VIRY.CZ

mam jakysi retezovy virus co po urcitych intervalech rozesila stranky na viry a tady je log a jeste neco tak nak sem sledoval pc uz sam a nasel sem Jusched.exe ve slozce C:/User/Public a ten se mi povedlo smazat ale kamos mi rekl ze se to jen tak smazat neda
Logfile of random's system information tool 1.08 (written by random/random)
Run by Negal at 2010-08-18 20:52:07
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (5%) free of 200 GB
Total RAM: 3071 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:52:12, on 18.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Alcohol Soft\Alcohol 120\alcohol_.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Negal\Documents\RSIT.exe
C:\Program Files\trend micro\Negal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60076
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://i24search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Infium] "C:\Program Files\QIP 2010\qip.exe" /autorun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Java developer Script Browse] C:\Users\Public\jusched.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O4 - Global Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EAD93E38-EF8F-42B0-9300-119433D9D9C5}: NameServer = 156.154.70.22,156.154.71.22
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O20 - AppInit_DLLs: \\?\globalroot\systemroot\system32\senekawi.dll C:\Windows\system32\guard32.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Platform Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PCAutoShutdown_Service - GoldSolution Software, Inc. - C:\Program Files\PC Auto Shutdown\ShutdownService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 8489 bytes

======Scheduled tasks folder======

C:\Windows\tasks\At1.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-08-09 1241960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-06 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-06-10 1233288]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-08-09 1241960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-03-31 2145000]
"CTxfiHlp"=C:\Windows\system32\CTXFIHLP.EXE [2009-06-04 25600]
"nmctxth"=C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe [2008-05-16 648504]
"nmapp"=C:\Program Files\Pure Networks\Network Magic\nmapp.exe [2008-05-21 451896]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-06-01 2039240]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2010-08-10 2176512]
"TaskTray"= []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2002-01-01 327984]
"CreativeTaskScheduler"=C:\Program Files\Creative\Shared Files\CTSched.exe [2006-11-17 53341]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-05-13 26192168]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2009-11-15 33120]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"Infium"=C:\Program Files\QIP 2010\qip.exe [2010-08-02 5841872]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2010-08-10 3037696]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"Java developer Script Browse"=C:\Users\Public\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.1\ICQ.exe [2010-06-08 133368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
C:\Program Files\PC Auto Shutdown\AutoShutdown.exe [2010-07-06 1387520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2010-07-10 1238352]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

