VIRY.CZ

Dobrý den,dnes jsem chytl vir.Nemůžu spustit žádný program, skoro nic.Antivirus mi též nejde spustit.Prosímvás co mám dělat?

Pokud můžete dejte log RSIT: http://viry.cz/forum/viewtopic.php?f=24&t=81939 . Můžete zkusit případně i v nouz. režimu.

Zkusím to v nouzovém režimu.Normálně to nejde píše mi to vždy, že je soubor exe. infected.Zajímávé je ale, že jediné co mi jde spustit je mozilla firefox.Google chrome ani internet explorer mi nejdou.

Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2010-05-07 14:28:06
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 111 GB (74%) free of 150 GB
Total RAM: 2046 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:28:11, on 7.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17023)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\admin\Plocha\RSIT.exe
C:\Program Files\trend micro\admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5555
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [CmPCIaudio] RunDll32 CMICNFG3.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [prgiuwmm] C:\Documents and Settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [prgiuwmm] C:\Documents and Settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe
O4 - HKCU\..\RunOnce: [WiseStubReboot] MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I "C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI" TRANSFORMS="C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST" WISE_SETUP_EXE_PATH="f:\nvidia\win2k-xp\display\PhysX_9.09.0814_SystemSoftware.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP\qip.exe (HKCU)
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--
End of file - 8229 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Automatic troubleshooting.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-18 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"=C:\WINDOWS\system32\winsys2.exe [2009-08-25 208896]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]
"CmPCIaudio"=RunDll32 CMICNFG3.cpl,CMICtrlWnd []
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE [2006-06-15 229376]
"prgiuwmm"=C:\Documents and Settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe [2010-05-06 271104]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Google Update"=C:\Documents and Settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2010-03-21 136176]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2006-06-27 1449984]
"prgiuwmm"=C:\Documents and Settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe [2010-05-06 271104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"=MSIEXEC /quiet SKIP_PPU_DRIVER_INSTALL=1 /I C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MSI TRANSFORMS=C:\Program Files\Common Files\Wise Installation Wizard\WISC5C1C0F0D62F4DBF81D4D7EF397C228B_9_09_0814.MST WISE_SETUP_EXE_PATH=f:\nvidia\win2k-xp\display\PhysX_9.09.0814_SystemSoftware.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-07-09 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WDDMStatus.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\WDDRIV~1\WDDMST~1.EXE [2009-11-13 2057536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WDSmartWare.lnk]
C:\PROGRA~1\WESTER~1\WDSMAR~1\FRONTP~1\WDSMAR~1.EXE [2009-11-13 9117504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WDSmartWareBackgroundService"=2
"WDDMService"=2
"Nero BackItUp Scheduler 3"=2
"Microsoft Office Groove Audit Service"=3

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Disabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:Quiet Internet Pager"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\program files\activision\COD2\CoD2MP_s.exe"="D:\program files\activision\COD2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"D:\program files\activision\cod4\iw3mp.exe"="D:\program files\activision\cod4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\VDOWNLOADER\VDownloader.exe"="C:\Program Files\VDOWNLOADER\VDownloader.exe:*:Enabled:VDownloader"
"D:\program files\activision\COD5\CoDWaW.exe"="D:\program files\activision\COD5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"D:\program files\activision\COD5\CoDWaWmp.exe"="D:\program files\activision\COD5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM) "
"C:\Program Files\Java\jre6\launch4j-tmp\frd.exe"="C:\Program Files\Java\jre6\launch4j-tmp\frd.exe:*:Enabled:Java(TM) Platform SE binary"
"D:\program files\valve\CSS\Counter-Strike Source\hl2.exe"="D:\program files\valve\CSS\Counter-Strike Source\hl2.exe:*:Enabled:hl2"
"D:\program files\valve\cs1.6\hl.exe"="D:\program files\valve\cs1.6\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Xfire\xfire.exe"="C:\Program Files\Xfire\xfire.exe:*:Enabled:Xfire"
"D:\program files\Rockstar games\gta4\Rockstar Games Social Club\RGSCLauncher.exe"="D:\program files\Rockstar games\gta4\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"D:\program files\Rockstar games\gta4\Grand Theft Auto IV\LaunchGTAIV.exe"="D:\program files\Rockstar games\gta4\Grand Theft Auto IV\LaunchGTAIV.exe:*:Enabled:Grand Theft Auto IV"
"D:\program files\Rockstar games\gta4\Grand Theft Auto IV\GTAIV.exe"="D:\program files\Rockstar games\gta4\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"
"C:\Program Files\ZDaemon\zlauncher.exe"="C:\Program Files\ZDaemon\zlauncher.exe:*:Enabled:ZDaemon Browser"
"C:\Soldat\Soldat.exe"="C:\Soldat\Soldat.exe:*:Enabled:http://soldat.pl"
"E:\zaloha\Net\Plocha\Plugin Manager\skypePM.exe"="E:\zaloha\Net\Plocha\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"E:\zaloha\Net\Plocha\Phone\Skype.exe"="E:\zaloha\Net\Plocha\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{213a3dcc-4326-11df-8264-26f3f2f66547}]
shell\AutoRun\command - "G:\WD SmartWare.exe" autoplay=true


