VIRY.CZ

Dobrý den,

Spyware terminator mi pořád hlasí Trojan.ExOptions.gen a když ho chci odstranit, píše:
Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe
Mazání registrů selhalo: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe

Nejdou smazat ani přes Editor registru, ani Mbam nic nenašel, NOD nic nenašel, PC jsem pročistila ComboFixem, CCleanerem, přes TuneUp Utilities a pořád to tu je. Navíc po tom pročištění se přestala ukazovat tapeta plochy a miniatury souborů ve složkách.


Vkládám log z RSIT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by asus at 2010-04-24 15:13:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 64 GB (42%) free of 153 GB
Total RAM: 3070 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:00, on 24.4.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ATK Hotkey\HControlUser.exe
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Users\asus\Desktop\RSIT.exe
C:\Program Files\trend micro\asus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files\ATK Hotkey\HcontrolUser.exe"
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP Infium\infium.exe" /autorun
O4 - HKUS\S-1-5-18\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files\ICQ7.0\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\Windows\system32\bmwebcfg.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 7460 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{644F4F77-DDCF-4B16-8612-6592AABB26DA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll [2010-03-16 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-04-14 1241960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"HControlUser"=C:\Program Files\ATK Hotkey\HcontrolUser.exe [2008-01-12 98304]
"ATKOSD2"=C:\Program Files\ATKOSD2\ATKOSD2.exe [2008-01-24 7766016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-07-25 13548064]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-12 6265376]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-08-17 102400]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2009-07-08 2173440]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-02-26 2140880]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2009-06-12 3055616]
"Infium"=C:\Program Files\QIP Infium\infium.exe [2010-03-16 5739472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - open - %SystemRoot%\system32\NOTEPAD.EXE %1
.txt - open -

======List of files/folders created in the last 1 months======

2010-04-24 15:07:41 ----D---- C:\Program Files\trend micro
2010-04-24 15:07:40 ----D---- C:\rsit
2010-04-24 12:59:41 ----A---- C:\Windows\ntbtlog.txt
2010-04-24 11:57:11 ----D---- C:\Program Files\CCleaner
2010-04-24 11:43:01 ----D---- C:\32788R22FWJFW
2010-04-24 11:30:57 ----SHD---- C:\$RECYCLE.BIN
2010-04-24 11:30:55 ----D---- C:\Windows\temp
2010-04-24 11:20:38 ----A---- C:\Windows\PEV.exe
2010-04-24 11:20:38 ----A---- C:\Windows\MBR.exe
2010-04-24 11:20:33 ----D---- C:\Windows\ERDNT
2010-04-23 23:36:12 ----D---- C:\Users\asus\AppData\Roaming\Malwarebytes
2010-04-23 23:35:51 ----D---- C:\ProgramData\Malwarebytes
2010-04-23 23:35:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-22 17:53:02 ----A---- C:\Windows\wininit.ini
2010-04-22 17:52:55 ----AH---- C:\setup95.exe
2010-04-17 00:13:06 ----D---- C:\Program Files\Crawler
2010-04-17 00:08:35 ----A---- C:\Windows\system32\browserchoice.exe
2010-04-16 21:40:12 ----D---- C:\Users\asus\AppData\Roaming\ESET
2010-04-16 21:38:30 ----D---- C:\ProgramData\ESET
2010-04-16 21:38:30 ----D---- C:\Program Files\ESET
2010-04-16 19:02:23 ----A---- C:\Windows\system32\authuitu.dll
2010-04-16 19:00:10 ----A---- C:\Windows\system32\uxtuneup.dll
2010-04-16 16:35:49 ----A---- C:\Windows\system32\TURegOpt.exe
2010-04-16 16:32:06 ----D---- C:\Program Files\TuneUp Utilities 2010
2010-04-16 16:31:30 ----SHD---- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-16 09:08:27 ----D---- C:\Program Files\XVideoConverter
2010-04-15 17:42:57 ----D---- C:\ProgramData\DivX
2010-04-14 07:47:40 ----A---- C:\Windows\system32\vbscript.dll
2010-04-14 07:47:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-04-14 07:47:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-04-14 07:47:28 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-04-14 07:46:56 ----A---- C:\Windows\system32\wintrust.dll
2010-04-14 07:45:31 ----A---- C:\Windows\system32\cabview.dll
2010-04-11 11:49:16 ----D---- C:\Users\asus\AppData\Roaming\MathematicaPlayer
2010-04-11 11:49:16 ----D---- C:\ProgramData\MathematicaPlayer
2010-04-11 09:43:41 ----D---- C:\Users\asus\AppData\Roaming\Mathematica
2010-04-11 09:43:41 ----D---- C:\ProgramData\Mathematica
2010-04-11 09:42:58 ----D---- C:\Windows\Downloaded Installations
2010-04-11 09:41:54 ----A---- C:\Windows\system32\mlmodule32.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i3.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i2.dll
2010-04-11 09:41:54 ----A---- C:\Windows\system32\ml32i1.dll
2010-04-11 09:38:22 ----D---- C:\Program Files\Wolfram Research
2010-03-31 07:18:05 ----A---- C:\Windows\system32\mshtml.dll
2010-03-31 07:18:03 ----A---- C:\Windows\system32\wininet.dll
2010-03-31 07:18:00 ----A---- C:\Windows\system32\urlmon.dll
2010-03-31 07:17:48 ----A---- C:\Windows\system32\ieframe.dll
2010-03-31 07:17:43 ----A---- C:\Windows\system32\ieui.dll
2010-03-31 07:17:42 ----A---- C:\Windows\system32\mshtmled.dll
2010-03-31 07:17:38 ----A---- C:\Windows\system32\iepeers.dll
2010-03-31 07:17:37 ----A---- C:\Windows\system32\ieencode.dll
2010-03-31 07:17:33 ----A---- C:\Windows\system32\ieapfltr.dll
2010-03-27 14:46:37 ----D---- C:\A__P_ILET____P__KR_LOVNO