C:\Users\Negal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="\\?\globalroot\systemroot\system32\senekawi.dll C:\Windows\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-18 20:50:50 ----D---- C:\Program Files\trend micro
2010-08-18 20:50:49 ----D---- C:\rsit
2010-08-18 20:24:49 ----RA---- C:\Windows\system32\tmp273.tmp
2010-08-18 19:09:49 ----D---- C:\ProgramData\TrackMania
2010-08-18 14:14:38 ----D---- C:\Program Files\QS
2010-08-18 14:14:32 ----D---- C:\Users\Negal\AppData\Roaming\TeamViewer
2010-08-17 17:11:50 ----D---- C:\ProgramData\WindowsSearch
2010-08-17 17:05:47 ----HD---- C:\Windows\msdownld.tmp
2010-08-17 17:05:43 ----D---- C:\Windows\system32\directx
2010-08-17 16:12:44 ----D---- C:\Users\Negal\AppData\Roaming\Tunngle
2010-08-17 16:12:44 ----D---- C:\ProgramData\Tunngle
2010-08-17 16:12:35 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2010-08-17 16:12:31 ----D---- C:\Program Files\Tunngle
2010-08-17 16:09:14 ----D---- C:\Program Files\Killing Floor
2010-08-17 15:56:46 ----D---- C:\Users\Negal\AppData\Roaming\Xfire
2010-08-17 15:56:41 ----D---- C:\ProgramData\Xfire
2010-08-17 15:56:38 ----D---- C:\Program Files\Xfire
2010-08-17 09:55:14 ----D---- C:\Users\Negal\AppData\Roaming\Opera
2010-08-17 09:55:02 ----D---- C:\Program Files\Opera
2010-08-17 09:46:09 ----D---- C:\ProgramData\IObit
2010-08-16 21:12:44 ----D---- C:\Program Files\Microsoft.NET
2010-08-15 23:55:17 ----A---- C:\Windows\system32\drivers\l260x86.sys
2010-08-15 23:46:56 ----D---- C:\Program Files\Driver-Soft
2010-08-15 23:35:06 ----D---- C:\ProgramData\PMB Files
2010-08-15 23:34:51 ----D---- C:\Program Files\Pando Networks
2010-08-13 04:57:21 ----D---- C:\Windows\system32\URTTEMP
2010-08-13 04:12:23 ----D---- C:\Program Files\Turbine
2010-08-11 12:08:44 ----D---- C:\ProgramData\Blizzard Entertainment
2010-08-11 12:08:43 ----D---- C:\Program Files\StarCraft II
2010-08-11 12:08:43 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-08-11 03:52:17 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 03:52:15 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 03:52:13 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 03:52:04 ----A---- C:\Windows\system32\iertutil.dll
2010-08-11 03:52:02 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 03:51:58 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 03:51:57 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 03:51:56 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-11 03:51:55 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 03:51:55 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 03:51:55 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-11 03:51:54 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 03:51:54 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 03:51:53 ----A---- C:\Windows\system32\occache.dll
2010-08-11 03:51:53 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-11 03:51:53 ----A---- C:\Windows\system32\iesysprep.dll
2010-08-11 03:51:53 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 03:51:52 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 03:51:52 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 03:51:52 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 03:51:52 ----A---- C:\Windows\system32\iesetup.dll
2010-08-11 03:51:52 ----A---- C:\Windows\system32\iernonce.dll
2010-08-11 03:51:15 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 03:51:13 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 03:51:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 03:51:06 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 03:51:01 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 03:50:57 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 03:50:56 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-10 23:16:57 ----D---- C:\Program Files\WinPcap
2010-08-10 23:16:31 ----D---- C:\Program Files\DsNET Corp
2010-08-10 22:49:48 ----A---- C:\Windows\system32\XAudio2_7.dll
2010-08-10 22:49:48 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2010-08-10 22:49:48 ----A---- C:\Windows\system32\xactengine3_7.dll
2010-08-10 22:49:47 ----A---- C:\Windows\system32\d3dx11_43.dll
2010-08-10 22:49:47 ----A---- C:\Windows\system32\d3dcsx_43.dll
2010-08-10 22:49:47 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2010-08-10 22:49:46 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-08-10 22:49:46 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-08-10 22:49:46 ----A---- C:\Windows\system32\D3DX9_43.dll
2010-08-10 22:49:46 ----A---- C:\Windows\system32\d3dx10_43.dll
2010-08-10 22:49:45 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-08-10 22:49:45 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-08-10 22:33:06 ----D---- C:\Program Files\Crawler
2010-08-10 22:15:10 ----D---- C:\Users\Negal\AppData\Roaming\Spyware Terminator
2010-08-10 22:15:10 ----A---- C:\Windows\system32\drivers\sp_rsdrv2.sys
2010-08-10 22:15:09 ----D---- C:\ProgramData\Spyware Terminator
2010-08-10 22:15:06 ----D---- C:\Program Files\Spyware Terminator
2010-08-10 22:02:06 ----D---- C:\Users\Negal\AppData\Roaming\Godlike
2010-08-10 22:01:33 ----D---- C:\Program Files\WinTools Software
2010-08-10 21:36:54 ----D---- C:\Users\Negal\AppData\Roaming\QIP
2010-08-10 21:36:19 ----D---- C:\Program Files\QIP 2010
2010-08-10 02:03:20 ----D---- C:\Users\Negal\AppData\Roaming\IObit
2010-08-10 02:03:19 ----D---- C:\Program Files\IObit
2010-08-10 01:58:40 ----D---- C:\ProgramData\PC Auto Shutdown
2010-08-10 01:58:39 ----D---- C:\Program Files\PC Auto Shutdown
2010-08-07 17:08:38 ----D---- C:\Program Files\Electronic Arts
2010-08-07 17:06:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-08-07 16:24:51 ----D---- C:\ProgramData\Adobe
2010-08-07 16:24:08 ----D---- C:\Program Files\Common Files\Adobe
2010-08-07 16:24:08 ----D---- C:\Program Files\Adobe
2010-08-07 16:15:08 ----A---- C:\Windows\system32\XAudio2_5.dll
2010-08-07 16:15:07 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-08-07 16:15:07 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-08-07 16:15:07 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-08-07 16:15:06 ----A---- C:\Windows\system32\D3DX9_42.dll
2010-08-07 16:15:06 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-08-07 16:15:06 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-08-07 16:15:06 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-08-07 16:15:05 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-08-07 16:15:05 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-08-07 16:15:05 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-08-07 16:15:05 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-08-07 16:15:05 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-08-07 16:15:04 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-08-07 16:15:03 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-08-07 16:15:03 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-08-07 16:15:03 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-08-07 16:15:03 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-08-07 16:15:03 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-08-07 16:15:02 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-08-07 16:15:02 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-08-07 16:15:02 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-08-07 16:15:02 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-08-07 16:15:02 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-08-07 16:15:01 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-08-07 16:15:01 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-08-07 16:15:01 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-08-07 16:15:01 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-08-07 16:15:01 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-08-07 16:15:00 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-08-07 16:14:58 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-08-07 16:14:57 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-08-07 16:14:57 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-08-07 16:14:57 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-08-07 16:14:57 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-08-07 16:14:56 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-08-07 16:14:56 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-08-07 16:14:56 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\xinput1_3.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-08-07 16:14:55 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-08-07 16:14:54 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-08-07 16:14:54 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-08-07 16:14:54 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-08-07 16:14:53 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-08-07 16:14:52 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-08-07 16:14:52 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-08-07 16:14:52 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-08-07 16:14:52 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-08-07 16:14:52 ----A---- C:\Windows\system32\d3dx10.dll
2010-08-07 16:14:51 ----A---- C:\Windows\system32\xinput1_2.dll
2010-08-07 16:14:51 ----A---- C:\Windows\system32\xinput1_1.dll
2010-08-07 16:14:51 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-08-07 16:14:51 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-08-07 16:14:51 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-08-07 16:14:50 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-08-07 16:14:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-08-07 16:14:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-08-07 16:14:39 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-08-07 16:14:38 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-08-07 16:14:38 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-08-07 16:14:38 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-08-07 16:14:37 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-08-07 16:14:36 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-08-07 15:27:21 ----D---- C:\Program Files\GamePark
2010-08-07 15:07:57 ----D---- C:\Program Files\Activision
2010-08-07 15:00:48 ----D---- C:\Program Files\Alcohol Soft
2010-08-07 14:49:00 ----A---- C:\Windows\system32\drivers\sptd.sys
2010-08-07 14:48:27 ----D---- C:\Users\Negal\AppData\Roaming\DAEMON Tools Lite
2010-08-07 14:48:13 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-08-07 13:58:42 ----D---- C:\ProgramData\COMODO
2010-08-07 13:48:22 ----D---- C:\Program Files\COMODO
2010-08-07 13:46:33 ----D---- C:\ProgramData\Comodo Downloader
2010-08-07 13:36:29 ----D---- C:\Users\Negal\AppData\Roaming\ICQ
2010-08-07 13:36:22 ----D---- C:\Program Files\ICQ7.1
2010-08-07 13:32:20 ----D---- C:\Users\Negal\AppData\Roaming\Skype
2010-08-07 13:32:13 ----RD---- C:\Program Files\Skype
2010-08-07 13:32:10 ----D---- C:\ProgramData\Skype
2010-08-07 13:29:06 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-08-07 13:29:06 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-08-07 13:29:05 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-08-07 13:29:05 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-08-07 13:29:05 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-08-07 13:29:05 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-08-07 13:29:00 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-08-07 13:24:09 ----A---- C:\Windows\system32\nvRegDev.dll
2010-08-07 13:02:39 ----D---- C:\Users\Negal\AppData\Roaming\Rainmeter
