayer
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\programdata\MathematicaPlayer
2010-04-11 07:43 . 2010-04-11 07:46 -------- d-----w- c:\users\asus\AppData\Local\Mathematica
2010-04-11 07:43 . 2010-04-11 07:48 -------- d-----w- c:\users\asus\AppData\Roaming\Mathematica
2010-04-11 07:43 . 2010-04-11 07:47 -------- d-----w- c:\programdata\Mathematica
2010-04-11 07:42 . 2010-04-11 07:42 -------- d-----w- c:\windows\Downloaded Installations
2010-04-11 07:41 . 2009-03-05 16:53 185640 ----a-w- c:\windows\system32\mlmodule32.dll
2010-04-11 07:41 . 2009-03-05 16:53 378152 ----a-w- c:\windows\system32\ml32i3.dll
2010-04-11 07:41 . 2009-03-05 16:53 267560 ----a-w- c:\windows\system32\ml32i2.dll
2010-04-11 07:41 . 2009-03-05 16:53 259368 ----a-w- c:\windows\system32\ml32i1.dll
2010-04-11 07:38 . 2010-04-11 09:41 -------- d-----w- c:\program files\Wolfram Research
2010-04-08 13:44 . 2010-03-25 09:27 1107264 ----a-w- c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-31 05:18 . 2010-03-09 15:42 834048 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 05:17 . 2010-03-09 16:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-27 12:46 . 2010-03-27 12:52 -------- d-----w- C:\A__P_ILET____P__KR_LOVNO