======List of files/folders modified in the last 1 months======

2010-04-24 15:13:34 ----D---- C:\Windows\Prefetch
2010-04-24 15:09:25 ----D---- C:\Windows\tracing
2010-04-24 15:07:41 ----RD---- C:\Program Files
2010-04-24 13:26:18 ----D---- C:\ProgramData\Spyware Terminator
2010-04-24 13:26:15 ----SHD---- C:\System Volume Information
2010-04-24 13:26:01 ----D---- C:\Program Files\Spyware Terminator
2010-04-24 13:23:36 ----D---- C:\Users\asus\AppData\Roaming\Spyware Terminator
2010-04-24 12:59:41 ----D---- C:\Windows
2010-04-24 12:53:48 ----A---- C:\Windows\system32\acovcnt.exe
2010-04-24 11:58:56 ----D---- C:\Windows\Debug
2010-04-24 11:28:48 ----A---- C:\Windows\system.ini
2010-04-24 11:28:11 ----D---- C:\Windows\System32
2010-04-24 11:25:35 ----D---- C:\Windows\system32\drivers
2010-04-24 11:25:34 ----D---- C:\Windows\AppPatch
2010-04-24 11:25:34 ----D---- C:\Program Files\Common Files
2010-04-24 11:19:40 ----D---- C:\ProgramData\Norton
2010-04-24 11:19:38 ----D---- C:\ProgramData\Symantec
2010-04-24 11:19:37 ----D---- C:\Windows\Tasks
2010-04-24 11:19:05 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-04-24 11:15:25 ----D---- C:\Windows\system32\Tasks
2010-04-23 23:55:33 ----A---- C:\Windows\NeroDigital.ini
2010-04-23 23:35:51 ----D---- C:\ProgramData
2010-04-23 18:06:28 ----D---- C:\Users\asus\AppData\Roaming\DivX
2010-04-22 22:51:42 ----D---- C:\Users\asus\AppData\Roaming\AIMP
2010-04-22 22:07:49 ----D---- C:\Program Files\DivX
2010-04-22 07:52:46 ----D---- C:\Windows\inf
2010-04-22 07:52:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-04-21 22:01:25 ----D---- C:\Users\asus\AppData\Roaming\ICQ
2010-04-21 21:52:43 ----D---- C:\Program Files\ICQ7.0
2010-04-20 20:14:46 ----D---- C:\Program Files\WinClamAVShield
2010-04-18 15:34:29 ----D---- C:\Boot
2010-04-18 15:34:24 ----D---- C:\Windows\system32\config
2010-04-17 00:09:11 ----D---- C:\Windows\winsxs
2010-04-17 00:09:01 ----D---- C:\Windows\system32\catroot
2010-04-16 23:57:35 ----SHD---- C:\Windows\Installer
2010-04-16 23:57:16 ----D---- C:\ProgramData\Lavasoft
2010-04-16 23:57:13 ----DC---- C:\Windows\system32\DRVSTORE
2010-04-16 18:51:47 ----D---- C:\Program Files\Electronic Arts
2010-04-16 18:46:00 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-16 18:45:59 ----D---- C:\Program Files\ASUS
2010-04-16 18:44:34 ----D---- C:\Program Files\Adobe
2010-04-16 18:43:10 ----D---- C:\Program Files\Winamp
2010-04-16 18:34:12 ----D---- C:\Windows\system32\catroot2
2010-04-16 16:49:01 ----D---- C:\Program Files\TuneUp Utilities 2009
2010-04-16 16:31:40 ----D---- C:\ProgramData\TuneUp Software
2010-04-16 09:34:41 ----AD---- C:\ProgramData\Temp
2010-04-15 22:05:12 ----D---- C:\Program Files\Windows Mail
2010-04-15 21:22:33 ----D---- C:\ProgramData\Microsoft Help
2010-04-15 21:18:25 ----D---- C:\Users\asus\AppData\Roaming\uTorrent
2010-04-15 17:45:49 ----D---- C:\Program Files\Common Files\DivX Shared
2010-04-14 08:10:19 ----D---- C:\Program Files\Google
2010-04-11 11:44:40 ----RSD---- C:\Windows\Fonts
2010-04-11 09:38:01 ----D---- C:\Users\asus\AppData\Roaming\vlc
2010-04-06 19:52:54 ----A---- C:\Windows\system32\mrt.exe
2010-04-06 17:08:16 ----SD---- C:\Users\asus\AppData\Roaming\Microsoft
2010-04-04 09:54:14 ----D---- C:\Program Files\Mozilla Firefox
2010-03-30 21:57:49 ----D---- C:\Windows\system32\WDI
2010-03-27 20:00:20 ----D---- C:\ProgramData\CyberLink
2010-03-27 20:00:20 ----D---- C:\Program Files\CyberLink
2010-03-27 14:46:20 ----D---- C:\ProgramData\DVD Shrink

