Prosím o kontrolu - padá explorer.exe

Zpráva

Kolcek93 · #1 Příspěvek od **Kolcek93** » 20 srp 2010 15:54

Zdravím,
před pár dny mi začal při otevírání složek s videosoubory padat explorer.exe. Otevřu složku, ve které je třeba 20 souborů a za chvilku vyskočí oblíbená tabulka odesílat/neodesílat. Okem začátečníka jsem si kontroloval log z hijackthis a nic podezřelého jsem tam neviděl. Nicméně chtěl bych poprosit o kontrolu RSIT logu, abych věděl, zda mám v PC nějakej neřád nebo to je chyba hochů z M$.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubik at 2010-08-20 16:54:20
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 80 GB (80%) free of 100 GB
Total RAM: 3071 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:54:21, on 20.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\WPMP150\miranda32.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Kubik\Plocha\RSIT.exe
C:\Program Files\trend micro\Kubik.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [TortoiseHgOverlayIconServer] C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - H:\Gamez\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 5667 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOLCEKUVKOMP-Kubik.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1637723038-725345543-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-1637723038-725345543-1003UA.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1637723038-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1637723038-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-23 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-30 19523616]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"TortoiseHgOverlayIconServer"=C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe [2010-07-12 44448]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-05-27 159744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\WPMP150\miranda32.exe"="C:\Program Files\WPMP150\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe"="C:\Program Files\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"H:\Gamez\Dragon Age\bin_ship\daorigins.exe"="H:\Gamez\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"H:\Gamez\Dragon Age\DAOriginsLauncher.exe"="H:\Gamez\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"H:\Gamez\Dragon Age\bin_ship\daupdatersvc.service.exe"="H:\Gamez\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe"="C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe:*:Enabled:v_mysqld"
"C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe"="C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"H:\Gamez\WoW\Launcher.exe"="H:\Gamez\WoW\Launcher.exe:*:Enabled:Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Gamez\Steam\Steam.exe"="D:\Gamez\Steam\Steam.exe:*:Enabled:Steam"
"D:\Gamez\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="D:\Gamez\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"H:\Gamez\Call of Duty 4\iw3mp.exe"="H:\Gamez\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"H:\WoW-develop\Trinity\bin\Win32_Release\authserver.exe"="H:\WoW-develop\Trinity\bin\Win32_Release\authserver.exe:*:Enabled:authserver"
"H:\WoW-develop\Trinity\bin\Win32_Release\worldserver.exe"="H:\WoW-develop\Trinity\bin\Win32_Release\worldserver.exe:*:Enabled:worldserver"
"C:\Program Files\TortoiseHg\hgtk.exe"="C:\Program Files\TortoiseHg\hgtk.exe:*:Enabled:TortoiseHg GUI tools for Mercurial SCM"
"D:\Gamez\Steam\SteamApps\common\mafia ii - public demo\launcher.exe"="D:\Gamez\Steam\SteamApps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"
"D:\Gamez\Steam\SteamApps\kolcek93\counter-strike source\hl2.exe"="D:\Gamez\Steam\SteamApps\kolcek93\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Program pro přenos souborů"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe"="C:\Program Files\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-08-20 12:32:17 ----SHD---- C:\Config.Msi
2010-08-19 14:54:01 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-08-19 14:54:01 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-08-19 14:54:00 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-08-17 14:58:39 ----D---- C:\Program Files\CCleaner
2010-08-13 12:09:17 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-11 23:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 23:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-11 23:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 23:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 23:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 23:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 23:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 23:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-06 16:23:02 ----A---- C:\WINDOWS\system32\libmysql_d.dll
2010-08-06 16:23:00 ----D---- C:\Program Files\PremiumSoft
2010-08-06 13:56:12 ----D---- C:\Program Files\Common Files\Java
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\java.exe
2010-08-06 13:28:53 ----D---- C:\Documents and Settings\Kubik\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-08-06 13:21:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2010-08-06 13:17:48 ----D---- C:\Program Files\Adobe Media Player
2010-08-06 13:17:00 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-05 23:44:11 ----D---- C:\Program Files\LogMeIn Hamachi
2010-08-05 18:55:01 ----D---- C:\Documents and Settings\Kubik\Data aplikací\SQLyog
2010-08-05 17:51:18 ----A---- C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2010-08-05 17:51:09 ----A---- C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2010-08-05 17:50:38 ----D---- C:\WINDOWS\system32\RsFx
2010-08-05 17:48:25 ----D---- C:\Program Files\Microsoft SQL Server
2010-08-05 17:46:07 ----D---- C:\Program Files\Common Files\Merge Modules
2010-08-05 17:46:06 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2010-08-05 17:46:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-05 17:45:31 ----D---- C:\Program Files\Microsoft SDKs
2010-08-05 17:26:53 ----D---- C:\Program Files\SQLyog Trial
2010-08-05 17:23:46 ----D---- C:\Documents and Settings\Kubik\Data aplikací\TortoiseHg
2010-08-05 17:21:18 ----D---- C:\Program Files\TortoiseHg
2010-08-05 17:21:18 ----D---- C:\Program Files\Common Files\TortoiseOverlays
2010-08-05 14:45:39 ----D---- C:\Documents and Settings\Kubik\Data aplikací\PSpad
2010-08-05 14:45:33 ----D---- C:\Program Files\PSPad editor
2010-08-04 01:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-02 21:38:12 ----D---- C:\Program Files\GamePark
2010-08-02 18:21:55 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-08-02 18:21:55 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-08-02 18:21:47 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-08-02 18:14:50 ----SHD---- C:\WINDOWS\ftpcache
2010-08-02 18:13:50 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2010-08-02 18:13:50 ----A---- C:\Documents and Settings\Kubik\Data aplikací\PnkBstrK.sys
2010-08-02 18:13:34 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-08-02 18:13:33 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-02 18:13:33 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-08-02 18:13:32 ----A---- C:\WINDOWS\game.ini
2010-08-02 01:03:53 ----D---- C:\Program Files\PowerArchiver
2010-08-01 21:49:13 ----D---- C:\Program Files\FDRLab
2010-07-31 00:05:49 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-07-31 00:04:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard
2010-07-30 10:25:03 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-07-30 10:24:42 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-07-30 10:24:38 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\Kubik\Data aplikací\PC Suite
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\Kubik\Data aplikací\Nokia
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-07-30 10:23:34 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-30 10:23:32 ----D---- C:\Program Files\Common Files\Nokia
2010-07-30 10:23:27 ----D---- C:\Program Files\DIFX
2010-07-30 10:23:27 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-07-30 10:23:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-30 10:23:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-07-30 10:23:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-07-30 10:23:18 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-07-30 10:23:16 ----D---- C:\Program Files\Nokia
2010-07-30 10:23:16 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-07-30 10:22:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-07-29 11:12:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-07-29 11:11:59 ----D---- C:\Program Files\Common Files\Adobe
2010-07-29 11:11:59 ----D---- C:\Program Files\Adobe
2010-07-23 12:19:42 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2010-07-23 12:19:39 ----A---- C:\WINDOWS\system32\pndx5032.dll
2010-07-23 12:19:39 ----A---- C:\WINDOWS\system32\pndx5016.dll
2010-07-23 12:19:34 ----D---- C:\Program Files\Common Files\xing shared
2010-07-23 12:19:23 ----A---- C:\WINDOWS\system32\pncrt.dll
2010-07-23 12:19:22 ----D---- C:\Program Files\Real
2010-07-23 12:19:22 ----D---- C:\Program Files\Common Files\Real
2010-07-23 12:19:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Real
2010-07-23 12:19:21 ----D---- C:\Documents and Settings\Kubik\Data aplikací\Real