2010-08-07 13:01:13 ----D---- C:\Program Files\Rainmeter
2010-08-07 12:58:03 ----RASH---- C:\MSDOS.SYS
2010-08-07 12:58:03 ----RASH---- C:\IO.SYS
2010-08-07 12:15:43 ----D---- C:\Users\Negal\AppData\Roaming\URSoft
2010-08-07 12:15:42 ----AD---- C:\ProgramData\TEMP
2010-08-07 12:15:33 ----D---- C:\Program Files\Your Uninstaller 2010
2010-08-07 00:48:03 ----HD---- C:\ProgramData\{9784CF0C-B63B-4A60-A1B8-0D38CDF756EB}
2010-08-06 23:29:47 ----A---- C:\Windows\system32\CSVer.dll
2010-08-06 23:29:32 ----D---- C:\Intel
2010-08-06 23:28:00 ----D---- C:\Users\Negal\AppData\Roaming\Carambis
2010-08-06 22:31:18 ----D---- C:\Program Files\SpeedFan
2010-08-06 22:20:03 ----D---- C:\ProgramData\Sun
2010-08-06 22:20:03 ----D---- C:\Program Files\Common Files\Java
2010-08-06 22:18:36 ----A---- C:\Windows\system32\javaws.exe
2010-08-06 22:18:36 ----A---- C:\Windows\system32\javaw.exe
2010-08-06 22:18:36 ----A---- C:\Windows\system32\java.exe
2010-08-06 22:18:36 ----A---- C:\Windows\system32\deployJava1.dll
2010-08-06 22:18:11 ----D---- C:\Program Files\Java
2010-08-05 05:08:49 ----A---- C:\Windows\system32\winhttp.dll
2010-08-05 05:05:17 ----D---- C:\Windows\system32\WindowsPowerShell
2010-08-05 05:04:24 ----A---- C:\Windows\system32\winrsmgr.dll
2010-08-05 05:04:17 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-08-05 05:04:17 ----A---- C:\Windows\system32\winrshost.exe
2010-08-05 05:04:17 ----A---- C:\Windows\system32\winrs.exe
2010-08-05 05:04:16 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-08-05 05:04:16 ----A---- C:\Windows\system32\winrssrv.dll
2010-08-05 05:04:15 ----A---- C:\Windows\system32\WsmRes.dll
2010-08-05 05:04:15 ----A---- C:\Windows\system32\wevtfwd.dll
2010-08-05 05:04:15 ----A---- C:\Windows\system32\wecutil.exe
2010-08-05 05:04:15 ----A---- C:\Windows\system32\wecsvc.dll
2010-08-05 05:04:15 ----A---- C:\Windows\system32\wecapi.dll
2010-08-05 05:04:15 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-08-05 05:04:12 ----A---- C:\Windows\system32\winrm.vbs
2010-08-05 05:04:11 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-08-05 05:04:11 ----A---- C:\Windows\system32\WsmSvc.dll
2010-08-05 05:04:11 ----A---- C:\Windows\system32\WsmAuto.dll
2010-08-05 05:04:11 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-08-05 05:04:11 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-08-05 05:04:11 ----A---- C:\Windows\system32\winrscmd.dll
2010-08-05 03:24:16 ----D---- C:\Program Files\Windows Portable Devices
2010-08-05 03:06:17 ----A---- C:\Windows\system32\UIAnimation.dll
2010-08-05 03:06:16 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-08-05 03:06:16 ----A---- C:\Windows\system32\UIRibbon.dll
2010-08-05 03:05:24 ----A---- C:\Windows\system32\WMPhoto.dll
2010-08-05 03:05:23 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-08-05 03:05:23 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-08-05 03:05:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-08-05 03:05:23 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2010-08-05 03:05:23 ----A---- C:\Windows\system32\d3d10warp.dll
2010-08-05 03:05:23 ----A---- C:\Windows\system32\cdd.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\xpsservices.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\XpsPrint.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-08-05 03:05:22 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\OpcServices.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\FntCache.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\dxgi.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\dxdiagn.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\dxdiag.exe
2010-08-05 03:05:22 ----A---- C:\Windows\system32\DWrite.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d11.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d10level9.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d10core.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d10_1.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d3d10.dll
2010-08-05 03:05:22 ----A---- C:\Windows\system32\d2d1.dll
2010-08-05 03:04:34 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-08-05 03:04:34 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-08-05 03:04:34 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-08-05 03:04:33 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\WPDSp.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\wpdshext.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\wpd_ci.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-08-05 03:04:31 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-08-05 03:03:28 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-08-05 03:03:28 ----A---- C:\Windows\system32\oleaccrc.dll
2010-08-05 03:03:28 ----A---- C:\Windows\system32\oleacc.dll
2010-08-05 01:11:11 ----A---- C:\Windows\system32\vbscript.dll
2010-08-05 01:11:10 ----A---- C:\Windows\system32\jscript.dll
2010-08-05 00:17:14 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-08-05 00:17:14 ----A---- C:\Windows\system32\PresentationHost.exe
2010-08-05 00:17:14 ----A---- C:\Windows\system32\netfxperf.dll
2010-08-05 00:17:14 ----A---- C:\Windows\system32\mscoree.dll
2010-08-05 00:17:14 ----A---- C:\Windows\system32\dfshim.dll
2010-08-05 00:16:12 ----A---- C:\Windows\system32\browserchoice.exe
2010-08-05 00:11:56 ----A---- C:\Windows\system32\nshhttp.dll
2010-08-05 00:11:54 ----A---- C:\Windows\system32\drivers\http.sys
2010-08-05 00:11:53 ----A---- C:\Windows\system32\httpapi.dll
2010-08-05 00:10:02 ----D---- C:\Program Files\Pure Networks
2010-08-05 00:08:29 ----A---- C:\Windows\system32\drivers\pnarp.sys
2010-08-05 00:08:26 ----A---- C:\Windows\system32\drivers\purendis.sys
2010-08-05 00:08:18 ----D---- C:\Program Files\Common Files\Pure Networks Shared
2010-08-05 00:06:12 ----D---- C:\Users\Negal\AppData\Roaming\Mozilla
2010-08-05 00:05:55 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 2
2010-08-05 00:05:54 ----A---- C:\Windows\system32\mshtmler.dll
2010-08-05 00:05:54 ----A---- C:\Windows\system32\mshtmled.dll
2010-08-05 00:05:54 ----A---- C:\Windows\system32\icardie.dll
2010-08-05 00:05:54 ----A---- C:\Windows\system32\admparse.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\msls31.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\imgutil.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\ieakeng.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\dxtrans.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\dxtmsft.dll
2010-08-05 00:05:53 ----A---- C:\Windows\system32\corpol.dll
2010-08-05 00:05:52 ----A---- C:\Windows\system32\webcheck.dll
2010-08-05 00:05:52 ----A---- C:\Windows\system32\msrating.dll
2010-08-05 00:05:52 ----A---- C:\Windows\system32\licmgr10.dll
2010-08-05 00:05:52 ----A---- C:\Windows\system32\inseng.dll
2010-08-05 00:05:52 ----A---- C:\Windows\system32\ieaksie.dll
2010-08-05 00:05:51 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-08-05 00:05:51 ----A---- C:\Windows\system32\wextract.exe
2010-08-05 00:05:51 ----A---- C:\Windows\system32\ieakui.dll
2010-08-05 00:05:51 ----A---- C:\Windows\system32\advpack.dll
2010-08-05 00:05:50 ----A---- C:\Windows\system32\pngfilt.dll
2010-08-05 00:05:50 ----A---- C:\Windows\system32\ieapfltr.dll
2010-08-05 00:05:49 ----A---- C:\Windows\system32\url.dll
2010-08-05 00:05:48 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-08-05 00:05:48 ----A---- C:\Windows\system32\SetDepNx.exe
2010-08-05 00:05:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-08-05 00:05:48 ----A---- C:\Windows\system32\PDMSetup.exe
2010-08-05 00:05:48 ----A---- C:\Windows\system32\mshta.exe
2010-08-05 00:05:48 ----A---- C:\Windows\system32\iexpress.exe
2010-08-04 23:23:48 ----A---- C:\Windows\system32\wlansvc.dll
2010-08-04 23:23:48 ----A---- C:\Windows\system32\wlansec.dll
2010-08-04 23:23:48 ----A---- C:\Windows\system32\wlanmsm.dll
2010-08-04 23:23:48 ----A---- C:\Windows\system32\wlanapi.dll
2010-08-04 23:23:47 ----A---- C:\Windows\system32\L2SecHC.dll
2010-08-04 23:23:27 ----A---- C:\Windows\system32\tzres.dll
2010-08-04 23:23:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2010-08-04 23:23:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2010-08-04 23:23:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2010-08-04 23:22:52 ----A---- C:\Windows\system32\netiohlp.dll
2010-08-04 23:22:51 ----A---- C:\Windows\system32\TCPSVCS.EXE
2010-08-04 23:22:51 ----A---- C:\Windows\system32\NETSTAT.EXE
2010-08-04 23:22:51 ----A---- C:\Windows\system32\MRINFO.EXE
2010-08-04 23:22:51 ----A---- C:\Windows\system32\HOSTNAME.EXE
2010-08-04 23:22:51 ----A---- C:\Windows\system32\finger.exe
2010-08-04 23:22:51 ----A---- C:\Windows\system32\ARP.EXE
2010-08-04 23:22:50 ----A---- C:\Windows\system32\ROUTE.EXE
2010-08-04 23:22:50 ----A---- C:\Windows\system32\netevent.dll
2010-08-04 23:22:35 ----A---- C:\Windows\system32\asycfilt.dll
2010-08-04 23:22:25 ----A---- C:\Windows\system32\mstscax.dll
2010-08-04 23:22:22 ----A---- C:\Windows\system32\msv1_0.dll
2010-08-04 23:22:17 ----A---- C:\Windows\system32\rpcrt4.dll
2010-08-04 23:22:11 ----A---- C:\Windows\system32\gameux.dll
2010-08-04 23:22:09 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-08-04 23:22:09 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-08-04 23:22:07 ----A---- C:\Windows\system32\WMVCORE.DLL
2010-08-04 23:22:07 ----A---- C:\Windows\system32\mf.dll
2010-08-04 23:22:05 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-08-04 23:22:05 ----A---- C:\Windows\system32\drivers\tunnel.sys
2010-08-04 23:22:04 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2010-08-04 23:22:02 ----A---- C:\Windows\system32\msxml6.dll
2010-08-04 23:21:59 ----A---- C:\Windows\system32\secproc_isv.dll
2010-08-04 23:21:59 ----A---- C:\Windows\system32\secproc.dll
2010-08-04 23:21:58 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-08-04 23:21:58 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-08-04 23:21:58 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-08-04 23:21:58 ----A---- C:\Windows\system32\RMActivate.exe
2010-08-04 23:21:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-08-04 23:21:57 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-08-04 23:21:57 ----A---- C:\Windows\system32\msdrm.dll
2010-08-04 23:21:54 ----A---- C:\Windows\system32\t2embed.dll
2010-08-04 23:21:51 ----A---- C:\Windows\system32\msasn1.dll
2010-08-04 23:21:48 ----A---- C:\Windows\system32\drivers\srvnet.sys
2010-08-04 23:21:45 ----A---- C:\Windows\system32\inetcomm.dll
2010-08-04 23:21:28 ----A---- C:\Windows\system32\kerberos.dll
2010-08-04 23:21:27 ----A---- C:\Windows\system32\wdigest.dll
2010-08-04 23:21:26 ----A---- C:\Windows\system32\lsasrv.dll
2010-08-04 23:21:25 ----A---- C:\Windows\system32\secur32.dll
2010-08-04 23:21:25 ----A---- C:\Windows\system32\lsass.exe
2010-08-04 23:21:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2010-08-04 23:21:03 ----A---- C:\Windows\system32\wmpdxm.dll
2010-08-04 23:20:40 ----A---- C:\Windows\system32\lpk.dll
2010-08-04 23:20:40 ----A---- C:\Windows\system32\fontsub.dll
2010-08-04 23:20:40 ----A---- C:\Windows\system32\dciman32.dll
2010-08-04 23:20:40 ----A---- C:\Windows\system32\atmfd.dll
2010-08-04 23:20:39 ----A---- C:\Windows\system32\atmlib.dll
2010-08-04 23:20:24 ----A---- C:\Windows\system32\shell32.dll
2010-08-04 23:20:18 ----A---- C:\Windows\system32\localspl.dll
2010-08-04 23:20:15 ----A---- C:\Windows\system32\atl.dll
2010-08-04 23:20:08 ----A---- C:\Windows\system32\wkssvc.dll
2010-08-04 23:20:06 ----A---- C:\Windows\system32\WSDApi.dll
2010-08-04 23:19:48 ----A---- C:\Windows\system32\rastls.dll