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2009-06-12 142592]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2009-06-13 73312]
R2 ASMMAP;ASMMAP; \??\C:\Program Files\ATKGFNEX\ASMMAP.sys [2007-07-24 13880]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-02-26 134488]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
R3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2006-11-10 18688]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-06 908800]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-02-26 32584]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-12 2159384]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2008-06-03 15928]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\Windows\system32\drivers\MODEMCSA.sys [2008-01-21 18432]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATKACPI.sys [2006-12-14 7680]
R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-07-25 7547552]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2008-07-23 1772544]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-08-17 190512]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 SRTSP;SRTSP; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS []
S1 SRTSPX;SRTSPX; \??\C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS []
S1 tcpipBM;Bytemobile Kernel Network Provider; C:\Windows\system32\drivers\tcpipBM.sys [2008-03-06 18688]
S3 a59ut27s;a59ut27s; C:\Windows\system32\drivers\a59ut27s.sys []
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\adusbser.sys []
S3 ASUSProcObsrv;ASUS Process Creation/Termination Observer; \??\E:\I386\AsProcOb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 FlashUSB;Flash Loader utility driver; C:\Windows\System32\Drivers\FlashUSB.sys [2009-05-12 16896]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-03-29 21248]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-03-29 20096]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-11-02 1010560]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2008-03-18 13312]
R2 ASLDRService;ASLDR Service; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-10-03 94208]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 bmwebcfg;Bytemobile Web Configurator; C:\Windows\system32\bmwebcfg.exe [2008-03-06 118784]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-06-09 73728]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-07-25 196608]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2009-06-12 487424]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
S2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe /s Norton Internet Security /m C:\Program Files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll /prefetch:1 []
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-02-26 33560]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-13 655624]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 fsssvc;Windows Live Zabezpečení rodiny; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TuneUp.Defrag;@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-04-24 435016]

-----------------EOF-----------------



Už nevím, co s tím. Prosím, poraďte.

Díky moc za odpověď.

Bohužel máme doma hodně počítačů a všechny měly nějaký problém, tak proto tolik logů Omlouvám se, že takhle přidělávám práci...

Tady je log z CF:

ComboFix 10-04-21.01 - asus 24.04.2010 16:39:01.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1845 [GMT 2:00]
Spuštěný z: c:\users\asus\Desktop\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-24 do 2010-04-24 )))))))))))))))))))))))))))))))
.