======List of files/folders modified in the last 1 months======

2010-08-20 16:54:21 ----D---- C:\Program Files\trend micro
2010-08-20 16:54:07 ----D---- C:\Documents and Settings\Kubik\Data aplikací\uTorrent
2010-08-20 16:50:17 ----D---- C:\WINDOWS\Prefetch
2010-08-20 16:48:40 ----D---- C:\WINDOWS\Temp
2010-08-20 12:32:26 ----SHD---- C:\WINDOWS\Installer
2010-08-20 12:32:13 ----D---- C:\WINDOWS\system32
2010-08-20 01:37:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-19 16:56:59 ----D---- C:\Documents and Settings\Kubik\Data aplikací\Adobe
2010-08-19 14:54:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-19 14:54:01 ----D---- C:\WINDOWS\system32\drivers
2010-08-19 14:53:59 ----HD---- C:\WINDOWS\inf
2010-08-19 14:53:59 ----D---- C:\WINDOWS
2010-08-19 12:40:57 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-18 03:07:37 ----D---- C:\Documents and Settings\Kubik\Data aplikací\codeblocks
2010-08-17 15:00:57 ----D---- C:\WINDOWS\Debug
2010-08-17 14:58:39 ----AD---- C:\Program Files
2010-08-17 12:47:11 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-17 02:30:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-17 02:30:09 ----RSD---- C:\WINDOWS\assembly
2010-08-17 02:30:06 ----D---- C:\WINDOWS\WinSxS
2010-08-16 16:53:25 ----SD---- C:\WINDOWS\Tasks
2010-08-15 13:15:14 ----D---- C:\Program Files\Opera
2010-08-11 23:49:58 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-11 23:47:59 ----D---- C:\Program Files\Internet Explorer
2010-08-11 23:47:53 ----D---- C:\WINDOWS\ie8updates
2010-08-11 23:46:21 ----D---- C:\Program Files\Movie Maker
2010-08-10 12:37:04 ----D---- C:\Program Files\Common Files
2010-08-10 12:36:24 ----D---- C:\WINDOWS\system32\DirectX
2010-08-06 13:55:58 ----D---- C:\Program Files\Java
2010-08-06 13:18:08 ----RSD---- C:\WINDOWS\Fonts
2010-08-05 17:50:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-05 17:50:04 ----D---- C:\WINDOWS\system32\1033
2010-08-05 17:49:56 ----D---- C:\Program Files\Microsoft.NET
2010-08-05 17:47:48 ----SD---- C:\Documents and Settings\Kubik\Data aplikací\Microsoft
2010-08-05 17:47:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-08-02 21:37:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-30 10:23:40 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-23 12:19:23 ----A---- C:\WINDOWS\system32\msvcp71.dll
2010-07-23 10:38:07 ----D---- C:\WINDOWS\system32\config
2010-07-23 10:37:58 ----D---- C:\WINDOWS\system32\wbem
2010-07-23 10:37:57 ----D---- C:\WINDOWS\Registration
2010-07-23 10:37:40 ----D---- C:\WINDOWS\system32\Restore
2010-07-21 11:53:29 ----D---- C:\Program Files\The KMPlayer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys []
R2 vmci;VMware vmci; \??\C:\WINDOWS\system32\Drivers\vmci.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2010-05-21 32688]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-05-27 4830720]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-30 6032928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2010-05-20 16560]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-05-27 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; H:\Gamez\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-16 75064]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-08-16 219128]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
S4 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2010-04-27 191024]
S4 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2010-05-21 113200]
S4 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2010-05-21 334384]
S4 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-20 539184]
S4 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2010-05-21 399920]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 20 srp 2010 21:33

Dobrý večer

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

Kolcek93 · #3 Příspěvek od **Kolcek93** » 20 srp 2010 22:07

Log z combofixu
ComboFix 10-08-19.02 - Kubik 20.08.2010 23:02:55.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3071.2126 [GMT 2:00]
Spuštěný z: c:\documents and settings\Kubik\Plocha\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\install.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-07-20 do 2010-08-20 )))))))))))))))))))))))))))))))
.