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-24 14:36 . 2009-06-12 16:25 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-04-24 14:35 . 2009-07-14 19:42 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-24 11:26 . 2009-06-12 21:30 -------- d-----w- c:\programdata\Spyware Terminator
2010-04-24 11:26 . 2009-06-12 21:30 -------- d-----w- c:\program files\Spyware Terminator
2010-04-24 11:23 . 2009-06-12 21:30 -------- d-----w- c:\users\asus\AppData\Roaming\Spyware Terminator
2010-04-24 09:51 . 2009-06-12 16:25 164984 ----a-w- c:\users\asus\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-24 09:19 . 2009-04-22 19:24 -------- d-----w- c:\programdata\Norton
2010-04-24 09:19 . 2009-04-22 19:24 -------- d-----w- c:\programdata\Symantec
2010-04-24 09:19 . 2009-11-25 17:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-23 16:06 . 2009-07-18 17:26 -------- d-----w- c:\users\asus\AppData\Roaming\DivX
2010-04-22 20:51 . 2009-06-13 09:30 -------- d-----w- c:\users\asus\AppData\Roaming\AIMP
2010-04-22 20:07 . 2009-06-18 17:16 -------- d-----w- c:\program files\DivX
2010-04-22 19:04 . 2009-06-12 21:46 27744 ----a-w- c:\programdata\nvModes.dat
2010-04-22 05:52 . 2008-04-17 10:34 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-04-22 05:52 . 2008-04-17 10:34 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-04-21 20:01 . 2009-11-29 14:30 -------- d-----w- c:\users\asus\AppData\Roaming\ICQ
2010-04-21 19:52 . 2010-01-29 07:35 -------- d-----w- c:\program files\ICQ7.0
2010-04-20 18:14 . 2009-06-12 21:33 -------- d-----w- c:\program files\WinClamAVShield
2010-04-16 21:57 . 2009-06-15 08:39 -------- d-----w- c:\programdata\Lavasoft
2010-04-16 16:51 . 2009-06-14 12:16 -------- d-----w- c:\program files\Electronic Arts
2010-04-16 16:46 . 2009-04-22 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-16 16:45 . 2009-04-22 20:02 -------- d-----w- c:\program files\ASUS
2010-04-16 16:43 . 2009-09-27 12:08 -------- d-----w- c:\program files\Winamp
2010-04-16 14:49 . 2009-06-13 21:17 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-04-16 14:31 . 2009-06-13 21:17 -------- d-----w- c:\programdata\TuneUp Software
2010-04-15 20:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-15 19:22 . 2009-04-22 19:07 -------- d-----w- c:\programdata\Microsoft Help
2010-04-15 19:18 . 2009-06-13 09:51 -------- d-----w- c:\users\asus\AppData\Roaming\uTorrent
2010-04-15 15:45 . 2009-06-18 17:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-14 06:10 . 2009-04-22 19:26 -------- d-----w- c:\program files\Google
2010-04-11 07:38 . 2009-09-17 13:51 -------- d-----w- c:\users\asus\AppData\Roaming\vlc
2010-03-27 18:00 . 2009-04-22 19:23 -------- d-----w- c:\programdata\CyberLink
2010-03-27 18:00 . 2009-04-22 19:21 -------- d-----w- c:\program files\CyberLink
2010-03-27 17:57 . 2009-04-22 19:22 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-03-27 12:46 . 2009-07-09 09:11 -------- d-----w- c:\programdata\DVD Shrink
2010-03-17 06:30 . 2010-03-17 06:25 -------- d-----w- c:\users\asus\AppData\Roaming\QipGuard
2010-03-17 06:29 . 2009-12-22 10:21 -------- d-----w- c:\program files\QIP Infium
2010-03-16 15:45 . 2010-03-17 06:25 280440 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\sqlite3.dll
2010-03-16 15:45 . 2010-03-17 06:25 20944 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\chrome.dll
2010-03-16 15:45 . 2010-03-17 06:25 184272 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\QipGuard.exe
2010-03-16 15:45 . 2010-03-17 06:25 48080 ----a-w- c:\users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
2010-03-16 15:45 . 2010-03-17 06:25 127440 ----a-w- c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
2010-03-12 08:51 . 2010-03-12 08:50 -------- d-----w- c:\program files\edu-learning
2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-03-05 22:21 . 2010-02-19 19:56 50354 ----a-w- c:\users\asus\AppData\Roaming\Facebook\uninstall.exe
2010-03-05 22:20 . 2010-02-19 19:56 -------- d-----w- c:\users\asus\AppData\Roaming\Facebook
2010-02-27 14:34 . 2010-02-27 12:13 -------- d-----w- c:\programdata\Motive
2010-02-27 12:28 . 2010-02-27 12:15 -------- d-----w- c:\users\asus\AppData\Roaming\Motive
2010-02-27 12:25 . 2010-02-27 12:24 -------- d-----w- c:\program files\TO2SSM
2010-02-27 12:24 . 2010-02-27 12:13 -------- d-----w- c:\program files\Common Files\Motive
2010-02-26 06:41 . 2010-02-26 06:41 847040 ----a-w- c:\users\asus\AppData\Roaming\Facebook\axfbootloader.dll
2010-02-26 06:41 . 2010-02-26 06:41 5582848 ----a-w- c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
2010-02-26 04:41 . 2010-02-26 04:41 41312 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-02-26 04:41 . 2010-02-26 04:41 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-02-26 04:41 . 2010-02-26 04:41 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-02-26 04:41 . 2010-02-26 04:41 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-02-26 04:39 . 2010-02-26 04:39 133512 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-02-24 08:16 . 2009-10-02 19:17 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:06 . 2010-03-11 13:34 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 13:34 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 13:34 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-25 12:00 . 2010-02-24 09:33 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 09:33 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 09:33 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 09:33 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 09:33 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 09:33 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 09:33 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 09:33 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-24 09:33 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-04-22 19:20 . 2009-04-22 19:20 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
2010-03-16 15:45 48080 ----a-w- c:\users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-06-12 3055616]
"Infium"="c:\program files\QIP Infium\infium.exe" [2010-03-16 5739472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-25 13548064]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-12 6265376]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-08 2173440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-02-26 2140880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"QuickTime Player"=c:\program files\QuickTime\QuickTimePlayer.exe
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" -silent
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"QIP Internet Guardian"=c:\users\asus\AppData\Roaming\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"ASUS Screen Saver Protector"=c:\windows\AsScrPro.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):76,24,b9,d9,40,3d,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-13 721904]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsProcOb.sys [x]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 FlashUSB;Flash Loader utility driver;c:\windows\system32\Drivers\FlashUSB.sys [2009-05-12 16896]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-06-12 142592]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:19]

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:19]

2010-04-24 c:\windows\Tasks\User_Feed_Synchronization-{644F4F77-DDCF-4B16-8612-6592AABB26DA}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
LSP: bmnet.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----

FF - user.js: browser.urlbar.hideGoButton - false
FF - user.js: dom.disable_window_open_feature.minimizable - true
FF - user.js: dom.disable_window_open_feature.menubar - true
FF - user.js: dom.disable_window_open_feature.scrollbars - true
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.tabMinWidth - 125
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- Asociace souborů -------
.
.txt=
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-24 16:48
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3719728939-1463824919-3971104576-1000\Software\SecuROM\License information*]
"datasecu"=hex:2c,a5,5a,c7,14,b1,3a,3a,03,34,cd,92,49,06,cc,3b,2a,e1,f7,57,c6,
89,45,3b,af,9a,c0,b8,10,78,56,76,48,94,d0,ea,33,f7,bd,51,e2,9f,cf,83,2b,01,\
"rkeysecu"=hex:3b,cf,79,00,ca,7f,96,60,c0,94,ab,5e,4f,8d,11,7e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(720)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-04-24 16:50:14
ComboFix-quarantined-files.txt 2010-04-24 14:50