======List of files/folders created in the last 1 months======

2010-05-07 14:21:23 ----A---- C:\RSIT.exe
2010-05-06 23:07:41 ----D---- C:\32788R22FWJFW
2010-05-06 22:15:00 ----A---- C:\WINDOWS\ntbtlog.txt
2010-05-02 15:24:41 ----D---- C:\Documents and Settings\admin\Data aplikací\Xfire
2010-05-02 12:18:01 ----D---- C:\Documents and Settings\admin\Data aplikací\Nokia Multimedia Player
2010-05-02 12:12:47 ----D---- C:\Documents and Settings\admin\Data aplikací\Datalayer
2010-05-02 12:12:13 ----D---- C:\Documents and Settings\admin\Data aplikací\Nokia
2010-05-02 12:08:11 ----D---- C:\WINDOWS\Downloaded Installations
2010-05-02 12:06:08 ----D---- C:\Program Files\DIFX
2010-05-02 12:05:52 ----D---- C:\Program Files\Common Files\Nokia
2010-05-02 12:05:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-05-02 12:05:42 ----D---- C:\Documents and Settings\admin\Data aplikací\PC Suite
2010-05-02 12:05:40 ----D---- C:\Program Files\Common Files\PCSuite
2010-05-02 12:05:35 ----A---- C:\WINDOWS\system32\nmwcdlog.dll
2010-05-02 12:05:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-05-02 12:05:34 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-05-02 12:05:33 ----D---- C:\Program Files\Nokia
2010-05-02 12:05:26 ----D---- C:\Documents and Settings\All Users\Data aplikací\Downloaded Installations
2010-04-29 13:48:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-04-29 13:47:54 ----D---- C:\Program Files\Common Files\Adobe
2010-04-29 13:47:54 ----D---- C:\Program Files\Adobe
2010-04-29 08:13:15 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-28 11:07:02 ----D---- C:\WINDOWS\ie7updates
2010-04-28 11:06:38 ----D---- C:\WINDOWS\WBEM
2010-04-28 11:05:50 ----HDC---- C:\WINDOWS\ie7
2010-04-28 11:05:42 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2010-04-28 11:05:32 ----A---- C:\WINDOWS\imsins.BAK
2010-04-28 11:05:30 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2010-04-27 18:21:30 ----D---- C:\WINDOWS\pss
2010-04-27 18:05:15 ----A---- C:\WINDOWS\system32\Cmeaupci.exe
2010-04-27 18:05:15 ----A---- C:\WINDOWS\Cmicnfg3.ini.cfl
2010-04-27 18:04:55 ----A---- C:\WINDOWS\cmudax3.ini
2010-04-27 18:04:55 ----A---- C:\WINDOWS\Cmicnfg3.ini.imi
2010-04-27 18:04:55 ----A---- C:\WINDOWS\Cmicnfg3.ini.cfg
2010-04-27 18:04:25 ----A---- C:\WINDOWS\system32\cmudax3.DLL
2010-04-27 16:54:55 ----D---- C:\Documents and Settings\admin\Data aplikací\Avira
2010-04-27 16:50:37 ----D---- C:\Program Files\Avira
2010-04-27 16:50:37 ----D---- C:\Documents and Settings\All Users\Data aplikací\Avira
2010-04-27 16:08:49 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-26 20:22:05 ----D---- C:\Program Files\Alcohol Soft
2010-04-26 11:31:14 ----D---- C:\Program Files\Doom Shareware for Windows 95
2010-04-26 11:27:59 ----D---- C:\Program Files\ZDaemon
2010-04-26 10:02:44 ----SHD---- C:\RECYCLER
2010-04-26 09:58:09 ----A---- C:\Boot.bak
2010-04-26 09:58:03 ----RASHD---- C:\cmdcons
2010-04-26 09:57:04 ----A---- C:\WINDOWS\MBR.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\zip.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\SWXCACLS.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\SWSC.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\SWREG.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\sed.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\PEV.exe
2010-04-26 09:57:03 ----A---- C:\WINDOWS\grep.exe
2010-04-26 09:56:48 ----D---- C:\WINDOWS\ERDNT
2010-04-26 09:51:50 ----D---- C:\Qoobox
2010-04-25 20:47:26 ----D---- C:\rsit
2010-04-25 20:47:26 ----D---- C:\Program Files\trend micro
2010-04-25 18:42:43 ----D---- C:\Documents and Settings\admin\Data aplikací\Leadertech
2010-04-25 18:42:08 ----A---- C:\WINDOWS\WININIT.INI
2010-04-19 19:45:04 ----A---- C:\WINDOWS\system32\ShellManager310E2D762.dll
2010-04-19 19:40:24 ----D---- C:\WINDOWS\E-Hammer
2010-04-16 22:26:30 ----A---- C:\WINDOWS\system32\xfcodec.dll
2010-04-15 22:48:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-15 22:48:46 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-15 22:48:45 ----A---- C:\WINDOWS\system32\wmpns.dll
2010-04-15 22:48:41 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-04-15 22:47:16 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-15 22:46:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-15 22:46:51 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-15 22:46:47 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-15 22:46:28 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-09 13:16:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\WD_SmartWareCommon
2010-04-08 17:49:23 ----D---- C:\Documents and Settings\admin\Data aplikací\Western Digital
2010-04-08 17:49:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Western Digital
2010-04-08 17:48:41 ----D---- C:\Program Files\Western Digital

======List of files/folders modified in the last 1 months======

2010-05-07 14:27:30 ----D---- C:\WINDOWS\network diagnostic
2010-05-07 14:21:45 ----D---- C:\WINDOWS\Temp
2010-05-07 14:21:44 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-05-07 14:21:43 ----D---- C:\WINDOWS\system32\CatRoot2
2010-05-07 14:14:02 ----D---- C:\WINDOWS\Prefetch
2010-05-07 13:20:11 ----D---- C:\WINDOWS\system32\NtmsData
2010-05-07 13:19:19 ----D---- C:\WINDOWS\Registration
2010-05-06 23:08:16 ----D---- C:\WINDOWS
2010-05-06 22:38:21 ----D---- C:\WINDOWS\repair
2010-05-06 22:27:45 ----D---- C:\WINDOWS\system32
2010-05-06 22:27:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-05-06 22:15:18 ----D---- C:\Documents and Settings
2010-05-06 17:49:38 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-05-06 16:46:59 ----D---- C:\Program Files\JDownloader
2010-05-06 14:18:01 ----D---- C:\Program Files\McAfee Security Scan
2010-05-05 19:50:10 ----D---- C:\Documents and Settings\admin\Data aplikací\Skype
2010-05-05 17:03:38 ----D---- C:\Documents and Settings\admin\Data aplikací\skypePM
2010-05-03 12:23:31 ----D---- C:\Program Files\Xfire
2010-05-02 19:22:35 ----SHD---- C:\WINDOWS\Installer
2010-05-02 14:12:03 ----A---- C:\WINDOWS\NeroDigital.ini
2010-05-02 12:12:10 ----D---- C:\WINDOWS\system32\drivers
2010-05-02 12:11:33 ----HD---- C:\WINDOWS\inf
2010-05-02 12:06:08 ----RD---- C:\Program Files
2010-05-02 12:06:07 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-05-02 12:05:52 ----D---- C:\Program Files\Common Files
2010-04-29 14:40:00 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-29 14:39:50 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-29 13:48:29 ----D---- C:\Documents and Settings\admin\Data aplikací\Adobe
2010-04-29 08:11:43 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-28 19:05:58 ----D---- C:\Program Files\QuickTime
2010-04-28 11:14:36 ----D---- C:\WINDOWS\Help
2010-04-28 11:14:36 ----D---- C:\Program Files\Internet Explorer
2010-04-28 11:07:08 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-28 11:06:41 ----D---- C:\WINDOWS\system32\config
2010-04-28 11:06:34 ----D---- C:\WINDOWS\Media
2010-04-28 11:04:02 ----D---- C:\WINDOWS\Debug
2010-04-27 21:33:36 ----RSD---- C:\WINDOWS\Fonts
2010-04-27 21:33:36 ----D---- C:\Soldat
2010-04-27 18:28:21 ----ASH---- C:\boot.ini
2010-04-27 18:28:21 ----A---- C:\WINDOWS\win.ini
2010-04-27 18:28:21 ----A---- C:\WINDOWS\system.ini
2010-04-27 18:05:15 ----D---- C:\WINDOWS\system
2010-04-27 16:49:01 ----D---- C:\WINDOWS\WinSxS
2010-04-27 16:19:30 ----SD---- C:\WINDOWS\Tasks
2010-04-27 16:15:15 ----D---- C:\Program Files\Realtek
2010-04-27 14:54:34 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-27 14:48:55 ----A---- C:\WINDOWS\system32\wpa.bak
2010-04-26 12:49:55 ----D---- C:\Documents and Settings\admin\Data aplikací\ICQ
2010-04-26 11:36:00 ----D---- C:\Program Files\Cheat Engine
2010-04-26 10:00:00 ----D---- C:\WINDOWS\AppPatch
2010-04-25 13:35:17 ----D---- C:\WINDOWS\Minidump
2010-04-19 19:51:13 ----A---- C:\WINDOWS\system32\MsiExec.exe.log
2010-04-19 19:48:53 ----D---- C:\Program Files\Common Files\Nero
2010-04-19 19:45:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Nero
2010-04-16 15:53:36 ----D---- C:\Program Files\Mozilla Firefox
2010-04-15 22:49:23 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-11 20:05:27 ----D---- C:\Documents and Settings\admin\Data aplikací\BITS
2010-04-09 13:18:12 ----SD---- C:\Documents and Settings\admin\Data aplikací\Microsoft
2010-04-08 20:03:25 ----D---- C:\WINDOWS\system32\Restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys []
S1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
S1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
S1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-07-27 58908]
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
S2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys []
S3 arf8wlsd;arf8wlsd; C:\WINDOWS\system32\drivers\arf8wlsd.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cmpci;C-Media PCI Audio Driver (WDM); C:\WINDOWS\system32\drivers\cmaudio.sys [2002-07-16 379726]
S3 cmuda3;C-Media PCI Audio Interface; C:\WINDOWS\system32\drivers\cmudax3.sys [2009-05-20 1872192]
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys []
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys []
S3 MSICPL;MSICPL; \??\F:\install4\MSICPL.sys []
S3 Nokia USB Generic;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys [2006-05-29 8704]
S3 Nokia USB Modem;Nokia USB Modem; C:\WINDOWS\system32\drivers\nmwcdcm.sys [2006-05-29 13312]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 Nokia USB Port;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys [2006-05-29 13312]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
S3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-06-29 142592]
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\WINDOWS\system32\DRIVERS\wdcsam.sys [2009-02-13 11520]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 GEST Service;GEST Service for program management.; C:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2009-07-30 68136]
S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-18 153376]
S2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
S2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920]
S2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-02-01 75064]
S2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-05-06 214520]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-02-02 1043784]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [2010-02-09 435016]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WDDMService;WD SmartWare Drive Manager; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2009-11-13 110592]
S4 WDSmartWareBackgroundService;WD SmartWare Background Service; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 10-05-05.0D - admin 07.05.2010 18:49:39.2.4 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1778 [GMT 2:00]
Spuštěný z: c:\documents and settings\admin\Plocha\ComboFix.exe
AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\admin\Local Settings\Data aplikací\untlxqawk
c:\documents and settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-07 do 2010-05-07 )))))))))))))))))))))))))))))))
.