2010-08-19 12:54 . 2008-04-13 18:45 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-08-19 12:54 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-08-19 12:54 . 2001-10-24 10:25 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-08-19 12:54 . 2008-04-14 03:21 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-08-17 12:58 . 2010-08-17 12:58 -------- d-----w- c:\program files\CCleaner
2010-08-16 14:53 . 2010-08-16 14:53 -------- d-sh--w- c:\documents and settings\Kubik\PrivacIE
2010-08-13 10:09 . 2010-08-13 10:09 -------- d-----w- c:\program files\NVIDIA Corporation
2010-08-10 10:36 . 2010-06-02 02:55 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2010-08-10 10:36 . 2010-06-02 02:55 527192 ----a-w- c:\windows\system32\XAudio2_7.dll
2010-08-10 10:36 . 2010-06-02 02:55 239960 ----a-w- c:\windows\system32\xactengine3_7.dll
2010-08-10 10:36 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2010-08-10 10:36 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2010-08-10 10:36 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2010-08-10 10:36 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2010-08-10 10:36 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2010-08-10 10:36 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-08-10 10:36 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-08-10 10:36 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-08-10 10:36 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-08-07 10:28 . 2010-08-07 10:28 -------- d-----w- c:\documents and settings\Kubik\2kxpinf
2010-08-06 14:23 . 2009-05-12 11:12 1712128 ----a-w- c:\windows\system32\libmysql_d.dll
2010-08-06 14:23 . 2010-08-06 14:23 -------- d-----w- c:\program files\PremiumSoft
2010-08-06 11:56 . 2010-08-06 11:56 -------- d-----w- c:\program files\Common Files\Java
2010-08-06 11:17 . 2010-08-06 11:17 -------- d-----w- c:\program files\Adobe Media Player
2010-08-06 11:17 . 2010-08-06 11:17 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-08-05 21:44 . 2010-08-05 21:44 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-08-05 15:51 . 2008-07-11 00:28 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2010-08-05 15:51 . 2008-07-11 00:28 79896 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2010-08-05 15:50 . 2010-08-05 15:50 -------- d-----w- c:\windows\system32\RsFx
2010-08-05 15:48 . 2010-08-05 15:50 -------- d-----w- c:\program files\Microsoft SQL Server
2010-08-05 15:46 . 2010-08-05 15:46 -------- d-----w- c:\program files\Common Files\Merge Modules
2010-08-05 15:46 . 2010-08-05 15:47 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2010-08-05 15:45 . 2010-08-05 15:45 -------- d-----w- c:\program files\Microsoft SDKs
2010-08-05 15:26 . 2010-08-05 15:26 -------- d-----w- c:\program files\SQLyog Trial
2010-08-05 15:21 . 2010-08-05 15:21 -------- d-----w- c:\program files\TortoiseHg
2010-08-05 15:21 . 2010-08-05 15:21 -------- d-----w- c:\program files\Common Files\TortoiseOverlays
2010-08-05 12:45 . 2010-08-05 12:45 -------- d-----w- c:\program files\PSPad editor
2010-08-02 19:38 . 2010-08-02 19:38 -------- d-----w- c:\program files\GamePark
2010-08-02 16:14 . 2010-08-02 16:14 -------- d-sh--w- c:\windows\ftpcache
2010-08-02 16:13 . 2010-08-15 23:03 138592 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-08-02 16:13 . 2010-08-15 23:03 219128 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-08-02 16:13 . 2010-08-15 23:02 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-08-02 16:13 . 2010-08-02 16:13 -------- d-----w- c:\windows\system32\LogFiles
2010-08-01 23:03 . 2010-08-15 22:24 -------- d-----w- c:\program files\PowerArchiver
2010-08-01 19:49 . 2010-08-01 19:49 -------- d-----w- c:\program files\FDRLab
2010-07-30 22:05 . 2010-07-30 22:05 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-07-30 08:25 . 2008-04-13 18:45 26112 -c--a-w- c:\windows\system32\dllcache\usbser.sys
2010-07-30 08:25 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2010-07-30 08:24 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
2010-07-29 09:11 . 2010-08-06 11:18 -------- d-----w- c:\program files\Common Files\Adobe
2010-07-23 10:19 . 2010-07-23 10:19 -------- d-----w- c:\program files\Common Files\xing shared
2010-07-23 10:19 . 2010-07-23 10:19 -------- d-----w- c:\program files\Common Files\Real
2010-07-23 10:19 . 2010-07-23 10:19 -------- d-----w- c:\program files\Real
2010-07-23 08:37 . 2010-07-23 08:37 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-20 14:54 . 2010-07-11 14:16 -------- d-----w- c:\program files\trend micro
2010-08-17 00:30 . 2001-10-25 14:00 498022 ----a-w- c:\windows\system32\perfh005.dat
2010-08-17 00:30 . 2001-10-25 14:00 104744 ----a-w- c:\windows\system32\perfc005.dat
2010-08-15 11:15 . 2010-07-09 14:15 -------- d-----w- c:\program files\Opera
2010-08-06 11:55 . 2010-07-10 18:03 -------- d-----w- c:\program files\Java
2010-08-05 15:49 . 2010-07-11 14:06 -------- d-----w- c:\program files\Microsoft.NET
2010-08-02 19:37 . 2010-07-09 14:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-30 08:24 . 2010-07-30 08:24 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01009.Wdf
2010-07-30 08:24 . 2010-07-30 08:24 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
2010-07-30 08:23 . 2010-07-30 08:23 -------- d-----w- c:\program files\DIFX
2010-07-30 08:23 . 2010-07-30 08:23 -------- d-----w- c:\program files\Common Files\PCSuite
2010-07-30 08:23 . 2010-07-30 08:23 -------- d-----w- c:\program files\Common Files\Nokia
2010-07-30 08:23 . 2010-07-30 08:23 -------- d-----w- c:\program files\Nokia
2010-07-30 08:23 . 2010-07-30 08:23 -------- d-----w- c:\program files\PC Connectivity Solution
2010-07-23 10:19 . 2003-03-18 18:14 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-07-21 09:53 . 2010-07-10 18:59 -------- d-----w- c:\program files\The KMPlayer
2010-07-20 20:42 . 2010-07-09 14:35 -------- d-----w- c:\program files\WPMP150
2010-07-19 21:23 . 2010-07-19 21:23 -------- d-----w- c:\program files\VertrigoServ
2010-07-18 18:48 . 2010-07-18 18:48 -------- d-----w- c:\program files\uTorrent
2010-07-17 03:00 . 2010-07-10 18:03 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-14 18:21 . 2010-07-11 14:38 -------- d-----w- c:\program files\Nero
2010-07-14 18:17 . 2010-07-14 18:16 -------- d-----w- c:\program files\Common Files\Nero