2010-08-04 23:10:43 ----D---- C:\Program Files\Microsoft Silverlight
2010-08-04 23:07:44 ----A---- C:\Windows\system32\wmp.dll
2010-08-04 23:07:40 ----A---- C:\Windows\system32\unregmp2.exe
2010-08-04 23:07:39 ----A---- C:\Windows\system32\spwmp.dll
2010-08-04 23:07:38 ----A---- C:\Windows\system32\dxmasf.dll
2010-08-04 23:07:36 ----A---- C:\Windows\system32\wmploc.DLL
2010-08-04 23:06:58 ----A---- C:\Windows\system32\tsbyuv.dll
2010-08-04 23:06:58 ----A---- C:\Windows\system32\quartz.dll
2010-08-04 23:06:58 ----A---- C:\Windows\system32\msyuv.dll
2010-08-04 23:06:58 ----A---- C:\Windows\system32\msvidc32.dll
2010-08-04 23:06:58 ----A---- C:\Windows\system32\msrle32.dll
2010-08-04 23:06:58 ----A---- C:\Windows\system32\iyuv_32.dll
2010-08-04 23:06:55 ----A---- C:\Windows\system32\mciavi32.dll
2010-08-04 23:06:55 ----A---- C:\Windows\system32\avifil32.dll
2010-08-04 23:06:54 ----A---- C:\Windows\system32\msvfw32.dll
2010-08-04 23:05:10 ----D---- C:\Program Files\Intel
2010-08-04 23:05:08 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2010-08-04 23:03:22 ----N---- C:\Windows\system32\MpSigStub.exe
2010-08-04 23:02:41 ----A---- C:\Windows\system32\wintrust.dll
2010-08-04 23:02:24 ----A---- C:\Windows\system32\cabview.dll
2010-08-04 22:57:14 ----A---- C:\Windows\system32\wups2.dll
2010-08-04 22:57:14 ----A---- C:\Windows\system32\wucltux.dll
2010-08-04 22:57:14 ----A---- C:\Windows\system32\wuaueng.dll
2010-08-04 22:57:14 ----A---- C:\Windows\system32\wuauclt.exe
2010-08-04 22:56:59 ----A---- C:\Windows\system32\wups.dll
2010-08-04 22:56:59 ----A---- C:\Windows\system32\wudriver.dll
2010-08-04 22:56:59 ----A---- C:\Windows\system32\wuapi.dll
2010-08-04 22:56:49 ----A---- C:\Windows\system32\wuwebv.dll
2010-08-04 22:56:49 ----A---- C:\Windows\system32\wuapp.exe
2010-08-04 11:20:37 ----D---- C:\Windows\Panther
2010-08-04 11:20:23 ----RAS---- C:\BOOTSECT.BAK
2010-08-04 11:20:21 ----SHD---- C:\Boot
2010-08-04 11:11:05 ----D---- C:\Windows\ConfigSetRoot
2010-08-04 10:33:13 ----HD---- C:\Program Files\InstallShield Installation Information
2010-08-04 10:32:59 ----D---- C:\Program Files\Common Files\InstallShield
2010-08-04 10:32:05 ----D---- C:\Users\Negal\AppData\Roaming\Identities
2010-08-04 10:31:59 ----SD---- C:\Users\Negal\AppData\Roaming\Microsoft
2010-08-04 10:31:59 ----D---- C:\Users\Negal\AppData\Roaming\Media Center Programs
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Šablony
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Plocha
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Oblíbené položky
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Nabídka Start
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Dokumenty
2010-08-04 10:30:20 ----SHD---- C:\ProgramData\Data aplikací
2010-08-04 10:29:03 ----ASH---- C:\hiberfil.sys
2010-08-04 10:24:15 ----D---- C:\Windows\SoftwareDistribution
2010-08-04 10:22:55 ----D---- C:\Windows\system32\catroot2
2010-08-04 10:22:44 ----D---- C:\Windows\Debug
2010-08-04 10:21:33 ----D---- C:\Windows\Prefetch
2010-08-04 10:21:24 ----ASH---- C:\pagefile.sys
2010-08-04 10:21:23 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2010-08-18 20:52:12 ----D---- C:\Windows\Temp
2010-08-18 20:51:17 ----D---- C:\Users\Negal\AppData\Roaming\uTorrent
2010-08-18 20:50:50 ----RD---- C:\Program Files
2010-08-18 20:24:50 ----D---- C:\Program Files\Steam
2010-08-18 20:24:49 ----D---- C:\Windows\System32
2010-08-18 20:24:49 ----A---- C:\Windows\system32\wrap_oal.dll
2010-08-18 20:24:49 ----A---- C:\Windows\system32\OpenAL32.dll
2010-08-18 20:24:07 ----RSD---- C:\Windows\assembly
2010-08-18 20:22:38 ----SHD---- C:\Windows\Installer
2010-08-18 20:22:37 ----D---- C:\Windows\winsxs
2010-08-18 19:09:49 ----HD---- C:\ProgramData
2010-08-18 17:57:12 ----D---- C:\Windows
2010-08-18 17:45:01 ----D---- C:\ProgramData\NVIDIA
2010-08-18 16:37:44 ----D---- C:\Windows\Microsoft.NET
2010-08-18 09:57:49 ----D---- C:\Windows\inf
2010-08-18 09:57:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-17 16:16:07 ----D---- C:\Windows\system32\drivers
2010-08-17 16:16:05 ----D---- C:\Windows\system32\catroot
2010-08-17 16:12:36 ----RSD---- C:\Windows\Fonts
2010-08-17 09:45:52 ----D---- C:\Windows\Tasks
2010-08-17 01:01:20 ----D---- C:\Windows\system32\Tasks
2010-08-16 23:23:57 ----D---- C:\Windows\system32\wbem
2010-08-16 23:23:17 ----D---- C:\Windows\system32\config
2010-08-16 23:23:10 ----D---- C:\Windows\system32\spool
2010-08-16 23:23:10 ----D---- C:\Windows\system32\Msdtc
2010-08-16 23:23:09 ----D---- C:\Windows\registration
2010-08-16 21:12:50 ----D---- C:\Windows\system32\en-US
2010-08-16 20:48:49 ----D---- C:\Windows\system32\WDI
2010-08-15 23:56:11 ----D---- C:\Windows\system32\Atheros_L2
2010-08-13 04:59:09 ----D---- C:\Program Files\Internet Explorer
2010-08-12 12:08:22 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-11 12:33:42 ----D---- C:\Program Files\Common Files
2010-08-11 12:04:21 ----SD---- C:\ProgramData\Microsoft
2010-08-11 05:13:24 ----D---- C:\Windows\system32\migration
2010-08-11 05:13:22 ----D---- C:\Program Files\Movie Maker
2010-08-11 03:52:48 ----D---- C:\Program Files\Windows Mail
2010-08-09 20:15:28 ----D---- C:\Program Files\Common Files\Steam
2010-08-07 17:18:50 ----D---- C:\Windows\system32\LogFiles
2010-08-07 16:26:01 ----D---- C:\Users\Negal\AppData\Roaming\Adobe
2010-08-07 16:13:28 ----D---- C:\Windows\Logs
2010-08-07 15:03:25 ----D---- C:\Windows\system32\drivers\etc
2010-08-07 13:08:39 ----D---- C:\Program Files\Common Files\microsoft shared
2010-08-06 22:30:43 ----D---- C:\Windows\rescache
2010-08-05 05:08:24 ----D---- C:\Program Files\ESET
2010-08-05 05:05:18 ----D---- C:\Windows\system32\cs-CZ
2010-08-05 05:05:18 ----D---- C:\Windows\PolicyDefinitions
2010-08-05 03:26:02 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-05 03:24:17 ----D---- C:\Windows\system32\drivers\cs-CZ
2010-08-05 03:24:15 ----D---- C:\Windows\system32\pt-PT
2010-08-05 03:24:15 ----D---- C:\Windows\system32\pt-BR
2010-08-05 03:24:15 ----D---- C:\Windows\system32\it-IT
2010-08-05 03:24:15 ----D---- C:\Windows\system32\he-IL
2010-08-05 03:24:15 ----D---- C:\Windows\system32\bg-BG
2010-08-05 03:24:14 ----D---- C:\Windows\system32\zh-HK
2010-08-05 03:24:14 ----D---- C:\Windows\system32\uk-UA
2010-08-05 03:24:14 ----D---- C:\Windows\system32\tr-TR
2010-08-05 03:24:14 ----D---- C:\Windows\system32\th-TH
2010-08-05 03:24:14 ----D---- C:\Windows\system32\sv-SE
2010-08-05 03:24:14 ----D---- C:\Windows\system32\sr-Latn-CS
2010-08-05 03:24:14 ----D---- C:\Windows\system32\sl-SI
2010-08-05 03:24:14 ----D---- C:\Windows\system32\pl-PL
2010-08-05 03:24:14 ----D---- C:\Windows\system32\nl-NL
2010-08-05 03:24:14 ----D---- C:\Windows\system32\ko-KR
2010-08-05 03:24:14 ----D---- C:\Windows\system32\hu-HU
2010-08-05 03:24:14 ----D---- C:\Windows\system32\hr-HR
2010-08-05 03:24:14 ----D---- C:\Windows\system32\fr-FR
2010-08-05 03:24:14 ----D---- C:\Windows\system32\fi-FI
2010-08-05 03:24:14 ----D---- C:\Windows\system32\el-GR
2010-08-05 03:24:13 ----D---- C:\Windows\system32\zh-TW
2010-08-05 03:24:13 ----D---- C:\Windows\system32\zh-CN
2010-08-05 03:24:13 ----D---- C:\Windows\system32\sk-SK
2010-08-05 03:24:13 ----D---- C:\Windows\system32\ru-RU
2010-08-05 03:24:13 ----D---- C:\Windows\system32\ro-RO
2010-08-05 03:24:13 ----D---- C:\Windows\system32\nb-NO
2010-08-05 03:24:13 ----D---- C:\Windows\system32\lv-LV
2010-08-05 03:24:13 ----D---- C:\Windows\system32\lt-LT
2010-08-05 03:24:13 ----D---- C:\Windows\system32\ja-JP
2010-08-05 03:24:13 ----D---- C:\Windows\system32\et-EE
2010-08-05 03:24:13 ----D---- C:\Windows\system32\es-ES
2010-08-05 03:24:13 ----D---- C:\Windows\system32\de-DE
2010-08-05 03:24:13 ----D---- C:\Windows\system32\da-DK
2010-08-05 03:24:13 ----D---- C:\Windows\system32\ar-SA
2010-08-05 03:24:09 ----D---- C:\Windows\AppPatch
2010-08-05 03:24:08 ----D---- C:\Windows\ehome
2010-08-05 03:23:52 ----D---- C:\Program Files\Windows Media Player
2010-08-05 00:08:29 ----DC---- C:\Windows\system32\DRVSTORE
2010-08-05 00:08:18 ----D---- C:\ProgramData\Pure Networks
2010-08-04 10:33:06 ----D---- C:\Windows\system32\restore
2010-08-04 10:32:15 ----SHD---- C:\$Recycle.Bin
2010-08-04 10:31:59 ----RD---- C:\Users
2010-08-04 10:30:20 ----D---- C:\Program Files\Windows NT
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-08-07 691696]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\System32\DRIVERS\cmdguard.sys [2010-06-04 224240]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2010-06-01 75944]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2010-08-10 142592]
R2 cpuz134;cpuz134; \??\C:\Windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-03-31 134024]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 96896]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R2 pnarp;Pure Networks Device Discovery Driver; C:\Windows\system32\DRIVERS\pnarp.sys [2008-05-16 24888]
R2 purendis;Pure Networks Wireless Driver; C:\Windows\system32\DRIVERS\purendis.sys [2008-05-16 26424]
R3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller; C:\Windows\system32\DRIVERS\l260x86.sys [2008-10-17 29184]
R3 CT20XUT.SYS;CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2009-06-04 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2009-06-04 526232]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\Windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2009-06-04 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2009-06-04 158744]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2009-06-04 95768]
R3 ha20x2k;Creative 20X HAL Driver; C:\Windows\system32\drivers\ha20x2k.sys [2009-06-04 1177624]
R3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-06-08 10888168]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2009-06-04 130072]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S3 an9gtskk;an9gtskk; C:\Windows\system32\drivers\an9gtskk.sys []
S3 CT20XUT;CT20XUT; C:\Windows\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2009-06-04 347080]
S3 CTEXFIFX;CTEXFIFX; C:\Windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS; C:\Windows\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 CTHWIUT;CTHWIUT; C:\Windows\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2010-03-31 27760]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-06-01 1778480]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
R2 nmservice;Pure Networks Platform Service; C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe [2008-05-16 648504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-06-07 129640]
R2 PCAutoShutdown_Service;PCAutoShutdown_Service; C:\Program Files\PC Auto Shutdown\ShutdownService.exe [2010-04-19 441624]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2010-08-10 488960]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-07 240232]
R2 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2010-07-06 716024]
R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2010-07-10 407336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2002-01-01 79360]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-03-31 33560]
S3 nmraapache;Pure Networks Net2Go Service; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [2008-05-21 12800]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 10-08-17.04 - Negal 19.08.2010 9:10.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1842 [GMT 2:00]
Spuštěný z: c:\users\Negal\Documents\ComboFix.exe
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Thumbs.db
c:\windows\system32\senekalog.dat
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-19 do 2010-08-19 )))))))))))))))))))))))))))))))
.