2010-05-07 12:21 . 2010-04-25 18:47 781909 ----a-w- C:\RSIT.exe
2010-05-02 10:12 . 2010-05-02 20:58 -------- d-----w- c:\documents and settings\admin\Phone Browser
2010-05-02 10:08 . 2010-05-02 10:08 -------- d-----w- c:\windows\Downloaded Installations
2010-05-02 10:06 . 2010-05-02 10:06 -------- d-----w- c:\program files\DIFX
2010-05-02 10:05 . 2010-05-02 10:05 -------- d-----w- c:\program files\Common Files\Nokia
2010-05-02 10:05 . 2010-05-02 10:05 -------- d-----w- c:\program files\Common Files\PCSuite
2010-05-02 10:05 . 2006-05-29 06:26 8704 ----a-w- c:\windows\system32\drivers\nmwcdc.sys
2010-05-02 10:05 . 2006-05-29 06:26 13312 ----a-w- c:\windows\system32\drivers\nmwcdcm.sys
2010-05-02 10:05 . 2006-05-29 06:26 13312 ----a-w- c:\windows\system32\drivers\nmwcdcj.sys
2010-05-02 10:05 . 2006-05-29 06:26 127488 ----a-w- c:\windows\system32\drivers\nmwcd.sys
2010-05-02 10:05 . 2006-05-29 06:26 30720 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-05-02 10:05 . 2006-05-29 06:26 4608 ----a-w- c:\windows\system32\nmwcdlog.dll
2010-05-02 10:05 . 2006-05-29 06:26 50688 ----a-w- c:\windows\system32\nmwcdcls.dll
2010-05-02 10:05 . 2010-05-02 10:08 -------- d-----w- c:\program files\Nokia
2010-04-29 11:47 . 2010-04-29 11:48 -------- d-----w- c:\program files\Common Files\Adobe
2010-04-29 06:13 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-28 09:06 . 2010-03-11 12:36 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-04-28 09:06 . 2010-03-11 12:36 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-04-28 09:06 . 2010-03-11 12:36 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-04-28 09:06 . 2010-03-11 12:36 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2010-04-28 09:06 . 2010-03-11 12:36 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-04-28 09:06 . 2010-03-11 12:36 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2010-04-28 09:06 . 2010-03-10 13:18 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-04-28 09:06 . 2009-06-29 08:33 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2010-04-27 16:05 . 2009-04-09 02:25 544768 ----a-w- c:\windows\system32\Cmeaupci.exe
2010-04-27 16:04 . 2009-05-20 04:22 1872192 ----a-w- c:\windows\system32\drivers\cmudax3.sys
2010-04-27 16:04 . 2007-02-27 08:30 36864 ----a-w- c:\windows\system32\cmudax3.DLL
2010-04-27 14:50 . 2010-04-27 14:50 -------- d-----w- c:\program files\Avira
2010-04-27 14:50 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-04-27 14:50 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-04-27 14:50 . 2009-05-11 10:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-04-27 14:50 . 2009-05-11 10:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-04-27 14:08 . 2010-04-27 14:11 -------- d-----w- c:\windows\SxsCaPendDel
2010-04-26 18:22 . 2010-04-26 18:22 -------- d-----w- c:\program files\Alcohol Soft
2010-04-26 09:31 . 2010-04-27 14:13 -------- d-----w- c:\program files\Doom Shareware for Windows 95
2010-04-26 09:27 . 2010-04-27 14:18 -------- d-----w- c:\program files\ZDaemon
2010-04-25 18:47 . 2010-05-07 12:28 -------- d-----w- c:\program files\trend micro
2010-04-25 18:47 . 2010-04-25 18:47 -------- d-----w- C:\rsit
2010-04-25 10:05 . 2010-04-26 18:19 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-19 17:45 . 2008-02-28 12:26 1414440 ----a-w- c:\windows\system32\ShellManager310E2D762.dll
2010-04-19 17:40 . 2010-04-19 17:40 -------- d-----w- c:\windows\E-Hammer
2010-04-16 20:26 . 2010-04-16 20:26 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-04-16 13:52 . 2010-04-16 13:52 -------- d-----w- c:\documents and settings\admin\SystemRequirementsLab
2010-04-15 20:48 . 2008-04-14 07:52 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-08 15:49 . 2009-02-13 09:02 11520 ----a-w- c:\windows\system32\drivers\wdcsam.sys
2010-04-08 15:48 . 2010-04-08 15:48 -------- d-----w- c:\program files\Western Digital