2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\asus\AppData\Local\temp
2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-24 14:48 . 2010-04-24 14:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-24 13:07 . 2010-04-24 13:13 -------- d-----w- c:\program files\trend micro
2010-04-24 13:07 . 2010-04-24 13:08 -------- d-----w- C:\rsit
2010-04-24 09:57 . 2010-04-24 09:57 -------- d-----w- c:\program files\CCleaner
2010-04-23 21:36 . 2010-04-23 21:36 -------- d-----w- c:\users\asus\AppData\Roaming\Malwarebytes
2010-04-23 21:35 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-23 21:35 . 2010-04-23 21:35 -------- d-----w- c:\programdata\Malwarebytes
2010-04-23 21:35 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-23 21:35 . 2010-04-23 21:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-22 20:07 . 2010-04-22 20:07 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-04-22 20:07 . 2010-04-22 20:07 57679 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-04-22 20:06 . 2010-04-22 20:06 84040 ----a-w- c:\programdata\DivX\TransferWizard\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 57054 ----a-w- c:\programdata\DivX\DSDesktopComponents\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 54166 ----a-w- c:\programdata\DivX\DSAVCDecoder\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 57532 ----a-w- c:\programdata\DivX\DSASPDecoder\Uninstaller.exe
2010-04-22 20:05 . 2010-04-22 20:05 56458 ----a-w- c:\programdata\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54174 ----a-w- c:\programdata\DivX\DSAACDecoder\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54153 ----a-w- c:\programdata\DivX\DFXPlugin\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54128 ----a-w- c:\programdata\DivX\Converter\Uninstaller.exe
2010-04-22 20:04 . 2010-04-22 20:04 54629 ----a-w- c:\programdata\DivX\TranscodeEngine\Uninstaller.exe
2010-04-22 20:03 . 2010-04-22 20:03 54101 ----a-w- c:\programdata\DivX\MPEG2Plugin\Uninstaller.exe
2010-04-22 20:03 . 2010-04-22 20:03 56969 ----a-w- c:\programdata\DivX\ASPEncoder\Uninstaller.exe
2010-04-22 20:00 . 2010-04-22 20:00 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-04-22 15:52 . 1996-09-16 02:00 202240 ---ha-w- C:\setup95.exe
2010-04-16 22:13 . 2010-04-24 14:28 -------- d-----w- c:\program files\Crawler
2010-04-16 22:08 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-04-16 19:40 . 2010-04-16 19:40 -------- d-----w- c:\users\asus\AppData\Local\ESET
2010-04-16 19:38 . 2010-04-24 09:09 -------- d-----w- c:\program files\ESET
2010-04-16 17:02 . 2010-02-25 09:56 21320 ----a-w- c:\windows\system32\authuitu.dll
2010-04-16 17:00 . 2010-02-25 09:56 30024 ----a-w- c:\windows\system32\uxtuneup.dll
2010-04-16 17:00 . 2009-08-30 09:59 147456 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Bubbles.tla.dll
2010-04-16 17:00 . 2009-06-14 13:13 331776 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Forcefield.tla.dll
2010-04-16 17:00 . 2009-06-14 13:12 237568 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogoAnimations\Aurora.tla.dll
2010-04-16 17:00 . 2010-01-19 13:21 3092480 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Giraffe.tls.dll
2010-04-16 17:00 . 2009-12-04 20:30 442368 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Merry Xmas.tls.dll
2010-04-16 17:00 . 2009-12-04 20:28 507904 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Merry Christmas.tls.dll
2010-04-16 17:00 . 2009-12-04 20:19 2265088 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Star.tls.dll
2010-04-16 17:00 . 2009-08-30 10:05 4268032 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Tower bridge.tls.dll
2010-04-16 17:00 . 2009-07-11 00:34 3465216 ----a-w- c:\users\asus\AppData\Roaming\TuneUp Software\TuneUp Utilities\WinStyler\LogonScreens\Borabora.tls.dll
2010-04-16 14:35 . 2010-02-25 10:03 30536 ----a-w- c:\windows\system32\TURegOpt.exe
2010-04-16 14:32 . 2010-04-24 10:05 -------- d-----w- c:\program files\TuneUp Utilities 2010
2010-04-16 14:31 . 2010-04-16 14:31 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-16 07:08 . 2010-04-16 07:08 -------- d-----w- c:\program files\XVideoConverter
2010-04-15 15:47 . 2010-04-22 20:08 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-04-15 15:46 . 2010-04-22 20:00 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-04-15 15:46 . 2010-04-22 19:59 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-04-15 15:46 . 2009-07-18 17:26 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Plus DirectShow Filters\DivXDSFiltersUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Player\DivXPlayerUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Converter\DivXConverterUninstall.exe
2010-04-15 15:46 . 2009-07-18 17:25 529200 ----a-w- c:\programdata\DivX\DivX7\DivX Codec\DivXCodecUninstall.exe
2010-04-15 15:46 . 2010-04-15 15:46 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe
2010-04-15 15:46 . 2010-04-15 15:46 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-04-15 15:45 . 2010-04-15 15:45 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe
2010-04-15 15:42 . 2010-04-22 20:08 -------- d-----w- c:\programdata\DivX
2010-04-14 05:47 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 05:47 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 05:47 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-14 05:47 . 2010-03-04 17:33 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 05:47 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 05:47 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 05:47 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-14 05:47 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-14 05:47 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-14 05:46 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll
2010-04-14 05:45 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\users\asus\AppData\Local\MathematicaPlayer
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\users\asus\AppData\Roaming\MathematicaPlayer
2010-04-11 09:49 . 2010-04-11 09:49 -------- d-----w- c:\programdata\MathematicaPlayer
2010-04-11 07:43 . 2010-04-11 07:46 -------- d-----w- c:\users\asus\AppData\Local\Mathematica
2010-04-11 07:43 . 2010-04-11 07:48 -------- d-----w- c:\users\asus\AppData\Roaming\Mathematica
2010-04-11 07:43 . 2010-04-11 07:47 -------- d-----w- c:\programdata\Mathematica
2010-04-11 07:42 . 2010-04-11 07:42 -------- d-----w- c:\windows\Downloaded Installations
2010-04-11 07:41 . 2009-03-05 16:53 185640 ----a-w- c:\windows\system32\mlmodule32.dll
2010-04-11 07:41 . 2009-03-05 16:53 378152 ----a-w- c:\windows\system32\ml32i3.dll
2010-04-11 07:41 . 2009-03-05 16:53 267560 ----a-w- c:\windows\system32\ml32i2.dll
2010-04-11 07:41 . 2009-03-05 16:53 259368 ----a-w- c:\windows\system32\ml32i1.dll
2010-04-11 07:38 . 2010-04-11 09:41 -------- d-----w- c:\program files\Wolfram Research
2010-04-08 13:44 . 2010-03-25 09:27 1107264 ----a-w- c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-31 05:18 . 2010-03-09 15:42 834048 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 05:17 . 2010-03-09 16:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-27 12:46 . 2010-03-27 12:52 -------- d-----w- C:\A__P_ILET____P__KR_LOVNO