2010-08-19 07:19 . 2010-08-19 07:20 -------- d-----w- c:\users\Negal\AppData\Local\temp
2010-08-19 07:19 . 2010-08-19 07:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-18 19:03 . 2010-08-18 19:03 -------- d-----w- c:\users\Negal\AppData\Local\119614890733675764
2010-08-18 19:03 . 2010-08-18 19:03 -------- d-----w- c:\users\Negal\AppData\Local\119611678098138356
2010-08-18 18:50 . 2010-08-18 18:52 -------- d-----w- c:\program files\trend micro
2010-08-18 18:50 . 2010-08-18 18:51 -------- d-----w- C:\rsit
2010-08-18 17:09 . 2010-08-18 17:14 -------- d-----w- c:\programdata\TrackMania
2010-08-18 12:14 . 2010-08-18 12:14 -------- d-----w- c:\program files\QS
2010-08-18 12:14 . 2010-08-18 12:14 -------- d-----w- c:\users\Negal\AppData\Roaming\TeamViewer
2010-08-17 15:11 . 2010-08-17 15:11 -------- d-----w- c:\programdata\WindowsSearch
2010-08-17 15:05 . 2010-08-17 15:05 -------- d--h--w- c:\windows\msdownld.tmp
2010-08-17 14:17 . 2010-08-19 07:05 0 ----a-w- c:\windows\system32\Access.dat
2010-08-17 14:12 . 2010-08-18 19:52 -------- d-----w- c:\users\Negal\AppData\Roaming\Tunngle
2010-08-17 14:12 . 2010-08-18 13:53 -------- d-----w- c:\programdata\Tunngle
2010-08-17 14:12 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2010-08-17 14:12 . 2010-08-17 14:16 -------- d-----w- c:\program files\Tunngle
2010-08-17 14:09 . 2010-08-17 14:09 -------- d-----w- c:\program files\Killing Floor
2010-08-17 13:56 . 2010-08-18 17:19 -------- d-----w- c:\users\Negal\AppData\Roaming\Xfire
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- c:\programdata\Xfire
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- c:\program files\Xfire
2010-08-17 07:55 . 2010-08-17 07:55 -------- d-----w- c:\users\Negal\AppData\Local\Opera
2010-08-17 07:55 . 2010-08-17 07:55 -------- d-----w- c:\program files\Opera
2010-08-17 07:46 . 2010-08-17 07:46 -------- d-----w- c:\programdata\IObit
2010-08-16 19:15 . 2010-08-16 19:15 -------- d-----w- c:\users\Negal\AppData\Local\Deployment
2010-08-16 19:15 . 2010-08-16 19:15 -------- d-----w- c:\users\Negal\AppData\Local\Apps
2010-08-16 19:12 . 2010-08-16 19:12 -------- d-----w- c:\program files\Microsoft.NET
2010-08-15 21:55 . 2008-10-17 03:17 29184 ----a-w- c:\windows\system32\drivers\l260x86.sys
2010-08-15 21:46 . 2010-08-15 21:46 -------- d-----w- c:\program files\Driver-Soft
2010-08-15 21:35 . 2010-08-16 09:46 -------- d-----w- c:\users\Negal\AppData\Local\PMB Files
2010-08-15 21:35 . 2010-08-15 21:35 -------- d-----w- c:\programdata\PMB Files
2010-08-15 21:34 . 2010-08-15 21:34 -------- d-----w- c:\program files\Pando Networks
2010-08-13 09:36 . 2010-08-13 12:18 -------- d-----w- c:\users\Negal\AppData\Local\Turbine
2010-08-13 02:59 . 2010-08-13 02:59 93 ----a-w- c:\users\Negal\AppData\Local\fusioncache.dat
2010-08-13 02:59 . 2010-08-15 21:15 -------- d-----w- c:\users\Negal\AppData\Local\ApplicationHistory
2010-08-13 02:57 . 2010-08-13 02:57 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-13 02:12 . 2010-08-13 02:12 -------- d-----w- c:\program files\Turbine
2010-08-12 07:30 . 2010-08-13 16:30 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-08-11 10:08 . 2010-08-12 07:30 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-08-11 10:08 . 2010-08-12 07:46 -------- d-----w- c:\program files\StarCraft II
2010-08-11 10:08 . 2010-08-11 10:33 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-08-11 01:52 . 2010-06-21 13:37 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-08-11 01:52 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-08-11 01:52 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-11 01:50 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-11 01:50 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-10 21:16 . 2010-08-10 21:16 -------- d-----w- c:\program files\WinPcap
2010-08-10 21:16 . 2010-08-10 21:16 -------- d-----w- c:\program files\DsNET Corp
2010-08-10 20:49 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-08-10 20:49 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-08-10 20:49 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-08-10 20:49 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-10 20:49 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-08-10 20:49 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-08-10 20:49 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-08-10 20:49 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-08-10 20:44 . 2010-08-10 20:44 -------- d-----w- c:\users\Negal\AppData\Local\2K Games
2010-08-10 20:33 . 2010-08-17 12:41 -------- d-----w- c:\program files\Crawler
2010-08-10 20:15 . 2010-08-10 20:15 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-08-10 20:15 . 2010-08-10 20:15 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-08-10 20:15 . 2010-08-18 12:15 -------- d-----w- c:\users\Negal\AppData\Roaming\Spyware Terminator
2010-08-10 20:15 . 2010-08-10 20:15 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-10 20:15 . 2010-08-18 13:32 -------- d-----w- c:\programdata\Spyware Terminator
2010-08-10 20:15 . 2010-08-18 18:46 -------- d-----w- c:\program files\Spyware Terminator
2010-08-10 20:02 . 2010-08-10 20:02 -------- d-----w- c:\users\Negal\AppData\Roaming\Godlike
2010-08-10 20:02 . 2010-08-10 20:02 28 ----a-w- c:\users\Negal\AppData\Roaming\Godlike\ultimatewt.dll
2010-08-10 20:01 . 2010-08-10 20:01 -------- d-----w- c:\program files\WinTools Software
2010-08-10 19:36 . 2010-08-10 19:36 -------- d-----w- c:\users\Negal\AppData\Roaming\QIP
2010-08-10 19:36 . 2010-08-10 19:36 -------- d-----w- c:\program files\QIP 2010
2010-08-10 00:03 . 2010-08-12 07:22 -------- d-----w- c:\users\Negal\AppData\Roaming\IObit
2010-08-10 00:03 . 2010-08-12 07:22 -------- d-----w- c:\program files\IObit
2010-08-09 23:58 . 2010-08-09 23:58 -------- d-----w- c:\programdata\PC Auto Shutdown
2010-08-09 23:58 . 2010-08-09 23:58 -------- d-----w- c:\program files\PC Auto Shutdown
2010-08-07 15:08 . 2010-08-07 15:53 -------- d-----w- c:\program files\Electronic Arts
2010-08-07 15:06 . 2010-08-07 15:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-07 14:26 . 2010-08-07 14:27 -------- d-----w- c:\users\Negal\AppData\Local\Adobe
2010-08-07 14:24 . 2010-08-07 14:24 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-07 14:14 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2010-08-07 13:27 . 2010-08-07 13:27 -------- d-----w- c:\program files\GamePark
2010-08-07 13:07 . 2010-08-07 13:07 -------- d-----w- c:\program files\Activision
2010-08-07 13:00 . 2010-08-07 13:00 -------- d-----w- c:\program files\Alcohol Soft
2010-08-07 12:49 . 2010-08-07 12:49 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-07 12:48 . 2010-08-07 13:00 -------- d-----w- c:\users\Negal\AppData\Roaming\DAEMON Tools Lite
2010-08-07 12:48 . 2010-08-07 12:48 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-08-07 11:58 . 2010-08-07 11:59 -------- d-----w- c:\programdata\COMODO
2010-08-07 11:48 . 2010-08-07 11:48 -------- d-----w- c:\program files\COMODO
2010-08-07 11:46 . 2010-08-07 11:47 -------- d-----w- c:\programdata\Comodo Downloader
2010-08-07 11:36 . 2010-08-13 17:57 -------- d-----w- c:\users\Negal\AppData\Roaming\ICQ
2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\users\Negal\AppData\Local\AOL
2010-08-07 11:36 . 2010-08-13 17:42 -------- d-----w- c:\program files\ICQ7.1
2010-08-07 11:32 . 2010-08-19 07:05 -------- d-----w- c:\users\Negal\AppData\Roaming\Skype
2010-08-07 11:32 . 2010-08-07 11:32 -------- d-----r- c:\program files\Skype
2010-08-07 11:32 . 2010-08-07 11:32 -------- d-----w- c:\programdata\Skype
2010-08-07 11:29 . 2008-03-05 14:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-08-07 11:29 . 2008-03-05 14:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-08-07 11:29 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-08-07 11:29 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-08-07 11:29 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-08-07 11:29 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-08-07 11:24 . 2010-08-07 11:23 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2010-08-07 11:02 . 2010-08-16 21:23 -------- d-----w- c:\users\Negal\AppData\Roaming\Rainmeter
2010-08-07 11:01 . 2010-08-07 11:02 -------- d-----w- c:\program files\Rainmeter
2010-08-07 10:15 . 2010-08-07 10:15 -------- d-----w- c:\users\Negal\AppData\Roaming\URSoft
2010-08-07 10:15 . 2010-08-07 10:15 -------- d-----w- c:\program files\Your Uninstaller 2010
2010-08-06 22:48 . 2010-08-07 10:18 -------- d--h--w- c:\programdata\{9784CF0C-B63B-4A60-A1B8-0D38CDF756EB}
2010-08-06 22:48 . 2008-05-07 09:39 2326702 ------w- c:\programdata\{9784CF0C-B63B-4A60-A1B8-0D38CDF756EB}\DriverUpdaterPro.exe
2010-08-06 22:47 . 2010-08-06 22:47 -------- d-----w- c:\users\Negal\AppData\Local\ESET
2010-08-06 21:57 . 2010-08-06 21:57 -------- d-----w- c:\users\Negal\AppData\Local\RadarSync
2010-08-06 21:29 . 2010-03-02 14:04 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-08-06 21:29 . 2010-08-06 21:29 -------- d-----w- C:\Intel
2010-08-06 21:28 . 2010-08-06 21:28 -------- d-----w- c:\users\Negal\AppData\Roaming\Carambis
2010-08-06 20:31 . 2010-08-09 22:37 -------- d-----w- c:\program files\SpeedFan
2010-08-06 20:20 . 2010-08-06 20:20 -------- d-----w- c:\program files\Common Files\Java
2010-08-06 20:18 . 2010-08-06 20:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-06 20:18 . 2010-08-06 20:18 -------- d-----w- c:\program files\Java
2010-08-05 03:08 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-08-05 01:24 . 2010-08-05 01:24 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-05 01:06 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-08-05 01:06 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-08-05 01:06 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-08-05 01:04 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-08-05 01:04 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-19 07:07 . 2002-01-01 09:08 -------- d-----w- c:\programdata\NVIDIA
2010-08-19 07:05 . 2002-01-01 08:39 -------- d-----w- c:\users\Negal\AppData\Roaming\uTorrent
2010-08-19 06:58 . 2002-01-01 10:14 36917 ----a-w- c:\programdata\nvModes.dat
2010-08-18 18:24 . 2010-07-10 10:27 -------- d-----w- c:\program files\Steam
2010-08-18 18:24 . 2002-01-01 10:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-18 18:24 . 2002-01-01 10:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-18 07:57 . 2007-01-08 21:09 615926 ----a-w- c:\windows\system32\perfh005.dat
2010-08-18 07:57 . 2007-01-08 21:09 122864 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 21:26 . 2010-08-04 08:32 680 ----a-w- c:\users\Negal\AppData\Local\d3d9caps.dat
2010-08-12 10:17 . 2010-08-04 22:05 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 2
2010-08-12 10:08 . 2002-01-01 09:06 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-11 01:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-09 18:15 . 2010-07-10 10:27 -------- d-----w- c:\program files\Common Files\Steam
2010-08-05 03:08 . 2002-01-01 09:00 -------- d-----w- c:\program files\ESET
2010-08-05 01:23 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-05 01:23 . 2010-08-05 01:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-04 22:08 . 2002-01-01 09:01 -------- d-----w- c:\programdata\Pure Networks
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Plocha
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Oblíbené položky
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Šablony
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Nabídka Start
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Dokumenty
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Data aplikací
2010-07-14 08:00 . 2010-07-10 08:48 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-07-10 10:11 . 2010-07-10 10:11 4 ----a-w- c:\users\Negal\AppData\Roaming\steam_md2.dat
2010-07-10 08:48 . 2010-07-10 08:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-07-10 08:45 . 2010-07-10 08:45 -------- d-----w- c:\program files\AC3Filter
2010-07-09 23:49 . 2010-07-09 23:49 -------- d-----w- c:\program files\CPUID
2010-07-09 22:37 . 2002-01-01 09:05 795104 ----a-w- c:\windows\system32\dpinst.exe
2010-07-09 22:37 . 2002-01-01 09:05 236136 ----a-w- c:\windows\system32\nvcod1922.dll
2010-07-09 19:00 . 2010-07-09 19:00 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-07-09 15:23 . 2010-07-09 15:23 -------- d-----w- c:\program files\Real Desktop
2010-07-09 15:20 . 2010-07-09 15:20 66664 ----a-w- c:\windows\system32\nvshext.dll
2010-07-09 15:20 . 2010-07-09 15:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 11:18 . 2010-07-09 23:49 20328 ----a-w- c:\windows\system32\drivers\cpuz134_x32.sys
2010-07-08 21:00 . 2010-07-08 21:00 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-07-08 21:00 . 2010-07-08 21:00 -------- d-----w- c:\program files\Lavalys
2010-07-08 20:03 . 2010-07-08 20:03 427351 ----a-w- c:\windows\P5GC-MX-ASUS-1333-0407.zip
2010-07-08 17:56 . 2010-07-08 17:56 -------- d-----w- c:\program files\Attansic
2010-07-08 17:51 . 2010-07-08 17:51 -------- d-----w- c:\program files\ASUS
2010-06-26 06:05 . 2010-08-11 01:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-11 01:51 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:02 . 2010-08-11 01:51 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 04:25 . 2010-08-11 01:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-16 16:04 . 2010-08-11 01:51 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-11 16:16 . 2010-08-11 01:51 274944 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:15 . 2010-08-11 01:51 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-08 17:35 . 2010-08-11 01:51 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-08 17:35 . 2010-08-11 01:51 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-08 16:10 . 2010-07-10 08:48 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-08 16:10 . 2010-07-10 08:48 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-07 23:57 . 2002-01-01 09:55 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-07 23:57 . 2002-01-01 09:55 4967528 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-06-07 23:57 . 2002-01-01 09:55 10888168 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-06-07 23:57 . 2002-01-01 09:55 9712744 ----a-w- c:\windows\system32\nvd3dum.dll
2010-06-07 23:57 . 2002-01-01 09:55 4513384 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-07 23:57 . 2002-01-01 09:55 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-07 23:57 . 2002-01-01 09:55 2145896 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-07 23:57 . 2002-01-01 09:55 15764072 ----a-w- c:\windows\system32\nvoglv32.dll
2010-06-07 23:57 . 2002-01-01 09:55 232040 ----a-w- c:\windows\system32\nvcod1921.dll
2010-06-07 23:57 . 2002-01-01 09:55 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2002-01-01 09:55 1592424 ----a-w- c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2002-01-01 09:55 10263144 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-07 16:48 . 2010-06-07 16:48 13917800 ----a-w- c:\windows\system32\nvcpl.dll
2010-06-07 16:48 . 2010-06-07 16:48 1331816 ----a-w- c:\windows\system32\nvsvc.dll
2010-06-07 16:48 . 2010-06-07 16:48 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-07 16:48 . 2010-06-07 16:48 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-04 09:55 . 2010-06-04 09:55 224240 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-06-01 17:00 . 2010-06-01 17:00 278288 ----a-w- c:\windows\system32\guard32.dll
2010-06-01 17:00 . 2010-06-01 17:00 75944 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-06-01 17:00 . 2010-06-01 17:00 30112 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-06-01 17:00 . 2010-06-01 17:00 16744 ----a-w- c:\windows\system32\drivers\cmderd.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-06-10 16:28 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-06-10 1233288]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2002-01-01 327984]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"Infium"="c:\program files\QIP 2010\qip.exe" [2010-08-02 5841872]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-08-10 3037696]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]
"Creative Software Update"="c:\program files\Creative\Shared Files\Software Update\AutoUpdate.exe" [2009-01-15 430968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2145000]
"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-05-16 648504]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2008-05-21 451896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-08-10 2176512]