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-07 16:38 . 2010-01-12 17:03 17488 ----a-w- c:\windows\gdrv.sys
2010-05-06 20:27 . 2004-08-18 12:00 79242 ----a-w- c:\windows\system32\perfc005.dat
2010-05-06 20:27 . 2004-08-18 12:00 432278 ----a-w- c:\windows\system32\perfh005.dat
2010-05-06 15:49 . 2010-01-17 19:36 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-06 15:49 . 2010-01-17 19:36 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-06 14:46 . 2010-01-18 10:32 -------- d-----w- c:\program files\JDownloader
2010-05-06 12:18 . 2010-01-13 00:23 -------- d-----w- c:\program files\McAfee Security Scan
2010-05-03 10:23 . 2010-02-22 19:57 -------- d-----w- c:\program files\Xfire
2010-05-02 17:23 . 2010-02-24 16:12 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-04-28 17:05 . 2010-02-19 07:36 -------- d-----w- c:\program files\QuickTime
2010-04-27 14:15 . 2010-01-12 16:23 -------- d-----w- c:\program files\Realtek
2010-04-26 09:36 . 2010-03-18 18:59 -------- d-----w- c:\program files\Cheat Engine
2010-04-19 17:48 . 2010-01-12 17:17 -------- d-----w- c:\program files\Common Files\Nero
2010-04-11 17:57 . 2010-02-06 18:41 891 ----a-w- c:\windows\system32\secushr.dat
2010-04-02 08:00 . 2010-04-02 08:00 -------- d-----w- c:\program files\IObit
2010-03-20 15:32 . 2010-03-20 15:32 -------- d-----w- c:\program files\The KMPlayer
2010-03-16 18:27 . 2010-03-16 18:27 -------- d-----w- c:\program files\GamePark
2010-03-16 17:54 . 2010-03-16 17:54 -------- d-----w- c:\program files\hardware_info
2010-03-16 14:32 . 2010-01-12 16:44 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-03-16 14:30 . 2010-03-15 11:50 -------- d-----w- c:\program files\Any Audio Converter
2010-03-16 14:28 . 2010-03-16 14:28 -------- d-----w- c:\program files\CCleaner
2010-03-15 11:33 . 2010-03-15 11:33 -------- d-----w- c:\program files\hypercam2
2010-03-11 12:36 . 2004-08-18 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2010-03-11 12:36 . 2004-08-18 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-11 12:36 . 2004-08-18 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2010-03-09 11:11 . 2004-08-18 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-07 09:32 . 2010-03-04 14:33 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-03-01 01:56 . 2010-03-01 01:56 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-24 13:11 . 2004-08-18 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-24 08:16 . 2010-03-07 09:37 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-16 19:08 . 2004-08-18 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:08 . 2004-08-17 15:45 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-13 18:47 . 2010-02-13 18:47 2878 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2010-02-12 23:44 . 2010-02-01 12:31 669184 ----a-w- c:\windows\system32\pbsvc.exe
2010-02-12 04:35 . 2004-08-18 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2004-08-18 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.