2010-07-14 00:01 . 2010-07-09 13:13 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-07-14 00:01 . 2010-07-09 13:13 2740 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-07-13 17:39 . 2010-07-13 17:39 -------- d-----w- c:\program files\CodeBlocks
2010-07-12 21:50 . 2010-07-12 21:50 -------- d-----w- c:\program files\MSXML 4.0
2010-07-11 14:17 . 2010-07-11 14:17 -------- d-----w- c:\program files\Lavalys
2010-07-11 14:11 . 2010-07-11 13:59 -------- d-----w- c:\program files\Common Files\BioWare
2010-07-11 14:06 . 2010-07-11 14:06 -------- d-----w- c:\program files\Common Files\LightScribe
2010-07-09 17:17 . 2010-07-09 17:17 -------- d-----w- c:\program files\Common Files\VMware
2010-07-09 17:16 . 2010-07-09 17:16 -------- d-----w- c:\program files\VMware
2010-07-09 16:44 . 2010-07-09 16:44 -------- d-----w- c:\program files\MSBuild
2010-07-09 16:44 . 2010-07-09 16:44 -------- d-----w- c:\program files\Reference Assemblies
2010-07-09 16:42 . 2010-07-09 16:42 -------- d-----w- c:\program files\MSXML 6.0
2010-07-09 14:19 . 2010-07-09 14:18 -------- d-----w- c:\program files\ATI
2010-07-09 14:19 . 2010-07-09 14:18 -------- d-----w- c:\program files\ATI Technologies
2010-07-09 14:18 . 2010-07-09 14:18 0 ----a-w- c:\windows\ativpsrm.bin
2010-07-09 14:11 . 2010-07-09 14:11 -------- d-----w- c:\program files\Intel
2010-07-09 14:10 . 2010-07-09 14:10 -------- d-----w- c:\program files\Marvell
2010-07-09 14:10 . 2010-07-09 14:10 -------- d-----w- c:\program files\Realtek
2010-07-09 14:10 . 2010-07-09 14:10 -------- d-----w- c:\program files\Common Files\InstallShield
2010-07-09 13:34 . 2010-07-09 13:13 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-07-09 13:14 . 2010-07-09 13:14 -------- d-----w- c:\program files\microsoft frontpage
2010-07-09 13:11 . 2010-07-09 13:11 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2010-06-30 12:33 . 2004-08-17 13:49 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-24 12:27 . 2004-08-17 13:49 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 09:02 . 2004-08-17 13:44 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-21 15:27 . 2004-08-03 21:14 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-17 13:49 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2010-07-09 13:12 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:43 . 2004-08-17 13:49 1172480 ----a-w- c:\windows\system32\msxml3.dll
2010-05-27 17:37 . 2010-07-09 14:18 4830720 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2010-05-27 17:12 . 2010-07-09 14:18 45056 ----a-w- c:\windows\system32\aticalrt.dll
2010-05-27 17:12 . 2010-07-09 14:18 45056 ----a-w- c:\windows\system32\aticalcl.dll
2010-05-27 17:10 . 2010-07-09 14:18 4071424 ----a-w- c:\windows\system32\aticaldd.dll
2010-05-27 17:05 . 2010-07-09 14:18 15208448 ----a-w- c:\windows\system32\atioglxx.dll
2010-05-27 17:02 . 2010-07-09 14:18 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2010-05-27 16:59 . 2010-07-09 14:18 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-05-27 16:58 . 2010-07-09 14:18 299520 ----a-w- c:\windows\system32\ati2dvag.dll
2010-05-27 16:54 . 2010-07-09 14:18 3699936 ----a-w- c:\windows\system32\ati3duag.dll
2010-05-27 16:46 . 2010-07-09 14:18 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2010-05-27 16:46 . 2010-07-09 14:18 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2010-05-27 16:45 . 2010-07-09 14:18 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2010-05-27 16:45 . 2010-07-09 14:18 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-05-27 16:45 . 2010-07-09 14:18 159744 ----a-w- c:\windows\system32\ati2evxx.dll
2010-05-27 16:44 . 2010-07-09 14:18 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2010-05-27 16:43 . 2010-07-09 14:18 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2010-05-27 16:42 . 2010-07-09 14:18 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-05-27 16:41 . 2010-07-09 14:18 2256512 ----a-w- c:\windows\system32\ativvaxx.dll
2010-05-27 16:41 . 2010-07-09 14:18 887724 ----a-w- c:\windows\system32\ativva6x.dat
2010-05-27 16:41 . 2010-07-09 14:18 3 ----a-w- c:\windows\system32\ativva5x.dat
2010-05-27 16:39 . 2010-07-09 14:18 573440 ----a-w- c:\windows\system32\atikvmag.dll
2010-05-27 16:38 . 2010-07-09 14:18 184320 ----a-w- c:\windows\system32\atiadlxx.dll
2010-05-27 16:37 . 2010-07-09 14:18 17408 ----a-w- c:\windows\system32\atitvo32.dll
2010-05-27 16:35 . 2010-07-09 14:18 393216 ----a-w- c:\windows\system32\atiok3x2.dll
2010-05-27 16:33 . 2010-07-09 14:18 692224 ----a-w- c:\windows\system32\ati2cqag.dll
2010-05-27 16:29 . 2010-07-09 14:18 65536 ----a-w- c:\windows\system32\atimpc32.dll
2010-05-27 16:29 . 2010-07-09 14:18 65536 ----a-w- c:\windows\system32\amdpcom32.dll
2010-05-27 16:28 . 2010-07-09 14:18 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-05-25 21:12 . 2010-05-25 21:12 56184 ----a-w- c:\windows\system32\WBHELP2.DLL
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-04-23 16:50 66312 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2010-04-30 19523616]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"TortoiseHgOverlayIconServer"="c:\program files\TortoiseHg\TortoiseHgOverlayServer.exe" [2010-07-12 44448]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2010-03-30 1820040]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\WPMP150\\miranda32.exe"=
"c:\\Program Files\\VMware\\VMware Workstation\\vmware-authd.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"h:\\Gamez\\Dragon Age\\bin_ship\\daorigins.exe"=
"h:\\Gamez\\Dragon Age\\DAOriginsLauncher.exe"=
"h:\\Gamez\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\VertrigoServ\\Mysql\\bin\\v_mysqld.exe"=
"c:\\Program Files\\VertrigoServ\\Apache\\bin\\v_apache.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"h:\\Gamez\\WoW\\Launcher.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"d:\\Gamez\\Steam\\Steam.exe"=
"d:\\Gamez\\Steam\\SteamApps\\common\\call of duty modern warfare 2\\iw4mp.exe"=
"h:\\Gamez\\Call of Duty 4\\iw3mp.exe"=
"c:\\Program Files\\TortoiseHg\\hgtk.exe"=
"d:\\Gamez\\Steam\\SteamApps\\common\\mafia ii - public demo\\launcher.exe"=
"d:\\Gamez\\Steam\\SteamApps\\kolcek93\\counter-strike source\\hl2.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=