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-24 14:36 . 2009-06-12 16:25 45056 ----a-w- c:\windows\system32\acovcnt.exe
2010-04-24 14:35 . 2009-07-14 19:42 12 ----a-w- c:\windows\bthservsdp.dat
2010-04-24 11:26 . 2009-06-12 21:30 -------- d-----w- c:\programdata\Spyware Terminator
2010-04-24 11:26 . 2009-06-12 21:30 -------- d-----w- c:\program files\Spyware Terminator
2010-04-24 11:23 . 2009-06-12 21:30 -------- d-----w- c:\users\asus\AppData\Roaming\Spyware Terminator
2010-04-24 09:51 . 2009-06-12 16:25 164984 ----a-w- c:\users\asus\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-24 09:19 . 2009-04-22 19:24 -------- d-----w- c:\programdata\Norton
2010-04-24 09:19 . 2009-04-22 19:24 -------- d-----w- c:\programdata\Symantec
2010-04-24 09:19 . 2009-11-25 17:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-23 16:06 . 2009-07-18 17:26 -------- d-----w- c:\users\asus\AppData\Roaming\DivX
2010-04-22 20:51 . 2009-06-13 09:30 -------- d-----w- c:\users\asus\AppData\Roaming\AIMP
2010-04-22 20:07 . 2009-06-18 17:16 -------- d-----w- c:\program files\DivX
2010-04-22 19:04 . 2009-06-12 21:46 27744 ----a-w- c:\programdata\nvModes.dat
2010-04-22 05:52 . 2008-04-17 10:34 598832 ----a-w- c:\windows\system32\perfh005.dat
2010-04-22 05:52 . 2008-04-17 10:34 114992 ----a-w- c:\windows\system32\perfc005.dat
2010-04-21 20:01 . 2009-11-29 14:30 -------- d-----w- c:\users\asus\AppData\Roaming\ICQ
2010-04-21 19:52 . 2010-01-29 07:35 -------- d-----w- c:\program files\ICQ7.0
2010-04-20 18:14 . 2009-06-12 21:33 -------- d-----w- c:\program files\WinClamAVShield
2010-04-16 21:57 . 2009-06-15 08:39 -------- d-----w- c:\programdata\Lavasoft
2010-04-16 16:51 . 2009-06-14 12:16 -------- d-----w- c:\program files\Electronic Arts
2010-04-16 16:46 . 2009-04-22 19:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-16 16:45 . 2009-04-22 20:02 -------- d-----w- c:\program files\ASUS
2010-04-16 16:43 . 2009-09-27 12:08 -------- d-----w- c:\program files\Winamp
2010-04-16 14:49 . 2009-06-13 21:17 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-04-16 14:31 . 2009-06-13 21:17 -------- d-----w- c:\programdata\TuneUp Software
2010-04-15 20:05 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-15 19:22 . 2009-04-22 19:07 -------- d-----w- c:\programdata\Microsoft Help
2010-04-15 19:18 . 2009-06-13 09:51 -------- d-----w- c:\users\asus\AppData\Roaming\uTorrent
2010-04-15 15:45 . 2009-06-18 17:16 -------- d-----w- c:\program files\Common Files\DivX Shared
2010-04-14 06:10 . 2009-04-22 19:26 -------- d-----w- c:\program files\Google
2010-04-11 07:38 . 2009-09-17 13:51 -------- d-----w- c:\users\asus\AppData\Roaming\vlc
2010-03-27 18:00 . 2009-04-22 19:23 -------- d-----w- c:\programdata\CyberLink
2010-03-27 18:00 . 2009-04-22 19:21 -------- d-----w- c:\program files\CyberLink
2010-03-27 17:57 . 2009-04-22 19:22 36864 ----a-w- c:\programdata\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe
2010-03-27 12:46 . 2009-07-09 09:11 -------- d-----w- c:\programdata\DVD Shrink
2010-03-17 06:30 . 2010-03-17 06:25 -------- d-----w- c:\users\asus\AppData\Roaming\QipGuard
2010-03-17 06:29 . 2009-12-22 10:21 -------- d-----w- c:\program files\QIP Infium
2010-03-16 15:45 . 2010-03-17 06:25 280440 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\sqlite3.dll
2010-03-16 15:45 . 2010-03-17 06:25 20944 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\chrome.dll
2010-03-16 15:45 . 2010-03-17 06:25 184272 ----a-w- c:\users\asus\AppData\Roaming\QipGuard\QipGuard.exe
2010-03-16 15:45 . 2010-03-17 06:25 48080 ----a-w- c:\users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll
2010-03-16 15:45 . 2010-03-17 06:25 127440 ----a-w- c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