------- Sigcheck -------

[7] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[7] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 4AFB3B0919649F95C1964AA1FAD27D73 . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
[7] 2004-08-18 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\tcpip.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-04-26_08.02.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 22:02 . 2009-07-11 22:02 51008 c:\windows\WinSxS\x86_Microsoft.VC90.OpenMP_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_f0ccd4aa\vcomp90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 59728 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90rus.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 42832 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90kor.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 43344 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90jpn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61264 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90ita.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 36688 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90cht.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 35648 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90chs.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 62800 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90fra.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61760 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esp.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 61776 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90esn.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 53568 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 63296 c:\windows\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90deu.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90u.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 59904 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfcm90.dll
- 2004-08-17 15:49 . 2008-04-14 07:53 23552 c:\windows\system32\wdmaud.drv
+ 2004-08-17 15:49 . 2008-04-14 06:53 23552 c:\windows\system32\wdmaud.drv
+ 2010-03-11 20:35 . 2009-05-26 11:40 17272 c:\windows\system32\spmsg.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-18 12:00 . 2010-05-06 20:27 68292 c:\windows\system32\perfc009.dat
- 2004-08-18 12:00 . 2010-04-12 14:52 68292 c:\windows\system32\perfc009.dat
+ 2006-06-29 06:05 . 2006-06-29 06:05 23552 c:\windows\system32\normaliz.dll
+ 2006-06-28 15:59 . 2006-06-28 15:59 24576 c:\windows\system32\nlsdl.dll
+ 2006-06-12 11:55 . 2006-06-12 11:55 61440 c:\windows\system32\NclTools.dll
+ 2004-08-18 12:00 . 2007-08-13 16:01 48128 c:\windows\system32\mshtmler.dll
+ 2004-08-18 12:00 . 2007-08-13 16:32 45568 c:\windows\system32\mshta.exe
+ 2007-08-13 16:36 . 2007-08-13 16:36 12288 c:\windows\system32\msfeedssync.exe
+ 2007-08-13 16:54 . 2010-03-11 12:36 52224 c:\windows\system32\msfeedsbs.dll
+ 2004-08-18 12:00 . 2007-08-13 16:44 40960 c:\windows\system32\licmgr10.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 27648 c:\windows\system32\jsproxy.dll
+ 2004-08-18 12:00 . 2007-08-13 16:39 92672 c:\windows\system32\inseng.dll
+ 2004-08-18 12:00 . 2007-08-13 16:36 36352 c:\windows\system32\imgutil.dll
+ 2007-08-13 16:39 . 2010-03-10 13:18 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-18 12:00 . 2007-08-13 16:39 55296 c:\windows\system32\iesetup.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 44544 c:\windows\system32\iernonce.dll
+ 2004-08-18 12:00 . 2010-03-10 13:18 70656 c:\windows\system32\ie4uinit.exe
+ 2006-06-29 06:05 . 2006-06-29 06:05 26112 c:\windows\system32\idndl.dll
+ 2007-08-13 16:36 . 2010-03-11 12:36 63488 c:\windows\system32\icardie.dll
+ 2010-05-02 10:05 . 2006-05-29 06:26 13312 c:\windows\system32\DRVSTORE\nmwcdm2k_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdcm.sys
+ 2010-05-02 10:05 . 2006-05-29 06:26 13312 c:\windows\system32\DRVSTORE\nmwcdcj_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdcj.sys
+ 2010-05-02 10:05 . 2006-05-29 06:26 30720 c:\windows\system32\DRVSTORE\nmwcd_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdcocls.dll
+ 2010-05-02 10:05 . 2006-05-29 06:26 50688 c:\windows\system32\DRVSTORE\nmwcd_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdcls.dll
+ 2010-04-27 14:50 . 2009-05-11 08:12 28520 c:\windows\system32\drivers\ssmdrv.sys
- 2010-01-12 16:24 . 2008-04-13 23:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2010-01-12 16:24 . 2008-04-13 22:15 60160 c:\windows\system32\drivers\drmk.sys
+ 2004-08-17 15:49 . 2008-04-14 06:53 23552 c:\windows\system32\dllcache\wdmaud.drv
- 2004-08-17 15:49 . 2008-04-14 07:53 23552 c:\windows\system32\dllcache\wdmaud.drv
+ 2007-08-13 16:36 . 2010-03-11 12:36 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-08-13 16:01 . 2007-08-13 16:01 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2007-08-13 16:32 . 2007-08-13 16:32 45568 c:\windows\system32\dllcache\mshta.exe
+ 2007-08-13 16:44 . 2007-08-13 16:44 40960 c:\windows\system32\dllcache\licmgr10.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2007-08-13 16:39 . 2007-08-13 16:39 92672 c:\windows\system32\dllcache\inseng.dll
+ 2007-08-13 16:36 . 2007-08-13 16:36 36352 c:\windows\system32\dllcache\imgutil.dll
+ 2007-08-13 16:39 . 2007-08-13 16:39 55296 c:\windows\system32\dllcache\iesetup.dll
+ 2007-08-13 16:39 . 2010-03-11 12:36 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2009-12-22 05:09 . 2010-03-11 12:36 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-08-13 16:44 . 2007-08-13 16:44 69120 c:\windows\system32\dllcache\iedw.exe
+ 2007-08-13 16:39 . 2010-03-10 13:18 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-08-13 16:18 . 2007-08-13 16:18 60416 c:\windows\system32\dllcache\hmmapi.dll
- 2010-01-12 16:24 . 2008-04-13 23:15 60160 c:\windows\system32\dllcache\drmk.sys
+ 2010-01-12 16:24 . 2008-04-13 22:15 60160 c:\windows\system32\dllcache\drmk.sys
- 2010-01-11 20:29 . 2008-04-14 07:51 33792 c:\windows\system32\dllcache\custsat.dll
+ 2010-01-11 20:29 . 2007-08-13 16:54 33792 c:\windows\system32\dllcache\custsat.dll
+ 2007-08-13 16:42 . 2010-03-11 12:36 17408 c:\windows\system32\dllcache\corpol.dll
+ 2007-08-13 16:39 . 2007-08-13 16:39 71680 c:\windows\system32\dllcache\admparse.dll
+ 2003-03-18 17:05 . 2003-03-18 17:05 89088 c:\windows\system32\atl71.dll
+ 2004-08-18 12:00 . 2007-08-13 16:39 71680 c:\windows\system32\admparse.dll
+ 2010-05-02 10:08 . 2010-05-02 10:08 10134 c:\windows\Installer\{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}\ARPPRODUCTICON.exe
+ 2010-05-02 10:06 . 2010-05-02 10:06 15086 c:\windows\Installer\{531317A5-586A-4E36-87C1-CA823447B375}\ARPPRODUCTICON.exe
+ 2010-05-02 10:05 . 2010-05-02 10:05 10134 c:\windows\Installer\{0D80391C-0A72-43BB-9BC2-143F63CC111D}\ARPPRODUCTICON.exe
+ 2009-12-21 18:09 . 2009-12-21 18:09 16832 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\ViewerPS.dll
+ 2009-12-21 23:57 . 2009-12-21 23:57 35760 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\reader_sl.exe
+ 2009-12-21 18:02 . 2009-12-21 18:02 79280 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\PDFPrevHndlr.dll
+ 2009-12-21 21:21 . 2009-12-21 21:21 99776 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\eula.exe
+ 2009-12-21 21:37 . 2009-12-21 21:37 27048 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\acrotextextractor.exe
+ 2009-12-21 16:39 . 2009-12-21 16:39 15288 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroRd32Info.exe
+ 2009-12-21 16:27 . 2009-12-21 16:27 75200 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\acroiehelpershim.dll
+ 2009-12-21 16:27 . 2009-12-21 16:27 61888 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroIEHelper.dll
+ 2010-04-28 09:07 . 2007-08-13 16:36 44544 c:\windows\ie7updates\KB980182-IE7\pngfilt.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 50688 c:\windows\ie7updates\KB980182-IE7\msfeedsbs.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 27136 c:\windows\ie7updates\KB980182-IE7\jsproxy.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 13312 c:\windows\ie7updates\KB980182-IE7\ieudinit.exe
+ 2010-04-28 09:07 . 2007-08-13 16:39 43008 c:\windows\ie7updates\KB980182-IE7\iernonce.dll
+ 2010-04-28 09:07 . 2010-02-26 05:43 81920 c:\windows\ie7updates\KB980182-IE7\ieencode.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 54784 c:\windows\ie7updates\KB980182-IE7\ie4uinit.exe
+ 2010-04-28 09:07 . 2007-08-13 16:36 61952 c:\windows\ie7updates\KB980182-IE7\icardie.dll
+ 2010-04-28 09:07 . 2008-04-14 07:51 35328 c:\windows\ie7updates\KB980182-IE7\corpol.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 37888 c:\windows\ie7\url.dll