R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [21.5.2010 0:56 70704]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [9.7.2010 16:10 1691480]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;h:\gamez\Dragon Age\bin_ship\daupdatersvc.service.exe [11.7.2010 16:06 25832]
S3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [30.3.2010 11:16 1107336]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 2:28 47128]
S4 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [25.3.2010 14:39 490280]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 2:49 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 2:28 369688]
S4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\Common Files\VMware\USB\vmware-usbarbitrator.exe [20.5.2010 23:40 539184]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 10:11 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-08-19 c:\windows\Tasks\AdobeAAMUpdater-1.0-KOLCEKUVKOMP-Kubik.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-08-06 11:07]

2010-08-20 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1637723038-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]

2010-08-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1637723038-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-06-03 01:02]
.
.
------- Doplňkový sken -------
.
LSP: c:\program files\VMware\VMware Workstation\vsocklib.dll
.
.
------- Asociace souborů -------
.
txtfile="c:\program files\PSPad editor\PSPad.exe" "%1"
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-HijackThis - c:\documents and settings\Kubik\Plocha\HijackThis.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-08-20 23:05
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(956)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Celkový čas: 2010-08-20 23:06:20
ComboFix-quarantined-files.txt 2010-08-20 21:06

Před spuštěním: Volných bajtů: 83 628 498 944
Po spuštění: Volných bajtů: 83 689 541 632

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - BB5F4F7BD6A789E09CD7D60DAF37EF9C

#4 Příspěvek od **motji** » 20 srp 2010 22:11

Jak to vypadá s počítačem?

Kolcek93 · #5 Příspěvek od **Kolcek93** » 21 srp 2010 21:46

Zatím dlouho nic nepadlo...

#6 Příspěvek od **motji** » 21 srp 2010 22:11

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Kolcek93 · #7 Příspěvek od **Kolcek93** » 23 srp 2010 11:32

Dlouho nic nepadlo, tak snad by to mohlo být v pořádku.

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kubik at 2010-08-23 12:32:00
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 85 GB (85%) free of 100 GB
Total RAM: 3071 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:32:01, on 23.8.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\WPMP150\miranda32.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\TortoiseHg\hgtk.exe
C:\Documents and Settings\Kubik\Plocha\RSIT.exe
C:\Program Files\trend micro\Kubik.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [TortoiseHgOverlayIconServer] C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware workstation\vsocklib.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - H:\Gamez\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 5643 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-KOLCEKUVKOMP-Kubik.job
C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-515967899-1637723038-725345543-1003.job
C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-515967899-1637723038-725345543-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2010-07-23 341600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2010-04-30 19523616]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"TortoiseHgOverlayIconServer"=C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe [2010-07-12 44448]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-07-06 98304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2010-07-07 159744]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\WPMP150\miranda32.exe"="C:\Program Files\WPMP150\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe"="C:\Program Files\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"H:\Gamez\Dragon Age\bin_ship\daorigins.exe"="H:\Gamez\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"H:\Gamez\Dragon Age\DAOriginsLauncher.exe"="H:\Gamez\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"H:\Gamez\Dragon Age\bin_ship\daupdatersvc.service.exe"="H:\Gamez\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe"="C:\Program Files\VertrigoServ\Mysql\bin\v_mysqld.exe:*:Enabled:v_mysqld"
"C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe"="C:\Program Files\VertrigoServ\Apache\bin\v_apache.exe:*:Enabled:Apache HTTP Server"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"H:\Gamez\WoW\Launcher.exe"="H:\Gamez\WoW\Launcher.exe:*:Enabled:Launcher"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\Gamez\Steam\Steam.exe"="D:\Gamez\Steam\Steam.exe:*:Enabled:Steam"
"D:\Gamez\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe"="D:\Gamez\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe:*:Enabled:iw4mp"
"H:\Gamez\Call of Duty 4\iw3mp.exe"="H:\Gamez\Call of Duty 4\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\TortoiseHg\hgtk.exe"="C:\Program Files\TortoiseHg\hgtk.exe:*:Enabled:TortoiseHg GUI tools for Mercurial SCM"
"D:\Gamez\Steam\SteamApps\kolcek93\counter-strike source\hl2.exe"="D:\Gamez\Steam\SteamApps\kolcek93\counter-strike source\hl2.exe:*:Enabled:Counter-Strike: Source"
"C:\WINDOWS\system32\ftp.exe"="C:\WINDOWS\system32\ftp.exe:*:Enabled:Program pro přenos souborů"
"H:\WoW-develop\Trinity\bin\Win32_Release\authserver.exe"="H:\WoW-develop\Trinity\bin\Win32_Release\authserver.exe:*:Enabled:authserver"
"H:\WoW-develop\Trinity\bin\Win32_Release\worldserver.exe"="H:\WoW-develop\Trinity\bin\Win32_Release\worldserver.exe:*:Enabled:worldserver"
"D:\Gamez\Steam\SteamApps\common\mafia ii - public demo\launcher.exe"="D:\Gamez\Steam\SteamApps\common\mafia ii - public demo\launcher.exe:*:Enabled:Mafia II - Demo"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\VMware\VMware Workstation\vmware-authd.exe"="C:\Program Files\VMware\VMware Workstation\vmware-authd.exe:*:Enabled:VMware Authd"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======File associations======