Před spuštěním: Volných bajtů: 67 440 279 552
Po spuštění: Volných bajtů: 67 407 659 008

- - End Of File - - 15646E0C7E97587FE1592C6B60367460

[papushka]

Když já si nemůžu pomoct, tady mi vždycky poradili nejlíp

Tady je teda log z GooredFixu:

GooredFix by jpshortstuff (08.01.10.1)
Log created at 17:19 on 24/04/2010 (asus)
Firefox version 3.6.3 (cs)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07} [07:35 29/01/2010]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [21:26 12/06/2009]
{B13721C7-F507-4982-B2E5-502A71474FED} [09:29 20/09/2009]
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [17:24 15/06/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [09:13 28/12/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [08:01 17/06/2009]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"="C:\Program Files\Crawler\firefox\" [22:13 16/04/2010]

-=E.O.F=-


Tady ten krátký z gmeru:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-24 17:22:39
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\kwldrpoc.sys


---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8572C1F8
Device \FileSystem\fastfat \Fat A1C30500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


A tady ten dlouhý:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-24 17:59:32
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\kwldrpoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwClose [0x91ECA88E]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0x91ECA0EC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0x91EC9DCE]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0x91ECB938]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0x91EC9ED8]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0x91EC9FC2]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0x91ECABBC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0x91ECA3F4]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0x91ECA526]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0x91EC9BFC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0x91ECAB04]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0x91ECA70C]

INT 0x51 ? 86721F00
INT 0x92 ? 85726BF8
INT 0x92 ? 85726BF8
INT 0x92 ? 85726BF8
INT 0xA2 ? 86721F00

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8572C1F8
Device \FileSystem\fastfat \FatCdrom A1C30500

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 857281F8
Device \Driver\usbohci \Device\USBPDO-0 867D01F8
Device \Driver\usbehci \Device\USBPDO-1 867CF1F8
Device \Driver\volmgr \Device\HarddiskVolume1 857281F8
Device \Driver\volmgr \Device\HarddiskVolume2 857281F8
Device \Driver\cdrom \Device\CdRom0 8687F500
Device \Driver\volmgr \Device\HarddiskVolume3 857281F8
Device \Driver\cdrom \Device\CdRom1 8687F500
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8572A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 8572A1F8
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 8572A1F8
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 8572A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\msahci \Device\Ide\PciIde0Channel0 8572B1F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 8572B1F8
Device \Driver\cdrom \Device\CdRom2 8687F500
Device \Driver\netbt \Device\NetBt_Wins_Export 881AD300
Device \Driver\Smb \Device\NetbiosSmb 8821A1F8
Device \Driver\iScsiPrt \Device\RaidPort0 868BE1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{9B14B3AE-1D76-44B9-A875-8B5EC2B8F162} 881AD300
Device \Driver\usbohci \Device\USBFDO-0 867D01F8
Device \Driver\usbehci \Device\USBFDO-1 867CF1F8
Device \Driver\PCI_PNP6353 \Device\0000007b spml.sys
Device \Driver\netbt \Device\NetBT_Tcpip_{C0F1E277-742F-4BA3-AA8C-858BFC4C95E0} 881AD300
Device \Driver\sptd \Device\3460208365 spml.sys
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target1Lun0 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target0Lun0 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\fastfat \Fat A1C30500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)

Device \FileSystem\cdfs \Cdfs A8C36500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000d1801188f
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000d1801188f@00248338040a 0xF4 0x2C 0x5A 0x1E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDF 0xD6 0xC8 0x58 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x25 0x8F 0x95 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x89 0x79 0x3F 0x3C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x73 0x62 0x80 0xA9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000d1801188f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000d1801188f@00248338040a 0xF4 0x2C 0x5A 0x1E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDF 0xD6 0xC8 0x58 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x25 0x8F 0x95 0xE4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x89 0x79 0x3F 0x3C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x73 0x62 0x80 0xA9 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\UnreadMail\Qip Infium: máš nepřečtené zprávy@MessageCount 1

---- EOF - GMER 1.0.15 ----

[papushka]

Když jsem spustila tu každedenní kontrolu, zase to samé, jako jsem psala v první zprávě. Tak teda nevím, co to je...

[papushka]

Tady je

[papushka]

Díky,
vlastně se mi to začlo ukazovat až po instalaci NODa, jinak bych to taky neřešila

Fakt moc děkuju za pomoc Snad sem v nejbližší době nebudu muset dávat žádný další logy