2010-03-12 08:51 . 2010-03-12 08:50 -------- d-----w- c:\program files\edu-learning
2010-03-08 17:59 . 2010-03-08 17:59 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-03-05 22:21 . 2010-02-19 19:56 50354 ----a-w- c:\users\asus\AppData\Roaming\Facebook\uninstall.exe
2010-03-05 22:20 . 2010-02-19 19:56 -------- d-----w- c:\users\asus\AppData\Roaming\Facebook
2010-02-27 14:34 . 2010-02-27 12:13 -------- d-----w- c:\programdata\Motive
2010-02-27 12:28 . 2010-02-27 12:15 -------- d-----w- c:\users\asus\AppData\Roaming\Motive
2010-02-27 12:25 . 2010-02-27 12:24 -------- d-----w- c:\program files\TO2SSM
2010-02-27 12:24 . 2010-02-27 12:13 -------- d-----w- c:\program files\Common Files\Motive
2010-02-26 06:41 . 2010-02-26 06:41 847040 ----a-w- c:\users\asus\AppData\Roaming\Facebook\axfbootloader.dll
2010-02-26 06:41 . 2010-02-26 06:41 5582848 ----a-w- c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
2010-02-26 04:41 . 2010-02-26 04:41 41312 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2010-02-26 04:41 . 2010-02-26 04:41 32584 ----a-w- c:\windows\system32\drivers\epfwndis.sys
2010-02-26 04:41 . 2010-02-26 04:41 134488 ----a-w- c:\windows\system32\drivers\epfw.sys
2010-02-26 04:41 . 2010-02-26 04:41 114984 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2010-02-26 04:39 . 2010-02-26 04:39 133512 ----a-w- c:\windows\system32\drivers\eamonm.sys
2010-02-24 08:16 . 2009-10-02 19:17 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:06 . 2010-03-11 13:34 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-11 13:34 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-11 13:34 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-25 12:00 . 2010-02-24 09:33 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 09:33 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 09:33 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 09:33 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 09:33 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 09:33 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 09:33 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 09:33 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-24 09:33 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-04-22 19:20 . 2009-04-22 19:20 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
2010-03-16 15:45 48080 ----a-w- c:\users\asus\AppData\Roaming\Microsoft\Internet Explorer\qstatsrv.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-06-12 3055616]
"Infium"="c:\program files\QIP Infium\infium.exe" [2010-03-16 5739472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-12 98304]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-25 13548064]
"RtHDVCpl"="RtHDVCpl.exe" [2008-08-12 6265376]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-08-17 102400]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-07-08 2173440]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-02-26 2140880]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"QuickTime Player"=c:\program files\QuickTime\QuickTimePlayer.exe
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" -silent
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" -autorun
"QIP Internet Guardian"=c:\users\asus\AppData\Roaming\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"ASUS Camera ScreenSaver"=c:\windows\AsScrProlog.exe
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"TO2SSM_McciTrayApp"=c:\program files\TO2SSM\McciTrayApp.exe
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"ASUS Screen Saver Protector"=c:\windows\AsScrPro.exe
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):76,24,b9,d9,40,3d,ca,01

