Logfile of random's system information tool 1.08 (written by random/random)
Run by digiart at 2010-09-27 12:05:30
Microsoft Windows 7 Ultimate
System drive C: has 437 GB (72%) free of 610 GB
Total RAM: 2046 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:05:40, on 27.9.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Lexmark X1100 Series\LXBKbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\MSI Afterburner\MSIAfterburner.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\Users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\digiart\Desktop\RSIT.exe
C:\Program Files\trend micro\digiart.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.magentic.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [lxbkbmgr.exe] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [MSIAfterburner] "C:\Program Files\MSI Afterburner\MSIAfterburnerWrapper.exe" /s
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Core Temp] "C:\Program Files\Core Temp\Core Temp.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MSI Afterburner.lnk = C:\Program Files\MSI Afterburner\MSIAfterburner.exe
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
--
End of file - 10429 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL [2010-07-31 54704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}]
SnagIt Toolbar Loader - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll [2008-11-06 68936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-31 775696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-07-09 149968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype add-on for Internet Explorer - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - Snagit - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll [2008-11-06 211272]
{855F3B16-6D32-4fe6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-03-28 1017592]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2009-11-25 297808]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2010-07-31 775696]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast5"=C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-09-07 2838912]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-05-27 98304]
"lxbkbmgr.exe"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2008-02-28 74408]
"EasyTuneVPro"=C:\Program Files\Gigabyte\ET5Pro\ETcall.exe [2007-07-26 20480]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2009-09-12 2524416]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-06-25 7547424]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-31 32849]
"MSIAfterburner"=C:\Program Files\MSI Afterburner\MSIAfterburnerWrapper.exe [2010-06-07 44344]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-03-04 311296]
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2010-07-31 28783]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Core Temp"=C:\Program Files\Core Temp\Core Temp.exe [2010-06-27 424464]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-01-09 2262352]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2010-09-06 353736]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2010-07-31 32849]
C:\Users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MSI Afterburner.lnk - C:\Program Files\MSI Afterburner\MSIAfterburner.exe
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoResolveSearch"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-27 12:05:31 ----D---- C:\Program Files\trend micro
2010-09-27 12:05:30 ----D---- C:\rsit
2010-09-27 02:38:00 ----D---- C:\Program Files\Tomb Raider
2010-09-26 18:49:05 ----D---- C:\Program Files\Orbitron
2010-09-26 18:20:11 ----D---- C:\Users\digiart\AppData\Roaming\vlc
2010-09-21 16:53:50 ----A---- C:\Windows\FIN2.cmd
2010-09-21 16:53:50 ----A---- C:\Windows\FIN.cmd
2010-09-21 16:53:39 ----D---- C:\TokensBackup
2010-09-19 16:10:32 ----RA---- C:\Windows\system32\tmpD38E.tmp