.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2010-08-23 12:32:00 ----D---- C:\rsit
2010-08-23 12:30:26 ----SHD---- C:\RECYCLER
2010-08-22 20:51:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2010-08-22 20:49:17 ----SHD---- C:\Config.Msi
2010-08-22 18:35:28 ----D---- C:\Program Files\YouTube Downloader
2010-08-20 23:00:40 ----A---- C:\Boot.bak
2010-08-20 23:00:30 ----RASHD---- C:\cmdcons
2010-08-19 14:54:01 ----A---- C:\WINDOWS\system32\ptpusb.dll
2010-08-19 14:54:01 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2010-08-19 14:54:00 ----A---- C:\WINDOWS\system32\ptpusd.dll
2010-08-17 14:58:39 ----D---- C:\Program Files\CCleaner
2010-08-13 12:09:17 ----D---- C:\Program Files\NVIDIA Corporation
2010-08-11 23:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-08-11 23:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-08-11 23:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$
2010-08-11 23:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-08-11 23:47:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$
2010-08-11 23:47:43 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-08-11 23:46:20 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2010-08-11 23:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2010-08-10 12:36:23 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2010-08-10 12:36:22 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2010-08-10 12:36:21 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2010-08-06 16:23:02 ----A---- C:\WINDOWS\system32\libmysql_d.dll
2010-08-06 16:23:00 ----D---- C:\Program Files\PremiumSoft
2010-08-06 13:56:12 ----D---- C:\Program Files\Common Files\Java
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-06 13:56:00 ----A---- C:\WINDOWS\system32\java.exe
2010-08-06 13:28:53 ----D---- C:\Documents and Settings\Kubik\Data aplikací\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2010-08-06 13:21:10 ----D---- C:\Documents and Settings\All Users\Data aplikací\regid.1986-12.com.adobe
2010-08-06 13:17:48 ----D---- C:\Program Files\Adobe Media Player
2010-08-06 13:17:00 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-08-05 23:44:11 ----D---- C:\Program Files\LogMeIn Hamachi
2010-08-05 18:55:01 ----D---- C:\Documents and Settings\Kubik\Data aplikací\SQLyog
2010-08-05 17:51:18 ----A---- C:\WINDOWS\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.0.1600.22.dll
2010-08-05 17:51:09 ----A---- C:\WINDOWS\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.0.1600.22.dll
2010-08-05 17:50:38 ----D---- C:\WINDOWS\system32\RsFx
2010-08-05 17:48:25 ----D---- C:\Program Files\Microsoft SQL Server
2010-08-05 17:46:07 ----D---- C:\Program Files\Common Files\Merge Modules
2010-08-05 17:46:06 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2010-08-05 17:46:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-08-05 17:45:31 ----D---- C:\Program Files\Microsoft SDKs
2010-08-05 17:26:53 ----D---- C:\Program Files\SQLyog Trial
2010-08-05 17:23:46 ----D---- C:\Documents and Settings\Kubik\Data aplikací\TortoiseHg
2010-08-05 17:21:18 ----D---- C:\Program Files\TortoiseHg
2010-08-05 17:21:18 ----D---- C:\Program Files\Common Files\TortoiseOverlays
2010-08-05 14:45:39 ----D---- C:\Documents and Settings\Kubik\Data aplikací\PSpad
2010-08-05 14:45:33 ----D---- C:\Program Files\PSPad editor
2010-08-04 01:15:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-02 21:38:12 ----D---- C:\Program Files\GamePark
2010-08-02 18:21:55 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2010-08-02 18:21:55 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2010-08-02 18:21:54 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2010-08-02 18:21:53 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2010-08-02 18:21:52 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2010-08-02 18:21:51 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2010-08-02 18:21:50 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2010-08-02 18:21:49 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-08-02 18:21:48 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2010-08-02 18:21:47 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-08-02 18:14:50 ----SHD---- C:\WINDOWS\ftpcache
2010-08-02 18:13:50 ----A---- C:\WINDOWS\system32\drivers\PnkBstrK.sys
2010-08-02 18:13:50 ----A---- C:\Documents and Settings\Kubik\Data aplikací\PnkBstrK.sys
2010-08-02 18:13:34 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-08-02 18:13:33 ----D---- C:\WINDOWS\system32\LogFiles
2010-08-02 18:13:33 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-08-02 18:13:32 ----A---- C:\WINDOWS\game.ini
2010-08-02 01:03:53 ----D---- C:\Program Files\PowerArchiver
2010-08-01 21:49:13 ----D---- C:\Program Files\FDRLab
2010-07-31 00:05:49 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-07-31 00:04:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Blizzard
2010-07-30 10:25:03 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2010-07-30 10:24:42 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2010-07-30 10:24:38 ----HDC---- C:\WINDOWS\$NtUninstallWdf01009$
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\Kubik\Data aplikací\PC Suite
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\Kubik\Data aplikací\Nokia
2010-07-30 10:23:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2010-07-30 10:23:34 ----D---- C:\Program Files\Common Files\PCSuite
2010-07-30 10:23:32 ----D---- C:\Program Files\Common Files\Nokia
2010-07-30 10:23:27 ----D---- C:\Program Files\DIFX
2010-07-30 10:23:27 ----A---- C:\WINDOWS\system32\drivers\pccsmcfd.sys
2010-07-30 10:23:23 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-30 10:23:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys
2010-07-30 10:23:19 ----A---- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys
2010-07-30 10:23:18 ----A---- C:\WINDOWS\system32\drivers\ccdcmbo.sys
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\wdfcoinstaller01009.dll
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2010-07-30 10:23:17 ----A---- C:\WINDOWS\system32\drivers\ccdcmb.sys
2010-07-30 10:23:16 ----D---- C:\Program Files\Nokia
2010-07-30 10:23:16 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2010-07-30 10:22:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2010-07-29 11:12:06 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2010-07-29 11:11:59 ----D---- C:\Program Files\Common Files\Adobe
2010-07-29 11:11:59 ----D---- C:\Program Files\Adobe