+ 2010-04-28 09:06 . 2007-10-04 07:13 66048 c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2010-04-28 09:06 . 2007-10-04 07:15 33472 c:\windows\ie7\spuninst\iecustom.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 39424 c:\windows\ie7\pngfilt.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 96768 c:\windows\ie7\occache.dll
+ 2010-04-28 09:05 . 2008-04-14 06:42 56832 c:\windows\ie7\mshtmler.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 29184 c:\windows\ie7\mshta.exe
+ 2010-04-28 09:05 . 2008-04-14 07:51 22016 c:\windows\ie7\licmgr10.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 15872 c:\windows\ie7\jsproxy.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 96768 c:\windows\ie7\inseng.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 35840 c:\windows\ie7\imgutil.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 93184 c:\windows\ie7\iexplore.exe
+ 2010-04-28 09:05 . 2008-04-14 07:51 62976 c:\windows\ie7\iesetup.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 48128 c:\windows\ie7\iernonce.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 18432 c:\windows\ie7\iedw.exe
+ 2010-04-28 09:05 . 2008-04-14 07:52 34304 c:\windows\ie7\ie4uinit.exe
+ 2010-04-28 09:05 . 2008-04-14 07:51 38912 c:\windows\ie7\hmmapi.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 55808 c:\windows\ie7\extmgr.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 33792 c:\windows\ie7\custsat.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 61440 c:\windows\ie7\admparse.dll
+ 2010-05-02 10:05 . 2006-05-29 06:26 8704 c:\windows\system32\DRVSTORE\nmwcdc_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdc.sys
+ 2010-05-02 10:05 . 2006-05-29 06:26 4608 c:\windows\system32\DRVSTORE\nmwcd_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcdlog.dll
+ 2010-05-02 10:05 . 2010-05-02 10:05 3262 c:\windows\Installer\{6882DD11-33B8-4DEA-8305-7E765BF74BD3}\ARPPRODUCTICON.exe
+ 2009-07-11 22:02 . 2009-07-11 22:02 653120 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 569664 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
+ 2009-07-11 22:05 . 2009-07-11 22:05 225280 c:\windows\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcm90.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2007-08-13 16:45 . 2007-08-13 16:45 206336 c:\windows\system32\WinFXDocObj.exe
+ 2004-08-18 12:00 . 2010-03-11 12:36 233472 c:\windows\system32\webcheck.dll
+ 2006-07-04 12:25 . 2006-07-04 12:25 245760 c:\windows\system32\VersitConverter.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 105984 c:\windows\system32\url.dll
- 2004-08-18 12:00 . 2010-04-12 14:52 435396 c:\windows\system32\perfh009.dat
+ 2004-08-18 12:00 . 2010-05-06 20:27 435396 c:\windows\system32\perfh009.dat
+ 2004-08-18 12:00 . 2010-03-11 12:36 102912 c:\windows\system32\occache.dll
+ 2006-07-04 12:25 . 2006-07-04 12:25 131072 c:\windows\system32\NclAPI.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 671232 c:\windows\system32\mstime.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 193024 c:\windows\system32\msrating.dll
+ 2004-08-18 12:00 . 2007-08-13 16:54 156160 c:\windows\system32\msls31.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 477696 c:\windows\system32\mshtmled.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 459264 c:\windows\system32\msfeeds.dll
+ 2007-08-13 16:54 . 2007-08-13 16:54 180736 c:\windows\system32\ieui.dll
+ 2007-08-13 16:34 . 2010-03-11 12:36 268288 c:\windows\system32\iertutil.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 192512 c:\windows\system32\iepeers.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 385024 c:\windows\system32\iedkcs32.dll
+ 2007-07-11 10:27 . 2010-03-11 12:36 380928 c:\windows\system32\ieapfltr.dll
+ 2004-08-18 12:00 . 2010-02-23 05:18 161792 c:\windows\system32\ieakui.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 133120 c:\windows\system32\extmgr.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 347136 c:\windows\system32\dxtmsft.dll
+ 2010-05-02 10:05 . 2006-05-29 06:26 127488 c:\windows\system32\DRVSTORE\nmwcd_1DF4D3C790F0E96AF6B05B76E7780D7770836172\nmwcd.sys
+ 2004-03-16 09:58 . 2008-04-13 22:49 146048 c:\windows\system32\drivers\portcls.sys
- 2004-03-16 09:58 . 2008-04-13 23:49 146048 c:\windows\system32\drivers\portcls.sys
+ 2010-01-13 00:27 . 2010-03-11 12:36 832512 c:\windows\system32\dllcache\wininet.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-08-13 16:54 . 2008-05-27 17:26 765952 c:\windows\system32\dllcache\vgx.dll
+ 2007-08-13 16:44 . 2010-03-11 12:36 105984 c:\windows\system32\dllcache\url.dll
+ 2004-03-16 09:58 . 2008-04-13 22:49 146048 c:\windows\system32\dllcache\portcls.sys
- 2004-03-16 09:58 . 2008-04-13 23:49 146048 c:\windows\system32\dllcache\portcls.sys
+ 2007-08-13 16:44 . 2010-03-11 12:36 102912 c:\windows\system32\dllcache\occache.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 671232 c:\windows\system32\dllcache\mstime.dll
+ 2007-08-13 16:44 . 2010-03-11 12:36 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-18 12:00 . 2007-08-13 16:54 156160 c:\windows\system32\dllcache\msls31.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2007-08-13 16:43 . 2010-02-23 05:20 634648 c:\windows\system32\dllcache\iexplore.exe
+ 2010-02-26 05:43 . 2010-03-11 12:36 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2007-08-13 16:39 . 2010-03-11 12:36 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-02-23 05:18 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2007-08-13 16:39 . 2010-03-11 12:36 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2007-08-13 16:39 . 2010-03-11 12:36 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2007-08-13 16:54 . 2010-03-11 12:36 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2007-08-13 16:35 . 2010-03-11 12:36 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2007-08-13 16:35 . 2010-03-11 12:36 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-08-13 16:39 . 2010-03-11 12:36 124928 c:\windows\system32\dllcache\advpack.dll
+ 2006-07-04 12:26 . 2006-07-04 12:26 704000 c:\windows\system32\DAAPI.dll
+ 2006-06-05 12:04 . 2006-06-05 12:04 242688 c:\windows\system32\ConnAPI.dll
- 2010-02-18 22:03 . 2009-04-09 03:23 299008 c:\windows\system32\CmiInstallResAll.dll
+ 2010-02-18 22:03 . 2009-04-09 02:23 299008 c:\windows\system32\CmiInstallResAll.dll
+ 2005-12-07 10:31 . 2005-12-07 10:31 202752 c:\windows\system32\CddbCdda.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 124928 c:\windows\system32\advpack.dll
+ 2010-02-18 22:03 . 2009-04-03 04:59 143360 c:\windows\system\VmixP6.dll
- 2010-02-18 22:03 . 2009-04-03 05:59 143360 c:\windows\system\VmixP6.dll
+ 2010-05-02 10:08 . 2010-05-02 10:08 382464 c:\windows\Installer\714034.msi
+ 2010-05-02 10:08 . 2010-05-02 10:08 985088 c:\windows\Installer\71402c.msi
+ 2010-05-02 10:05 . 2010-05-02 10:05 378880 c:\windows\Installer\71401f.msi
+ 2010-05-02 10:05 . 2010-05-02 10:05 260096 c:\windows\Installer\714017.msi
+ 2010-04-27 14:49 . 2010-04-27 14:49 219648 c:\windows\Installer\1e2fde.msi
+ 2010-05-02 17:22 . 2010-05-02 17:22 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
- 2010-02-24 16:10 . 2010-02-24 16:10 371272 c:\windows\Installer\{D103C4BA-F905-437A-8049-DB24763BBE36}\SkypeIcon.exe
+ 2010-05-02 10:08 . 2010-05-02 10:08 298062 c:\windows\Installer\{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}\NewShortcut1_9DD10FAAABB74057B57E68E456593186.exe
+ 2010-05-02 10:08 . 2010-05-02 10:08 298062 c:\windows\Installer\{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}\ARPPRODUCTICON.exe
+ 2009-12-21 16:35 . 2009-12-21 16:35 378264 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\pdfshell.dll
+ 2009-12-21 18:05 . 2009-12-21 18:05 116168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\PDFPrevHndlrShim.exe
+ 2009-12-21 16:34 . 2009-12-21 16:34 103864 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\nppdf32.dll
+ 2009-11-09 17:18 . 2009-11-09 17:18 684032 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\JP2KLib.dll
+ 2009-12-21 18:02 . 2009-12-21 18:02 542168 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AdobeCollabSync.exe
+ 2009-12-21 16:43 . 2009-12-21 16:43 120240 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroRdIF.dll
+ 2009-12-21 23:57 . 2009-12-21 23:57 349616 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroRd32.exe
+ 2009-12-21 16:15 . 2009-12-21 16:15 660912 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroPDF.dll
+ 2009-12-21 17:32 . 2009-12-21 17:32 280024 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\acrobroker.exe
+ 2009-12-21 17:15 . 2009-12-21 17:15 251296 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\a3dutility.exe