c:\users\Negal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-7-9 3493776]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-7-1 125952]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-6-13 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-06-08 11:39 133368 ----a-w- c:\program files\ICQ7.1\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
2010-07-06 18:41 1387520 ----a-w- c:\program files\PC Auto Shutdown\AutoShutdown.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-07-10 10:27 1238352 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f0,16,ba,a5,a1,92,c1,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2002-01-01 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2010-03-30 27760]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-07 691696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-06-04 224240]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-08-10 142592]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-31 134024]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 96896]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-04-19 441624]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-07 240232]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-07-06 716024]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2008-10-17 29184]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
senekalight
.
Obsah adresáře 'Naplánované úlohy'

2010-08-16 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2001-12-31 22:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://i24search.com
IE: Crawler Search - tbr:iemenu
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: {EAD93E38-EF8F-42B0-9300-119433D9D9C5} = 156.154.70.22,156.154.71.22
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Negal\AppData\Roaming\Mozilla\Firefox\Profiles\16n6wpfl.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-TaskTray - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-19 09:20
Windows 6.0.6002 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(828)
c:\windows\system32\guard32.dll

- - - - - - - > 'lsass.exe'(676)
c:\windows\system32\guard32.dll
.
Celkový čas: 2010-08-19 09:23:24
ComboFix-quarantined-files.txt 2010-08-19 07:23

Před spuštěním: Volných bajtů: 14 362 501 120
Po spuštění: Volných bajtů: 16 953 528 320

- - End Of File - - 59E60086102A572A58C46C016B2E465F

Ještě dočistíme. Přesuňte ComboFix na plochu. Otevřte poznámkový blok a zkopírujte do něj:

Folder::
c:\program files\Ask.com

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
[-HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[-HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=-

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

ComboFix 10-08-17.04 - Negal 19.08.2010 10:00:28.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3071.1525 [GMT 2:00]
Spuštěný z: c:\users\Negal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Negal\Desktop\CFScript.txt
SP: Spyware Terminator *disabled* (Updated) {55EE49A8-16BE-4601-BBE6-607B7F7317DE}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\cobrand.ico
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\favicon.ico
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe
c:\program files\Ask.com\UpdateTask.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-19 do 2010-08-19 )))))))))))))))))))))))))))))))
.