2010-09-19 15:55:00 ----RA---- C:\Windows\system32\tmp9A55.tmp
2010-09-19 15:52:02 ----D---- C:\Program Files\Common Files\Steam
2010-09-19 15:51:26 ----RA---- C:\Windows\system32\tmp5386.tmp
2010-09-19 15:51:24 ----A---- C:\Windows\system32\XAudio2_6.dll
2010-09-19 15:51:24 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2010-09-19 15:51:24 ----A---- C:\Windows\system32\xactengine3_6.dll
2010-09-19 15:51:24 ----A---- C:\Windows\system32\xactengine3_5.dll
2010-09-19 15:51:24 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2010-09-19 15:51:24 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2010-09-19 15:51:22 ----A---- C:\Windows\system32\d3dcsx_42.dll
2010-09-19 15:51:20 ----A---- C:\Windows\system32\d3dx11_42.dll
2010-09-19 15:51:20 ----A---- C:\Windows\system32\d3dx10_42.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-09-19 15:51:17 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-09-19 12:30:03 ----D---- C:\ProgramData\Screentime
2010-09-18 23:50:10 ----SHD---- C:\Config.Msi
2010-09-17 21:58:34 ----D---- C:\Users\digiart\AppData\Roaming\Feedreader
2010-09-17 21:58:32 ----D---- C:\Program Files\FeedReader30
2010-09-16 19:44:22 ----D---- C:\ProgramData\ProcessLasso
2010-09-16 19:44:15 ----HD---- C:\Program Files\Process Lasso
2010-09-15 22:35:56 ----D---- C:\Users\digiart\AppData\Roaming\Scribus
2010-09-15 17:54:06 ----A---- C:\Windows\system32\iertutil.dll
2010-09-15 17:28:15 ----D---- C:\Program Files\Scribus 1.3.7
2010-09-15 16:56:21 ----D---- C:\wamp
2010-09-15 05:45:18 ----A---- C:\Windows\system32\spoolsv.exe
2010-09-14 16:47:40 ----D---- C:\Users\digiart\AppData\Roaming\Vivox
2010-09-13 19:03:01 ----D---- C:\ProgramData\PMB Files
2010-09-13 19:02:45 ----D---- C:\Program Files\Pando Networks
2010-09-10 12:11:00 ----D---- C:\Users\digiart\AppData\Roaming\Quark
2010-09-10 12:09:21 ----D---- C:\ProgramData\Quark
2010-09-10 12:09:21 ----D---- C:\Program Files\Quark
2010-09-10 11:54:44 ----D---- C:\Program Files\QuickTime
2010-09-10 11:54:30 ----D---- C:\ProgramData\Apple Computer
2010-09-10 01:51:37 ----D---- C:\Program Files\Pixarra
2010-09-09 19:22:20 ----D---- C:\Program Files\Raven
2010-09-09 19:21:18 ----A---- C:\Windows\EF.ini
2010-09-08 22:03:51 ----D---- C:\Program Files\Common Files\Oberon Media
2010-09-08 22:03:50 ----D---- C:\Program Files\Oberon Media
2010-09-08 22:03:50 ----D---- C:\Program Files\IncrediGames
2010-09-06 21:53:49 ----D---- C:\Users\digiart\AppData\Roaming\magentictb
2010-09-06 21:53:47 ----D---- C:\Program Files\magentictb
2010-09-06 21:26:46 ----D---- C:\ProgramData\IncrediMail
2010-09-06 21:26:45 ----D---- C:\ProgramData\IM
2010-09-06 21:26:45 ----D---- C:\Program Files\IncrediMail
2010-09-04 16:20:03 ----D---- C:\Users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 16:15:17 ----D---- C:\Program Files\Sierra
2010-09-04 16:04:18 ----D---- C:\Program Files\PowerISO
2010-09-03 17:07:52 ----D---- C:\ProgramData\Bitstream
2010-09-01 22:06:04 ----D---- C:\Program Files\ALCPU
2010-09-01 21:08:57 ----D---- C:\ProgramData\M-Photo
2010-09-01 21:00:55 ----D---- C:\CDSM
2010-09-01 21:00:50 ----A---- C:\Windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-09-01 20:57:23 ----A---- C:\setup.exe
2010-08-31 22:56:27 ----D---- C:\Users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 22:56:24 ----D---- C:\Program Files\Net Meter Pro
2010-08-31 21:03:08 ----D---- C:\Program Files\CPU Speed Pro
2010-08-29 02:34:20 ----D---- C:\ABRAG1
2010-08-29 02:33:46 ----D---- C:\Program Files\Firebird
2010-08-29 02:06:01 ----D---- C:\Program Files\OKsystem
2010-08-29 02:06:01 ----A---- C:\Windows\polite.ini
======List of files/folders modified in the last 1 months======
2010-09-27 12:05:41 ----D---- C:\Windows\Temp
2010-09-27 12:05:40 ----D---- C:\Windows\Prefetch
2010-09-27 12:05:31 ----D---- C:\Program Files