======List of files/folders modified in the last 1 months======

2010-08-23 12:32:01 ----D---- C:\Program Files\trend micro
2010-08-23 12:31:11 ----D---- C:\WINDOWS
2010-08-23 12:29:44 ----D---- C:\WINDOWS\Prefetch
2010-08-23 12:28:50 ----SHD---- C:\System Volume Information
2010-08-23 12:28:50 ----D---- C:\WINDOWS\system32\Restore
2010-08-23 09:47:31 ----D---- C:\WINDOWS\Temp
2010-08-23 02:11:23 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-08-22 20:51:28 ----D---- C:\WINDOWS\system32
2010-08-22 20:50:03 ----SHD---- C:\WINDOWS\Installer
2010-08-22 20:49:56 ----D---- C:\Program Files\ATI Technologies
2010-08-22 20:48:36 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-22 20:48:29 ----D---- C:\WINDOWS\system32\drivers
2010-08-22 20:48:16 ----HD---- C:\WINDOWS\inf
2010-08-22 20:48:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-08-22 20:48:09 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-22 20:22:07 ----D---- C:\Documents and Settings\Kubik\Data aplikací\codeblocks
2010-08-22 18:35:28 ----AD---- C:\Program Files
2010-08-22 01:16:29 ----D---- C:\Documents and Settings\Kubik\Data aplikací\uTorrent
2010-08-20 23:05:58 ----SD---- C:\WINDOWS\Tasks
2010-08-20 23:05:11 ----A---- C:\WINDOWS\system.ini
2010-08-20 23:05:04 ----D---- C:\WINDOWS\system32\drivers\etc
2010-08-20 23:04:03 ----D---- C:\WINDOWS\AppPatch
2010-08-20 23:04:00 ----D---- C:\Program Files\Common Files
2010-08-20 23:00:41 ----RASH---- C:\boot.ini
2010-08-19 16:56:59 ----D---- C:\Documents and Settings\Kubik\Data aplikací\Adobe
2010-08-17 15:00:57 ----D---- C:\WINDOWS\Debug
2010-08-17 12:47:11 ----D---- C:\WINDOWS\Microsoft.NET
2010-08-17 02:30:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-17 02:30:09 ----RSD---- C:\WINDOWS\assembly
2010-08-17 02:30:06 ----D---- C:\WINDOWS\WinSxS
2010-08-15 13:15:14 ----D---- C:\Program Files\Opera
2010-08-11 23:49:58 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-11 23:47:59 ----D---- C:\Program Files\Internet Explorer
2010-08-11 23:47:53 ----D---- C:\WINDOWS\ie8updates
2010-08-11 23:46:21 ----D---- C:\Program Files\Movie Maker
2010-08-10 12:36:24 ----D---- C:\WINDOWS\system32\DirectX
2010-08-06 13:55:58 ----D---- C:\Program Files\Java
2010-08-06 13:18:08 ----RSD---- C:\WINDOWS\Fonts
2010-08-05 17:50:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-05 17:50:04 ----D---- C:\WINDOWS\system32\1033
2010-08-05 17:49:56 ----D---- C:\Program Files\Microsoft.NET
2010-08-05 17:47:48 ----SD---- C:\Documents and Settings\Kubik\Data aplikací\Microsoft
2010-08-05 17:47:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-08-03 20:09:31 ----A---- C:\WINDOWS\system32\MRT.exe
2010-08-02 21:37:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-27 08:30:31 ----A---- C:\WINDOWS\system32\shell32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 hcmon;VMware hcmon; \??\C:\WINDOWS\system32\drivers\hcmon.sys []
R2 vmci;VMware vmci; \??\C:\WINDOWS\system32\Drivers\vmci.sys []
R2 VMnetBridge;VMware Bridge Protocol; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [2010-05-21 32688]
R2 VMnetuserif;VMware Network Application Interface; \??\C:\WINDOWS\system32\drivers\vmnetuserif.sys []
R2 VMparport;VMware VMparport; \??\C:\WINDOWS\system32\Drivers\VMparport.sys []
R2 vmx86;VMware vmx86; \??\C:\WINDOWS\system32\Drivers\vmx86.sys []
R2 vstor2-ws60;Vstor2 WS60 Virtual Storage Driver; \??\C:\Program Files\VMware\VMware Workstation\vstor2-ws60.sys []
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2010-07-07 5069312]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-10-31 93184]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2010-02-03 26176]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2010-04-30 6032928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 vmkbd;VMware kbd; \??\C:\WINDOWS\system32\drivers\VMkbd.sys []
R3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys [2010-05-20 16560]
R3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-11-22 250496]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2010-07-07 602112]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; H:\Gamez\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
S3 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-08-16 75064]
S3 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-08-16 219128]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-03-25 490280]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]
S4 ufad-ws60;VMware Agent Service; C:\Program Files\VMware\VMware Workstation\vmware-ufad.exe [2010-04-27 191024]
S4 VMAuthdService;VMware Authorization Service; C:\Program Files\VMware\VMware Workstation\vmware-authd.exe [2010-05-21 113200]
S4 VMnetDHCP;VMware DHCP Service; C:\WINDOWS\system32\vmnetdhcp.exe [2010-05-21 334384]
S4 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [2010-05-20 539184]
S4 VMware NAT Service;VMware NAT Service; C:\WINDOWS\system32\vmnat.exe [2010-05-21 399920]

-----------------EOF-----------------

#8 Příspěvek od **motji** » 23 srp 2010 20:43

Nevidím antivir

Kolcek93 · #9 Příspěvek od **Kolcek93** » 23 srp 2010 22:52

Ani není. Vždy když jsem doteď chytl nějakej vir, tak antivir mi moc nepomohl... Navíc nějak moc nezkouším podezřelý programy.

#10 Příspěvek od **motji** » 23 srp 2010 23:01

Ale přece jen Vám může anivir ochránit počítač. Doporučila bych ho doinstallovat.

Kolcek93 · #11 Příspěvek od **Kolcek93** » 24 srp 2010 14:25

Aha. Tak teď mi zase explorer spadnul

#12 Příspěvek od **motji** » 24 srp 2010 15:23

Tento program znáte?
C:\Program Files\TortoiseHg

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT

-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

Kolcek93 · #13 Příspěvek od **Kolcek93** » 10 zář 2010 18:21

Omlouvám se neměl jsem teď nějak čas. MBAM jsem stáhnul a teď skenuji

Ale jak tak MBAM znám, tak to bude tak zítra

#14 Příspěvek od **motji** » 10 zář 2010 18:46

Kolcek93 · #15 Příspěvek od **Kolcek93** » 10 zář 2010 19:21

Takže tady je log z MBAMu.
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 4590

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10.9.2010 20:19:40
mbam-log-2010-09-10 (20-19-40).txt

Typ skenu: Úplný sken (C:\|D:\|E:\|H:\|)
Skenované objekty: 422910
Uplynulý čas: 59 minuta(y), 24 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 56