2010-08-19 08:09 . 2010-08-19 08:09 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-08-19 08:09 . 2010-08-19 08:09 -------- d-----w- c:\users\Negal\AppData\Local\temp
2010-08-19 08:09 . 2010-08-19 08:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-08-18 19:03 . 2010-08-18 19:03 -------- d-----w- c:\users\Negal\AppData\Local\119614890733675764
2010-08-18 19:03 . 2010-08-18 19:03 -------- d-----w- c:\users\Negal\AppData\Local\119611678098138356
2010-08-18 18:50 . 2010-08-18 18:52 -------- d-----w- c:\program files\trend micro
2010-08-18 18:50 . 2010-08-18 18:51 -------- d-----w- C:\rsit
2010-08-18 17:09 . 2010-08-18 17:14 -------- d-----w- c:\programdata\TrackMania
2010-08-18 12:14 . 2010-08-18 12:14 -------- d-----w- c:\program files\QS
2010-08-18 12:14 . 2010-08-18 12:14 -------- d-----w- c:\users\Negal\AppData\Roaming\TeamViewer
2010-08-17 15:11 . 2010-08-17 15:11 -------- d-----w- c:\programdata\WindowsSearch
2010-08-17 15:05 . 2010-08-17 15:05 -------- d--h--w- c:\windows\msdownld.tmp
2010-08-17 14:17 . 2010-08-19 07:27 0 ----a-w- c:\windows\system32\Access.dat
2010-08-17 14:12 . 2010-08-18 19:52 -------- d-----w- c:\users\Negal\AppData\Roaming\Tunngle
2010-08-17 14:12 . 2010-08-18 13:53 -------- d-----w- c:\programdata\Tunngle
2010-08-17 14:12 . 2009-09-16 06:02 27136 ----a-w- c:\windows\system32\drivers\tap0901t.sys
2010-08-17 14:12 . 2010-08-17 14:16 -------- d-----w- c:\program files\Tunngle
2010-08-17 14:09 . 2010-08-17 14:09 -------- d-----w- c:\program files\Killing Floor
2010-08-17 13:56 . 2010-08-18 17:19 -------- d-----w- c:\users\Negal\AppData\Roaming\Xfire
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- c:\programdata\Xfire
2010-08-17 13:56 . 2010-08-17 13:56 -------- d-----w- c:\program files\Xfire
2010-08-17 07:55 . 2010-08-17 07:55 -------- d-----w- c:\users\Negal\AppData\Local\Opera
2010-08-17 07:55 . 2010-08-17 07:55 -------- d-----w- c:\program files\Opera
2010-08-17 07:46 . 2010-08-17 07:46 -------- d-----w- c:\programdata\IObit
2010-08-16 19:15 . 2010-08-16 19:15 -------- d-----w- c:\users\Negal\AppData\Local\Deployment
2010-08-16 19:15 . 2010-08-16 19:15 -------- d-----w- c:\users\Negal\AppData\Local\Apps
2010-08-16 19:12 . 2010-08-16 19:12 -------- d-----w- c:\program files\Microsoft.NET
2010-08-15 21:55 . 2008-10-17 03:17 29184 ----a-w- c:\windows\system32\drivers\l260x86.sys
2010-08-15 21:46 . 2010-08-15 21:46 -------- d-----w- c:\program files\Driver-Soft
2010-08-15 21:35 . 2010-08-16 09:46 -------- d-----w- c:\users\Negal\AppData\Local\PMB Files
2010-08-15 21:35 . 2010-08-15 21:35 -------- d-----w- c:\programdata\PMB Files
2010-08-15 21:34 . 2010-08-15 21:34 -------- d-----w- c:\program files\Pando Networks
2010-08-13 09:36 . 2010-08-13 12:18 -------- d-----w- c:\users\Negal\AppData\Local\Turbine
2010-08-13 02:59 . 2010-08-13 02:59 93 ----a-w- c:\users\Negal\AppData\Local\fusioncache.dat
2010-08-13 02:59 . 2010-08-15 21:15 -------- d-----w- c:\users\Negal\AppData\Local\ApplicationHistory
2010-08-13 02:57 . 2010-08-13 02:57 -------- d-----w- c:\windows\system32\URTTEMP
2010-08-13 02:12 . 2010-08-13 02:12 -------- d-----w- c:\program files\Turbine
2010-08-12 07:30 . 2010-08-13 16:30 47364 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-08-11 10:08 . 2010-08-12 07:30 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-08-11 10:08 . 2010-08-12 07:46 -------- d-----w- c:\program files\StarCraft II
2010-08-11 10:08 . 2010-08-11 10:33 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-08-11 01:52 . 2010-06-21 13:37 2037760 ----a-w- c:\windows\system32\win32k.sys
2010-08-11 01:52 . 2010-05-27 20:08 81920 ----a-w- c:\windows\system32\iccvid.dll
2010-08-11 01:52 . 2010-06-18 17:31 36864 ----a-w- c:\windows\system32\rtutils.dll
2010-08-11 01:50 . 2010-06-18 15:04 302080 ----a-w- c:\windows\system32\drivers\srv.sys
2010-08-11 01:50 . 2010-06-18 15:04 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-08-10 21:16 . 2010-08-10 21:16 -------- d-----w- c:\program files\WinPcap
2010-08-10 21:16 . 2010-08-10 21:16 -------- d-----w- c:\program files\DsNET Corp
2010-08-10 20:49 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-08-10 20:49 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-08-10 20:49 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-08-10 20:49 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-08-10 20:49 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-10 20:49 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-08-10 20:49 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-08-10 20:49 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-08-10 20:49 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-08-10 20:44 . 2010-08-10 20:44 -------- d-----w- c:\users\Negal\AppData\Local\2K Games
2010-08-10 20:33 . 2010-08-17 12:41 -------- d-----w- c:\program files\Crawler
2010-08-10 20:15 . 2010-08-10 20:15 6144 ----a-w- c:\programdata\Spyware Terminator\sp_rsdel.exe
2010-08-10 20:15 . 2010-08-10 20:15 5632 ----a-w- c:\programdata\Spyware Terminator\fileobjinfo.sys
2010-08-10 20:15 . 2010-08-18 12:15 -------- d-----w- c:\users\Negal\AppData\Roaming\Spyware Terminator
2010-08-10 20:15 . 2010-08-10 20:15 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-08-10 20:15 . 2010-08-18 13:32 -------- d-----w- c:\programdata\Spyware Terminator
2010-08-10 20:15 . 2010-08-18 18:46 -------- d-----w- c:\program files\Spyware Terminator
2010-08-10 20:02 . 2010-08-10 20:02 -------- d-----w- c:\users\Negal\AppData\Roaming\Godlike
2010-08-10 20:02 . 2010-08-10 20:02 28 ----a-w- c:\users\Negal\AppData\Roaming\Godlike\ultimatewt.dll
2010-08-10 20:01 . 2010-08-10 20:01 -------- d-----w- c:\program files\WinTools Software
2010-08-10 19:36 . 2010-08-10 19:36 -------- d-----w- c:\users\Negal\AppData\Roaming\QIP
2010-08-10 19:36 . 2010-08-10 19:36 -------- d-----w- c:\program files\QIP 2010
2010-08-10 00:03 . 2010-08-12 07:22 -------- d-----w- c:\users\Negal\AppData\Roaming\IObit
2010-08-10 00:03 . 2010-08-12 07:22 -------- d-----w- c:\program files\IObit
2010-08-09 23:58 . 2010-08-09 23:58 -------- d-----w- c:\programdata\PC Auto Shutdown
2010-08-09 23:58 . 2010-08-09 23:58 -------- d-----w- c:\program files\PC Auto Shutdown
2010-08-07 15:08 . 2010-08-07 15:53 -------- d-----w- c:\program files\Electronic Arts
2010-08-07 15:06 . 2010-08-07 15:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-08-07 14:26 . 2010-08-07 14:27 -------- d-----w- c:\users\Negal\AppData\Local\Adobe
2010-08-07 14:24 . 2010-08-07 14:24 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-07 14:14 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2010-08-07 13:27 . 2010-08-07 13:27 -------- d-----w- c:\program files\GamePark
2010-08-07 13:07 . 2010-08-07 13:07 -------- d-----w- c:\program files\Activision
2010-08-07 13:00 . 2010-08-07 13:00 -------- d-----w- c:\program files\Alcohol Soft
2010-08-07 12:49 . 2010-08-07 12:49 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-08-07 12:48 . 2010-08-07 13:00 -------- d-----w- c:\users\Negal\AppData\Roaming\DAEMON Tools Lite
2010-08-07 12:48 . 2010-08-07 12:48 -------- d-----w- c:\programdata\DAEMON Tools Lite
2010-08-07 11:58 . 2010-08-07 11:59 -------- d-----w- c:\programdata\COMODO
2010-08-07 11:48 . 2010-08-07 11:48 -------- d-----w- c:\program files\COMODO
2010-08-07 11:46 . 2010-08-07 11:47 -------- d-----w- c:\programdata\Comodo Downloader
2010-08-07 11:36 . 2010-08-13 17:57 -------- d-----w- c:\users\Negal\AppData\Roaming\ICQ
2010-08-07 11:36 . 2010-08-07 11:36 -------- d-----w- c:\users\Negal\AppData\Local\AOL
2010-08-07 11:36 . 2010-08-13 17:42 -------- d-----w- c:\program files\ICQ7.1
2010-08-07 11:32 . 2010-08-19 07:30 -------- d-----w- c:\users\Negal\AppData\Roaming\Skype
2010-08-07 11:32 . 2010-08-07 11:32 -------- d-----r- c:\program files\Skype
2010-08-07 11:32 . 2010-08-07 11:32 -------- d-----w- c:\programdata\Skype
2010-08-07 11:29 . 2008-03-05 14:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-08-07 11:29 . 2008-03-05 14:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-08-07 11:29 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-08-07 11:29 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-08-07 11:29 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-08-07 11:29 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-08-07 11:24 . 2010-08-07 11:23 151552 ----a-w- c:\windows\system32\nvRegDev.dll
2010-08-07 11:02 . 2010-08-16 21:23 -------- d-----w- c:\users\Negal\AppData\Roaming\Rainmeter
2010-08-07 11:01 . 2010-08-07 11:02 -------- d-----w- c:\program files\Rainmeter
2010-08-07 10:15 . 2010-08-07 10:15 -------- d-----w- c:\users\Negal\AppData\Roaming\URSoft
2010-08-07 10:15 . 2010-08-07 10:15 -------- d-----w- c:\program files\Your Uninstaller 2010
2010-08-06 22:48 . 2010-08-07 10:18 -------- d--h--w- c:\programdata\{9784CF0C-B63B-4A60-A1B8-0D38CDF756EB}
2010-08-06 22:48 . 2008-05-07 09:39 2326702 ------w- c:\programdata\{9784CF0C-B63B-4A60-A1B8-0D38CDF756EB}\DriverUpdaterPro.exe
2010-08-06 22:47 . 2010-08-06 22:47 -------- d-----w- c:\users\Negal\AppData\Local\ESET
2010-08-06 21:57 . 2010-08-06 21:57 -------- d-----w- c:\users\Negal\AppData\Local\RadarSync
2010-08-06 21:29 . 2010-03-02 14:04 53248 ----a-w- c:\windows\system32\CSVer.dll
2010-08-06 21:29 . 2010-08-06 21:29 -------- d-----w- C:\Intel
2010-08-06 21:28 . 2010-08-06 21:28 -------- d-----w- c:\users\Negal\AppData\Roaming\Carambis
2010-08-06 20:31 . 2010-08-09 22:37 -------- d-----w- c:\program files\SpeedFan
2010-08-06 20:20 . 2010-08-06 20:20 -------- d-----w- c:\program files\Common Files\Java
2010-08-06 20:18 . 2010-08-06 20:18 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-08-06 20:18 . 2010-08-06 20:18 -------- d-----w- c:\program files\Java
2010-08-05 03:08 . 2009-08-24 11:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2010-08-05 01:24 . 2010-08-05 01:24 -------- d-----w- c:\program files\Windows Portable Devices
2010-08-05 01:06 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2010-08-05 01:06 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2010-08-05 01:06 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2010-08-05 01:04 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-19 08:09 . 2002-01-01 08:39 -------- d-----w- c:\users\Negal\AppData\Roaming\uTorrent
2010-08-19 07:28 . 2002-01-01 10:14 36917 ----a-w- c:\programdata\nvModes.dat
2010-08-19 07:28 . 2002-01-01 09:08 -------- d-----w- c:\programdata\NVIDIA
2010-08-18 18:24 . 2010-07-10 10:27 -------- d-----w- c:\program files\Steam
2010-08-18 18:24 . 2002-01-01 10:08 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-08-18 18:24 . 2002-01-01 10:08 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-08-18 07:57 . 2007-01-08 21:09 615926 ----a-w- c:\windows\system32\perfh005.dat
2010-08-18 07:57 . 2007-01-08 21:09 122864 ----a-w- c:\windows\system32\perfc005.dat
2010-08-16 21:26 . 2010-08-04 08:32 680 ----a-w- c:\users\Negal\AppData\Local\d3d9caps.dat
2010-08-12 10:17 . 2010-08-04 22:05 -------- d-----w- c:\program files\Mozilla Firefox 4.0 Beta 2
2010-08-12 10:08 . 2002-01-01 09:06 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-11 01:52 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-08-09 18:15 . 2010-07-10 10:27 -------- d-----w- c:\program files\Common Files\Steam
2010-08-05 03:08 . 2002-01-01 09:00 -------- d-----w- c:\program files\ESET
2010-08-05 01:23 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2010-08-05 01:23 . 2010-08-05 01:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-08-04 22:08 . 2002-01-01 09:01 -------- d-----w- c:\programdata\Pure Networks
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Plocha
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Oblíbené položky
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Šablony
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Nabídka Start
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Dokumenty
2010-08-04 08:30 . 2010-08-04 08:30 -------- d-sh--we c:\programdata\Data aplikací
2010-07-14 08:00 . 2010-07-10 08:48 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-07-10 10:11 . 2010-07-10 10:11 4 ----a-w- c:\users\Negal\AppData\Roaming\steam_md2.dat
2010-07-10 08:48 . 2010-07-10 08:48 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-07-10 08:45 . 2010-07-10 08:45 -------- d-----w- c:\program files\AC3Filter
2010-07-09 23:49 . 2010-07-09 23:49 -------- d-----w- c:\program files\CPUID
2010-07-09 22:37 . 2002-01-01 09:05 795104 ----a-w- c:\windows\system32\dpinst.exe
2010-07-09 22:37 . 2002-01-01 09:05 236136 ----a-w- c:\windows\system32\nvcod1922.dll
2010-07-09 19:00 . 2010-07-09 19:00 41872 ----a-w- c:\windows\system32\xfcodec.dll
2010-07-09 15:23 . 2010-07-09 15:23 -------- d-----w- c:\program files\Real Desktop
2010-07-09 15:20 . 2010-07-09 15:20 66664 ----a-w- c:\windows\system32\nvshext.dll
2010-07-09 15:20 . 2010-07-09 15:20 1881704 ----a-w- c:\windows\system32\nvsvcr.dll
2010-07-09 11:18 . 2010-07-09 23:49 20328 ----a-w- c:\windows\system32\drivers\cpuz134_x32.sys
2010-07-08 21:00 . 2010-07-08 21:00 515848 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-07-08 21:00 . 2010-07-08 21:00 -------- d-----w- c:\program files\Lavalys
2010-07-08 20:03 . 2010-07-08 20:03 427351 ----a-w- c:\windows\P5GC-MX-ASUS-1333-0407.zip
2010-07-08 17:56 . 2010-07-08 17:56 -------- d-----w- c:\program files\Attansic
2010-07-08 17:51 . 2010-07-08 17:51 -------- d-----w- c:\program files\ASUS
2010-06-26 06:05 . 2010-08-11 01:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-26 06:02 . 2010-08-11 01:51 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-06-26 06:02 . 2010-08-11 01:51 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-06-26 04:25 . 2010-08-11 01:51 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-06-16 16:04 . 2010-08-11 01:51 905088 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-11 16:16 . 2010-08-11 01:51 274944 ----a-w- c:\windows\system32\schannel.dll
2010-06-11 16:15 . 2010-08-11 01:51 1248768 ----a-w- c:\windows\system32\msxml3.dll
2010-06-08 17:35 . 2010-08-11 01:51 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-08 17:35 . 2010-08-11 01:51 3600768 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-08 16:10 . 2010-07-10 08:48 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-06-08 16:10 . 2010-07-10 08:48 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-06-07 23:57 . 2002-01-01 09:55 56936 ----a-w- c:\windows\system32\OpenCL.dll
2010-06-07 23:57 . 2002-01-01 09:55 4967528 ----a-w- c:\windows\system32\nvwgf2um.dll
2010-06-07 23:57 . 2002-01-01 09:55 10888168 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-06-07 23:57 . 2002-01-01 09:55 9712744 ----a-w- c:\windows\system32\nvd3dum.dll
2010-06-07 23:57 . 2002-01-01 09:55 4513384 ----a-w- c:\windows\system32\nvcuda.dll
2010-06-07 23:57 . 2002-01-01 09:55 2632296 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-06-07 23:57 . 2002-01-01 09:55 2145896 ----a-w- c:\windows\system32\nvcuvid.dll
2010-06-07 23:57 . 2002-01-01 09:55 15764072 ----a-w- c:\windows\system32\nvoglv32.dll
2010-06-07 23:57 . 2002-01-01 09:55 232040 ----a-w- c:\windows\system32\nvcod1921.dll
2010-06-07 23:57 . 2002-01-01 09:55 232040 ----a-w- c:\windows\system32\nvcod.dll
2010-06-07 23:57 . 2002-01-01 09:55 1592424 ----a-w- c:\windows\system32\nvapi.dll
2010-06-07 23:57 . 2002-01-01 09:55 10263144 ----a-w- c:\windows\system32\nvcompiler.dll
2010-06-07 16:48 . 2010-06-07 16:48 13917800 ----a-w- c:\windows\system32\nvcpl.dll
2010-06-07 16:48 . 2010-06-07 16:48 1331816 ----a-w- c:\windows\system32\nvsvc.dll
2010-06-07 16:48 . 2010-06-07 16:48 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-06-07 16:48 . 2010-06-07 16:48 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-06-04 09:55 . 2010-06-04 09:55 224240 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2010-06-01 17:00 . 2010-06-01 17:00 278288 ----a-w- c:\windows\system32\guard32.dll
2010-06-01 17:00 . 2010-06-01 17:00 75944 ----a-w- c:\windows\system32\drivers\inspect.sys
2010-06-01 17:00 . 2010-06-01 17:00 30112 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2010-06-01 17:00 . 2010-06-01 17:00 16744 ----a-w- c:\windows\system32\drivers\cmderd.sys
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2002-01-01 327984]
"CreativeTaskScheduler"="c:\program files\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2009-11-15 33120]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952]
"Infium"="c:\program files\QIP 2010\qip.exe" [2010-08-02 5841872]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2010-08-10 3037696]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-18 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-03-31 2145000]
"CTxfiHlp"="CTXFIHLP.EXE" [2009-06-03 25600]
"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2008-05-16 648504]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2008-05-21 451896]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-06-01 2039240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2010-08-10 2176512]