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-06-13 721904]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 133104]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 ASUSProcObsrv;ASUS Process Creation/Termination Observer;e:\i386\AsProcOb.sys [x]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\DRIVERS\CRFILTER.sys [2008-04-07 6656]
R3 FlashUSB;Flash Loader utility driver;c:\windows\system32\Drivers\FlashUSB.sys [2009-05-12 16896]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-06-12 142592]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-02-26 133512]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-02-26 810120]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-02-26 41312]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-25 1047880]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 17:14 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:19]

2010-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-23 16:19]

2010-04-24 c:\windows\Tasks\User_Feed_Synchronization-{644F4F77-DDCF-4B16-8612-6592AABB26DA}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{88EB38EF-4D2C-436D-ABD3-56B232674062} - c:\program files\ICQ7.0\ICQ.exe
LSP: bmnet.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search13.net/search.php?clid=486&q=
FF - prefs.js: browser.search.selectedEngine - ÄŚSFD
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
FF - component: c:\users\asus\AppData\Roaming\Mozilla\Firefox\Profiles\yp9ypu4d.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\asus\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----

FF - user.js: browser.urlbar.hideGoButton - false
FF - user.js: dom.disable_window_open_feature.minimizable - true
FF - user.js: dom.disable_window_open_feature.menubar - true
FF - user.js: dom.disable_window_open_feature.scrollbars - true
FF - user.js: browser.tabs.closeButtons - 1
FF - user.js: browser.tabs.tabMinWidth - 125
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
.
------- Asociace souborů -------
.
.txt=
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-24 16:48
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-3719728939-1463824919-3971104576-1000\Software\SecuROM\License information*]
"datasecu"=hex:2c,a5,5a,c7,14,b1,3a,3a,03,34,cd,92,49,06,cc,3b,2a,e1,f7,57,c6,
89,45,3b,af,9a,c0,b8,10,78,56,76,48,94,d0,ea,33,f7,bd,51,e2,9f,cf,83,2b,01,\
"rkeysecu"=hex:3b,cf,79,00,ca,7f,96,60,c0,94,ab,5e,4f,8d,11,7e

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(720)
c:\windows\system32\bmnet.dll
.
Celkový čas: 2010-04-24 16:50:14
ComboFix-quarantined-files.txt 2010-04-24 14:50

Před spuštěním: Volných bajtů: 67 440 279 552
Po spuštění: Volných bajtů: 67 407 659 008

- - End Of File - - 15646E0C7E97587FE1592C6B60367460

Když já si nemůžu pomoct, tady mi vždycky poradili nejlíp

Tady je teda log z GooredFixu:

GooredFix by jpshortstuff (08.01.10.1)
Log created at 17:19 on 24/04/2010 (asus)
Firefox version 3.6.3 (cs)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files\Mozilla Firefox\extensions\
{800b5000-a755-47e1-992b-48a1c1357f07} [07:35 29/01/2010]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [21:26 12/06/2009]
{B13721C7-F507-4982-B2E5-502A71474FED} [09:29 20/09/2009]
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [17:24 15/06/2009]
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [09:13 28/12/2009]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [08:01 17/06/2009]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"="C:\Program Files\Crawler\firefox\" [22:13 16/04/2010]