2010-09-27 10:58:43 ----D---- C:\ProgramData\BOINC
2010-09-27 10:56:20 ----D---- C:\Windows\system32\drivers
2010-09-27 10:56:15 ----D---- C:\Program Files\MSI Afterburner
2010-09-27 09:57:04 ----D---- C:\Windows\system32\wdi
2010-09-27 00:06:02 ----D---- C:\Windows\system32\config
2010-09-26 23:50:45 ----D---- C:\Windows\System32
2010-09-26 22:28:34 ----D---- C:\Users\digiart\AppData\Roaming\dvdcss
2010-09-26 21:18:17 ----D---- C:\Users\digiart\AppData\Roaming\Skype
2010-09-26 19:00:25 ----SHD---- C:\System Volume Information
2010-09-26 16:02:55 ----D---- C:\Users\digiart\AppData\Roaming\skypePM
2010-09-25 22:28:41 ----D---- C:\Users\digiart\AppData\Roaming\ICQ
2010-09-25 01:00:44 ----D---- C:\Users\digiart\AppData\Roaming\eM Client
2010-09-22 13:29:51 ----A---- C:\Windows\Lexstat.ini
2010-09-21 16:53:56 ----D---- C:\Windows\system32\nb-NO
2010-09-21 16:53:55 ----D---- C:\Windows\system32\de-DE
2010-09-21 16:53:54 ----D---- C:\Windows\system32\cs-CZ
2010-09-21 16:53:50 ----D---- C:\Windows
2010-09-21 16:52:48 ----D---- C:\Windows\system32\oobe
2010-09-21 14:31:41 ----D---- C:\temp
2010-09-20 19:09:10 ----D---- C:\World of Warcraft
2010-09-20 19:05:47 ----A---- C:\ZendOptimizer_errors.txt
2010-09-19 17:09:59 ----SHD---- C:\Windows\Installer
2010-09-19 17:09:50 ----D---- C:\Program Files\Google
2010-09-19 16:10:33 ----A---- C:\Windows\system32\wrap_oal.dll
2010-09-19 16:10:32 ----A---- C:\Windows\system32\OpenAL32.dll
2010-09-19 16:10:14 ----RSD---- C:\Windows\assembly
2010-09-19 15:52:02 ----D---- C:\Program Files\Common Files
2010-09-19 15:50:00 ----D---- C:\Windows\winsxs
2010-09-19 12:30:03 ----D---- C:\ProgramData
2010-09-19 00:32:26 ----D---- C:\Program Files\Common Files\Corel
2010-09-19 00:03:41 ----D---- C:\Program Files\Miranda Micro 0.1
2010-09-18 23:57:48 ----D---- C:\Program Files\Common Files\microsoft shared
2010-09-18 23:57:13 ----D---- C:\Windows\inf
2010-09-18 23:55:44 ----D---- C:\Program Files\BoincLogX
2010-09-18 23:54:52 ----D---- C:\Program Files\FahMon
2010-09-18 23:53:18 ----D---- C:\Users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 23:50:53 ----HD---- C:\Program Files\InstallShield Installation Information
2010-09-18 23:47:49 ----D---- C:\Program Files\thriXXX
2010-09-18 23:45:18 ----D---- C:\Windows\system32\catroot2
2010-09-18 23:43:50 ----D---- C:\Program Files\PopTray
2010-09-18 20:15:45 ----D---- C:\Users\digiart\AppData\Roaming\Adobe
2010-09-16 21:24:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-09-16 16:49:37 ----D---- C:\Program Files\Ashampoo
2010-09-16 16:47:53 ----D---- C:\Users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 14:57:35 ----D---- C:\Program Files\Venetica
2010-09-15 21:41:14 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-15 17:54:38 ----A---- C:\Windows\system32\MRT.exe
2010-09-15 17:54:12 ----D---- C:\Windows\system32\catroot
2010-09-14 09:51:52 ----D---- C:\Users\digiart\AppData\Roaming\AIMP
2010-09-14 00:14:37 ----D---- C:\ProgramData\Adobe
2010-09-13 16:27:51 ----D---- C:\Users\digiart\AppData\Roaming\FileZilla
2010-09-11 18:15:10 ----D---- C:\Windows\Tasks
2010-09-11 18:15:10 ----D---- C:\Windows\system32\Tasks
2010-09-11 18:11:25 ----D---- C:\Program Files\ATI
2010-09-11 18:10:31 ----D---- C:\Windows\system32\DriverStore
2010-09-11 09:35:52 ----D---- C:\Windows\system32\FxsTmp
2010-09-10 11:56:18 ----D---- C:\Program Files\Internet Explorer
2010-09-09 01:31:33 ----D---- C:\Program Files\Hard Disk Sentinel
2010-09-08 22:28:57 ----AD---- C:\ProgramData\TEMP
2010-09-08 19:08:46 ----D---- C:\Program Files\BOINC
2010-09-07 17:11:54 ----A---- C:\Windows\system32\aswBoot.exe
2010-09-07 16:00:35 ----D---- C:\Windows\system32\oodag
2010-09-03 17:43:02 ----RSD---- C:\Windows\Fonts
2010-09-02 14:57:08 ----D---- C:\Users\digiart\AppData\Roaming\SQLyog