c:\users\Negal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2010-7-9 3493776]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Aktualizovat ESET licenci.lnk - c:\program files\ESET\MiNODLogin\MiNODLogin.exe [2010-7-1 125952]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2010-6-13 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2010-06-08 11:39 133368 ----a-w- c:\program files\ICQ7.1\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Auto Shutdown]
2010-07-06 18:41 1387520 ----a-w- c:\program files\PC Auto Shutdown\AutoShutdown.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-07-10 10:27 1238352 ----a-w- c:\program files\Steam\Steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):f0,16,ba,a5,a1,92,c1,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2002-01-01 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2009-06-04 171032]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2009-06-04 72728]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt [2010-03-30 27760]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-08-07 691696]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-06-04 224240]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-06-01 30112]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-03-31 114984]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2010-08-10 142592]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-03-31 134024]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-03-31 810120]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-03-31 96896]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 PCAutoShutdown_Service;PCAutoShutdown_Service;c:\program files\PC Auto Shutdown\ShutdownService.exe [2010-04-19 441624]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-06-07 240232]
S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2010-07-06 716024]
S3 Atc002;NDIS Miniport Driver for Atheros L2 Fast Ethernet Controller;c:\windows\system32\DRIVERS\l260x86.sys [2008-10-17 29184]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2009-06-04 171032]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2009-06-04 1324056]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2009-06-04 72728]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
senekalight
.
Obsah adresáře 'Naplánované úlohy'

2010-08-16 c:\windows\Tasks\At1.job
- c:\windows\system32\Shutdown.exe [2001-12-31 22:33]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://i24search.com
IE: Crawler Search - tbr:iemenu
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
TCP: {EAD93E38-EF8F-42B0-9300-119433D9D9C5} = 156.154.70.22,156.154.71.22
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\users\Negal\AppData\Roaming\Mozilla\Firefox\Profiles\16n6wpfl.default\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: c:\program files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
Celkový čas: 2010-08-19 10:12:32
ComboFix-quarantined-files.txt 2010-08-19 08:12
ComboFix2.txt 2010-08-19 07:23

Před spuštěním: Volných bajtů: 16 955 228 160
Po spuštění: Volných bajtů: 16 913 862 656

- - End Of File - - 48F85FE76472BF174D5E39DFB68BCCDD

Log již vypadá čistý. Jusched.exe je legitimní soubor (Java update scheduler).

ok dekuji moc

a jeste bych se rad zeptal co znamena toto

Ospravedlnujem sa, ze som sa som votrel, ale ak vidim dobre, tak v logu vidiet, ze tam mas cracknuty Nod.....
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
Cracknuty antivir je antivir na h*vno, takze by si ho mal nahradit free riesenim.
Navrhol by som ti Avast 5 Free Edition + Zone Alarm.
Zvysok necham na Rudy-ho.

ja bych tam rad nakopal jinej a ne ten co my tam dal kamos jenze muj pocitat vzdy uplne blbe reaguje na odinstalaci antiviroveho programu ..( furt pada operacak nebo se seka)

Skus pouzit ->>>TOTO<<<-
Ak nezabere tak skusim este neco pohladat, ale malo by ti to ist. S PC by sa ti nemalo nic stat, kedze ten nod32removal je zo stranok ESETu, ale ajtak nerucim za vysledok.
Vela stastia.

tak me to smazal Spywareterminator ja byl jen zvedavej ctj ze jse to tomu terminatorovy nelibilo

Takže je vše v pořádku?

jj je uz se to tam nezobrazuje ale ja byl jen zvedavej co to bylo

Byly to Cookies, což jsou soubory, které si pamatují návštěvu určitých webů z určitého PC (při další návštěvě PC poznají). PC tím dokáží identifikovat. Není to ale velké nebezpečí. Pokud si ukládání cookies nepřejete, zakažte to v prohlížeči.