+ 2010-04-28 09:07 . 2007-08-13 16:54 818688 c:\windows\ie7updates\KB980182-IE7\wininet.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 231424 c:\windows\ie7updates\KB980182-IE7\webcheck.dll
+ 2010-04-28 09:07 . 2007-08-13 16:44 105984 c:\windows\ie7updates\KB980182-IE7\url.dll
+ 2010-04-28 09:07 . 2009-05-26 11:40 391032 c:\windows\ie7updates\KB980182-IE7\spuninst\updspapi.dll
+ 2010-04-28 09:07 . 2009-05-26 11:40 233848 c:\windows\ie7updates\KB980182-IE7\spuninst\spuninst.exe
+ 2010-04-28 09:07 . 2007-08-13 16:44 101376 c:\windows\ie7updates\KB980182-IE7\occache.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 670720 c:\windows\ie7updates\KB980182-IE7\mstime.dll
+ 2010-04-28 09:07 . 2007-08-13 16:44 192000 c:\windows\ie7updates\KB980182-IE7\msrating.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 475648 c:\windows\ie7updates\KB980182-IE7\mshtmled.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 458752 c:\windows\ie7updates\KB980182-IE7\msfeeds.dll
+ 2010-04-28 09:07 . 2007-08-13 16:43 622080 c:\windows\ie7updates\KB980182-IE7\iexplore.exe
+ 2010-04-28 09:07 . 2007-08-13 16:34 266752 c:\windows\ie7updates\KB980182-IE7\iertutil.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 191488 c:\windows\ie7updates\KB980182-IE7\iepeers.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 382976 c:\windows\ie7updates\KB980182-IE7\iedkcs32.dll
+ 2010-04-28 09:07 . 2007-07-11 10:27 383488 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dll
+ 2010-04-28 09:07 . 2007-08-13 15:56 161792 c:\windows\ie7updates\KB980182-IE7\ieakui.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 229376 c:\windows\ie7updates\KB980182-IE7\ieaksie.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 152064 c:\windows\ie7updates\KB980182-IE7\ieakeng.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 131584 c:\windows\ie7updates\KB980182-IE7\extmgr.dll
+ 2010-04-28 09:07 . 2007-08-13 16:35 214528 c:\windows\ie7updates\KB980182-IE7\dxtrans.dll
+ 2010-04-28 09:07 . 2007-08-13 16:35 346624 c:\windows\ie7updates\KB980182-IE7\dxtmsft.dll
+ 2010-04-28 09:07 . 2007-08-13 16:39 123904 c:\windows\ie7updates\KB980182-IE7\advpack.dll
+ 2010-04-29 12:40 . 2007-08-13 16:54 765952 c:\windows\ie7updates\KB938127-v2-IE7\vgx.dll
+ 2010-04-29 12:40 . 2007-03-06 01:08 379616 c:\windows\ie7updates\KB938127-v2-IE7\spuninst\updspapi.dll
+ 2010-04-29 12:40 . 2007-03-06 01:07 215776 c:\windows\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe
+ 2010-04-28 09:05 . 2010-02-26 05:43 668160 c:\windows\ie7\wininet.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 278528 c:\windows\ie7\webcheck.dll
+ 2010-04-28 09:05 . 2008-04-14 07:52 851968 c:\windows\ie7\vgx.dll
+ 2010-04-28 09:05 . 2010-02-26 05:43 627200 c:\windows\ie7\urlmon.dll
+ 2010-04-28 09:06 . 2006-09-06 15:42 379616 c:\windows\ie7\spuninst\updspapi.dll
+ 2010-04-28 09:06 . 2006-09-06 15:42 215776 c:\windows\ie7\spuninst\spuninst.exe
+ 2010-04-28 09:05 . 2008-04-14 07:51 532480 c:\windows\ie7\mstime.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 146432 c:\windows\ie7\msrating.dll
+ 2010-04-28 09:05 . 2004-08-18 12:00 146432 c:\windows\ie7\msls31.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 449024 c:\windows\ie7\mshtmled.dll
+ 2010-04-28 09:05 . 2010-02-26 05:43 251904 c:\windows\ie7\iepeers.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 323584 c:\windows\ie7\iedkcs32.dll
+ 2010-04-28 09:05 . 2004-08-18 12:00 225280 c:\windows\ie7\ieakui.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 219136 c:\windows\ie7\ieaksie.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 143360 c:\windows\ie7\ieakeng.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 205312 c:\windows\ie7\dxtrans.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 357888 c:\windows\ie7\dxtmsft.dll
+ 2010-04-28 09:05 . 2008-04-14 07:51 100352 c:\windows\ie7\advpack.dll
+ 2010-05-02 10:08 . 2010-05-02 10:08 834048 c:\windows\Downloaded Installations\{80451B2A-2026-4583-8F9A-11F8385B3831}\Nokia themes for your device.msi
+ 2010-02-18 22:03 . 2006-10-06 17:47 319968 c:\windows\difxapi.dll
- 2010-02-18 22:03 . 2006-10-06 18:47 319968 c:\windows\difxapi.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3780424 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
+ 2009-07-11 22:02 . 2009-07-11 22:02 3765048 c:\windows\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 1168384 c:\windows\system32\urlmon.dll
+ 2004-08-18 12:00 . 2010-03-11 12:36 3599872 c:\windows\system32\mshtml.dll
+ 2003-03-18 19:12 . 2003-03-18 19:12 1047552 c:\windows\system32\mfc71u.dll
+ 2009-03-10 21:18 . 2009-06-25 11:20 1485176 c:\windows\system32\LegitCheckControl.DLL
+ 2007-08-13 16:54 . 2010-03-11 12:36 6067200 c:\windows\system32\ieframe.dll
+ 2007-02-12 14:10 . 2009-06-29 08:33 2452872 c:\windows\system32\ieapfltr.dat
+ 2010-01-13 00:27 . 2010-03-11 12:36 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2010-01-13 00:27 . 2010-03-11 12:36 3599872 c:\windows\system32\dllcache\mshtml.dll
+ 2010-05-02 10:06 . 2010-05-02 10:06 4657152 c:\windows\Installer\714024.msi
+ 2010-04-29 11:48 . 2010-04-29 11:48 3948544 c:\windows\Installer\1367cff.msi
+ 2009-12-21 16:29 . 2009-12-21 16:29 2409880 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\rt3d.dll
+ 2009-12-21 17:00 . 2009-12-21 17:00 1298996 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\JSByteCodeWin.bin
+ 2009-10-27 18:34 . 2009-10-27 18:34 5009408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\authplay.dll
+ 2009-12-21 21:31 . 2009-12-21 21:31 5713920 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AGM.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 1162240 c:\windows\ie7updates\KB980182-IE7\urlmon.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 3578368 c:\windows\ie7updates\KB980182-IE7\mshtml.dll
+ 2010-04-28 09:07 . 2007-08-13 16:54 6049280 c:\windows\ie7updates\KB980182-IE7\ieframe.dll
+ 2010-04-28 09:07 . 2007-02-12 14:10 2451312 c:\windows\ie7updates\KB980182-IE7\ieapfltr.dat
+ 2010-04-28 09:05 . 2010-02-26 05:43 3094016 c:\windows\ie7\mshtml.dll
+ 2010-04-04 06:54 . 2010-04-04 06:54 11850240 c:\windows\Installer\37538.msp
+ 2009-12-21 21:21 . 2009-12-21 21:21 20436408 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA79201B7449A0300000010\9.3.0\AcroRd32.dll
+ 2010-05-02 10:08 . 2010-05-02 10:08 19032576 c:\windows\Downloaded Installations\{DEC3E00E-6373-461B-AFFC-85B069BC3539}\Nokia N73 highlights.msi
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Google Update"="c:\documents and settings\admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2010-03-20 136176]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"PcSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-06-27 1449984]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"WiseStubReboot"="MSIEXEC" [X]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinSys2"="c:\windows\system32\winsys2.exe" [2009-08-25 208896]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
"CmPCIaudio"="CMICNFG3.cpl" [BU]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-07-01 37888]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-4-16 3438992]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WDDMStatus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WDDMStatus.lnk
backup=c:\windows\pss\WDDMStatus.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WDSmartWare.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WDSmartWare.lnk
backup=c:\windows\pss\WDSmartWare.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-07-09 12:39 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WDSmartWareBackgroundService"=2 (0x2)
"WDDMService"=2 (0x2)
"Nero BackItUp Scheduler 3"=2 (0x2)
"Microsoft Office Groove Audit Service"=3 (0x3)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\program files\\activision\\COD2\\CoD2MP_s.exe"=
"d:\\program files\\activision\\cod4\\iw3mp.exe"=
"c:\\Program Files\\VDOWNLOADER\\VDownloader.exe"=
"d:\\program files\\activision\\COD5\\CoDWaW.exe"=
"d:\\program files\\activision\\COD5\\CoDWaWmp.exe"=
"c:\\Program Files\\Java\\jre6\\launch4j-tmp\\frd.exe"=
"d:\\program files\\valve\\CSS\\Counter-Strike Source\\hl2.exe"=
"d:\\program files\\valve\\cs1.6\\hl.exe"=
"c:\\Program Files\\Xfire\\xfire.exe"=
"d:\\program files\\Rockstar games\\gta4\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\program files\\Rockstar games\\gta4\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\program files\\Rockstar games\\gta4\\Grand Theft Auto IV\\GTAIV.exe"=
"c:\\Soldat\\Soldat.exe"=
"e:\\zaloha\\Net\\Plocha\\Plugin Manager\\skypePM.exe"=
"e:\\zaloha\\Net\\Plocha\\Phone\\Skype.exe"=