-=E.O.F=-


Tady ten krátký z gmeru:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-24 17:22:39
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\kwldrpoc.sys


---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8572C1F8
Device \FileSystem\fastfat \Fat A1C30500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----


A tady ten dlouhý:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-24 17:59:32
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\asus\AppData\Local\Temp\kwldrpoc.sys


---- System - GMER 1.0.15 ----

SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwClose [0x91ECA88E]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateFile [0x91ECA0EC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateKey [0x91EC9DCE]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwCreateSection [0x91ECB938]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteKey [0x91EC9ED8]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwDeleteValueKey [0x91EC9FC2]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwLoadDriver [0x91ECABBC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwOpenFile [0x91ECA3F4]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetInformationFile [0x91ECA526]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwSetValueKey [0x91EC9BFC]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwTerminateProcess [0x91ECAB04]
SSDT \??\C:\Windows\system32\drivers\sp_rsdrv2.sys ZwWriteFile [0x91ECA70C]

INT 0x51 ? 86721F00
INT 0x92 ? 85726BF8
INT 0x92 ? 85726BF8
INT 0x92 ? 85726BF8
INT 0xA2 ? 86721F00

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8572C1F8
Device \FileSystem\fastfat \FatCdrom A1C30500

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 857281F8
Device \Driver\usbohci \Device\USBPDO-0 867D01F8
Device \Driver\usbehci \Device\USBPDO-1 867CF1F8
Device \Driver\volmgr \Device\HarddiskVolume1 857281F8
Device \Driver\volmgr \Device\HarddiskVolume2 857281F8
Device \Driver\cdrom \Device\CdRom0 8687F500
Device \Driver\volmgr \Device\HarddiskVolume3 857281F8
Device \Driver\cdrom \Device\CdRom1 8687F500
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8572A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 8572A1F8
Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 8572A1F8
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 8572A1F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\msahci \Device\Ide\PciIde0Channel0 8572B1F8
Device \Driver\msahci \Device\Ide\PciIde0Channel1 8572B1F8
Device \Driver\cdrom \Device\CdRom2 8687F500
Device \Driver\netbt \Device\NetBt_Wins_Export 881AD300
Device \Driver\Smb \Device\NetbiosSmb 8821A1F8
Device \Driver\iScsiPrt \Device\RaidPort0 868BE1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{9B14B3AE-1D76-44B9-A875-8B5EC2B8F162} 881AD300
Device \Driver\usbohci \Device\USBFDO-0 867D01F8
Device \Driver\usbehci \Device\USBFDO-1 867CF1F8
Device \Driver\PCI_PNP6353 \Device\0000007b spml.sys
Device \Driver\netbt \Device\NetBT_Tcpip_{C0F1E277-742F-4BA3-AA8C-858BFC4C95E0} 881AD300
Device \Driver\sptd \Device\3460208365 spml.sys
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target1Lun0 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target1Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target0Lun0 868821F8
Device \Driver\a91s7yoy \Device\Scsi\a91s7yoy1Port3Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\fastfat \Fat A1C30500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Společnost Microsoft)

Device \FileSystem\cdfs \Cdfs A8C36500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000d1801188f
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000d1801188f@00248338040a 0xF4 0x2C 0x5A 0x1E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDF 0xD6 0xC8 0x58 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x25 0x8F 0x95 0xE4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x89 0x79 0x3F 0x3C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x73 0x62 0x80 0xA9 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000d1801188f (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\000d1801188f@00248338040a 0xF4 0x2C 0x5A 0x1E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xDF 0xD6 0xC8 0x58 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x25 0x8F 0x95 0xE4 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x89 0x79 0x3F 0x3C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12 0x73 0x62 0x80 0xA9 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\UnreadMail\Qip Infium: máš nepřečtené zprávy@MessageCount 1

---- EOF - GMER 1.0.15 ----

Když jsem spustila tu každedenní kontrolu, zase to samé, jako jsem psala v první zprávě. Tak teda nevím, co to je...

Tady je

Díky,
vlastně se mi to začlo ukazovat až po instalaci NODa, jinak bych to taky neřešila

Fakt moc děkuju za pomoc Snad sem v nejbližší době nebudu muset dávat žádný další logy