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Documents and Settings\Kubik\Plocha\mafia.2.no.time.limit.patch.exe (RiskWare.Tool.CK) -> No action taken.
D:\Hack\IE Passviewer\iepv.exe (Malware.Tool) -> No action taken.
D:\Hack\Netcat\nc.exe (Backdoor.NetCat) -> No action taken.
D:\jd\downloads\VMware Workstation 6.0.3 Build 80004\keygen.exe (Malware.Tool) -> No action taken.
D:\System Volume Information\_restore{41F9A19F-CC13-41F3-A993-2B3BC9394873}\RP434\A0168386.exe (Trojan.Bancos) -> No action taken.
D:\Upload\AAE\Adobe After Effects CS3 Pro\AlphaStar v1.0.2 for AE\Panopticum.AlphaStar.v1.x.for.AE.keygen.exe (Malware.Packer.Gen) -> No action taken.
D:\Upload\Adobe AFter Effects CS4\AAECS4-byKolcek93\Adobe CS4\keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\Upload\Adobe AFter Effects CS4\AAECS4-byKolcek93\Adobe.All.Products.v1.01.Keymaker.Only-CORE\keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\Upload\Adobe AFter Effects CS4\AAECS4-byKolcek93\ADOBECS4 LICENSE MANAGER v1.0\AdobeCS4 LIC.exe (Trojan.Agent) -> No action taken.
D:\Upload\C4D\PARADOX\keygen.exe (Trojan.Downloader) -> No action taken.
D:\JDownloader 0.7\downloads\AdobeCS4 LIC x86.exe (Trojan.Agent) -> No action taken.
D:\JDownloader 0.7\downloads\AEF\Adobe CS4\keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\JDownloader 0.7\downloads\AEF\Adobe.All.Products.v1.01.Keymaker.Only-CORE\keygen.exe (RiskWare.Tool.CK) -> No action taken.
D:\JDownloader 0.7\downloads\AEF\ADOBECS4 LICENSE MANAGER v1.0\AdobeCS4 LIC.exe (Trojan.Agent) -> No action taken.
D:\JDownloader 0.7\downloads\Autodesk_3ds_Max_2010_English_WIN_32_64\Crack Autodesk.v2010\32bit\xf-a2010.exe (Trojan.Agent) -> No action taken.
D:\JDownloader 0.7\downloads\Autodesk_3ds_Max_2010_English_WIN_32_64\Crack Autodesk.v2010\x64\xf-a2010.exe (Trojan.Agent.CK) -> No action taken.
D:\JDownloader 0.7\downloads\CollectionKeyFinal\adobe-master-cs4-keygen.exe (Trojan.Downloader) -> No action taken.
D:\JDownloader 0.7\downloads\Sony.Products.Multikeygen.v1.5.Keygen.Only-DI\Keygen.exe (Trojan.Agent.CK) -> No action taken.
D:\masm32\examples\dialogs\calender\calender.exe (Malware.Packer) -> No action taken.
D:\masm32\examples\dialogs\tests\tests.exe (Malware.Packer) -> No action taken.
D:\masm32\examples\exampl05\qeplugin\qeplugin.dll (Spyware.Passwords) -> No action taken.
D:\masm32\examples\exampl06\regdemo\regdemo.exe (Trojan.Downloader) -> No action taken.
D:\masm32\tools\makecimp\vcrtdemo\vcrtdemo.exe (Trojan.Downloader) -> No action taken.
D:\masm32\tutorial\dlltute\dll\dlltute.dll (Spyware.Passwords) -> No action taken.
D:\Download\DivX4Win.7.0.0\DivX.for.Windows.7.0.0.FFF\CURE.FFF\Keygen_FFF.exe (Trojan.Agent) -> No action taken.
D:\Download\Sony.Products.Multikeygen.v1.5.Keygen.Only-DI\Keygen.exe (Trojan.Agent.CK) -> No action taken.
D:\flashka\cain\ca_setup.exe (HackTool.Cain) -> No action taken.
E:\hack\Brutus\BrutusA2.exe (HackTool.Brutus) -> No action taken.
E:\hack\Sniffing\ca_setup.exe (HackTool.Cain) -> No action taken.
E:\hack\VMware Workstation 6.0.3 Build 80004\keygen.exe (Malware.Tool) -> No action taken.
E:\Kolcek93\Adobe After effect 7 pro[W-Fx41]\CRACK\KEYGEN.EXE (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe CS3 Web Premium Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Acrobat 3D 8.1.0 Keygen.EXE (Trojan.Downloader) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Acrobat 8 Pro Keygen.exe (Backdoor.Bot) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe After Effects CS3 Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Audition 2.0 Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Captivate 3 Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Contribute CS3 VLK.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe CS3 Design Premium Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe DreamWeaver CS3 Keygen + Activation.exe (Trojan.Horst) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe DreamWeaver CS3 Keygen.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe DreamWeaver CS3 VLK Keygen.exe (Trojan.Crax) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Fireworks CS3 VLK Keygen.exe (RiskWare.Tool.CK) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Flash CS3 Keygen.exe (Trojan.Agent.CK) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe GoLive CS3 Keygen.exe (Trojan.Downloader) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe InDesign CS3 VLK Keygen.exe (Trojan.Agent.CK) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Master CS3 Keygen.exe (Malware.Tool) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Photoshop CS3 Extended Keygen + Activation.exe (TrojanProxy.Horst) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Photoshop CS3 Keygen.exe (RiskWare.Tool.CK) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Photoshop CS3 Patch.ExE (HackTool.Patcher) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe SoundBooth CS3 Keygen.exe (Trojan.Horst) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\Adobe\Adobe Web Premium CS3 Keygen + Activation.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Adobe After Effect CS3\After Effects CS3\After Effects CS3.exe (Trojan.Agent) -> No action taken.
E:\Kolcek93\Backup\BitLord\Downloads\Quick Time\keygen.exe (Trojan.Downloader) -> No action taken.
E:\Kolcek93\MAXON_CINEMA_4D_Studio_Bundle_v11.008_Incl_Keygen-PARADOX\PARADOX\keygen.exe (Trojan.Downloader) -> No action taken.
E:\System Volume Information\_restore{CA851BB8-3B38-4DC7-AF34-A365DC0B7B08}\RP164\A0036323.exe (Trojan.Downloader) -> No action taken.

//edit koukám samý zdravý věci tu mám

VIRY.CZ

Prosím o kontrolu - padá explorer.exe

Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe

Re: Prosím o kontrolu - padá explorer.exe