S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [25.4.2010 12:05 691696]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [27.4.2010 16:50 135336]
S2 GEST Service;GEST Service for program management.;c:\program files\GIGABYTE\EnergySaver\GSvr.exe [12.1.2010 18:21 68136]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2.2.2010 13:21 1043784]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys --> c:\windows\system32\drivers\Ambfilt.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15.1.2010 14:49 227232]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 8:24 10064]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [8.4.2010 17:49 11520]
S4 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [13.11.2009 11:28 110592]
S4 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [16.6.2009 8:58 20480]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2010-05-07 c:\windows\Tasks\Automatic troubleshooting.job
- c:\program files\TuneUp Utilities 2010\TuneUpSystemStatusCheck.exe [2010-02-02 11:28]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://search.qip.ru
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&s ... f8&oe=utf8
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://search.qip.ru/ie
uSearchURL,(Default) = Root: HKCU; Subkey: Software\Microsoft\Internet Explorer\SearchUrl; ValueType: string; ValueName: '; ValueData: '; Flags: createvalueifdoesntexist noerror; Tasks: AddSearchQip
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\bcfjcfwc.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-prgiuwmm - c:\documents and settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe
HKLM-Run-prgiuwmm - c:\documents and settings\admin\Local Settings\Data aplikací\untlxqawk\lwhctdvtssd.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-07 18:51
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-299502267-1580436667-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:2e,56,06,4a,48,0c,db,f7,2e,86,06,c8,00,08,a3,cd,f6,7c,51,1a,20,
ea,7c,c5,a3,ef,5f,b0,b3,ad,ae,a8,10,67,03,ca,c1,cc,70,b9,b6,d6,68,5c,17,3a,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Celkový čas: 2010-05-07 18:52:46
ComboFix-quarantined-files.txt 2010-05-07 16:52
ComboFix2.txt 2010-04-26 08:05

Před spuštěním: Volných bajtů: 116 098 531 328
Po spuštění: Volných bajtů: 116 332 843 008

- - End Of File - - B54C4C5EFB27CAFE2DD80FD16517B8EF

Ještě bych chtěl znovu podotknout, že vše provádím v nouzovém režimu.Jinak nevím, jestli combofix provedl vše tak jak měl, protože rezidentní štít se mi nepodařilo vypnout.V procesech jsem honenašel bylo tam jenom pár systémových procesů jeden local service a čtyři admin procesy.Vypadá to, že systém nemám poškozený, ale jak říkám, otázka je jestli combofix provedl vše tak jak měl.

2 položky smazány, zbytek logu vypadá čistý. Nastala nějaká změna?

Pane opravdu nevím, jak vám mám poděkovat. Fungovalo to.Strašně moc vám děkuji!Kdybych měl v budoucnu nějáký problém, tak se ná vás obrátím.Teda pokud to nebude vadit .

Klidně se obraťte, jsme tu stále. Nemáte zač!