2010-09-02 08:32:17 ----D---- C:\Users\digiart\AppData\Roaming\Ahead
2010-09-01 21:55:18 ----SD---- C:\Users\digiart\AppData\Roaming\Microsoft
2010-08-30 19:45:25 ----A---- C:\Windows\ODBC.INI
2010-08-30 19:44:48 ----D---- C:\Users\digiart\AppData\Roaming\Folding@home-gpu
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-21 691696]
R0 timounter;Acronis True Image Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-06-25 441760]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-09-07 23376]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-11-02 56572]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-09-07 17744]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2009-11-16 50704]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2010-06-25 44384]
R2 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-24 14416]
R3 ALSysIO;ALSysIO; \??\C:\Users\digiart\AppData\Local\Temp\ALSysIO.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
R3 ET5Drv;ET5Drv; \??\C:\Windows\system32\Drivers\ET5Drv.sys [2007-10-11 30008]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-09-26 17488]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-06-25 2375776]
R3 RTCore32;RTCore32; \??\C:\Program Files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-23 7168]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 cpuz132;cpuz132; \??\C:\Users\digiart\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2010-06-25 17488]
S3 gHidPnp;USB Device Enhanced Function Driver; C:\Windows\System32\Drivers\gHidPnp.Sys []
S3 gMouPS2;PS2 Scroll Mouse Device; C:\Windows\system32\DRIVERS\gMouPS2.sys []
S3 gMouUsb;USB Mouse Device Drv; C:\Windows\system32\DRIVERS\gMouUsb.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2010-08-18 25280]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.23\RivaTuner32.sys []
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0); C:\Windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-05-05 172032]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
R2 lxbk_device;lxbk_device; C:\Windows\system32\lxbkcoms.exe [2008-02-19 537256]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2010-07-31 28762]
R2 O&O Defrag;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2009-09-12 1488128]
R2 ProtexisLicensing;ProtexisLicensing; C:\Windows\system32\PSIService.exe [2007-06-05 177704]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 DES2 Service;DES2 Service for Energy Saving.; C:\Program Files\GIGABYTE\EnergySaver2\des2svr.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-18 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-23 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu RSIT, předem moc dík.
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Prosím o kontrolu logu RSIT, předem moc dík.
Jsem zapojen do systému BOINC
Preferuji
a 
, 
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Zdravim a pekny pod$vecer preji 
Vas log se studuje
a pracuje se na nem 
.
Prosim o strpeni!
Vas log se studuje
a pracuje se na nem .Prosim o strpeni!
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu RSIT, předem moc dík.
Tolik bordelu se da kde prosim nakoupit 
Spustte HJT a provedeme fixnuti polozek
Stahnete na plochu RKill http://download.bleepingcomputer.com/grinler/rkill.com
Nize je navod na ComboFix - pri jeho stahovani jej ulozte jako Beruska.com
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Spustte HJT a provedeme fixnuti polozek
- HJT najdete zde C:\Program Files\trend micro\digiart.exe
- Otevre se Vam okno, kliknete na Do a system scan only
- V dalsim okne najdete radky které jsem Vam vypsal nize, vedle nich je ctverecek, do ktereho udelate zatrzitko
- R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.magentic.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL - Kliknete na Fix checked (vlevo dole)
- HJT se Vas zepta zda opravdu ANO, s tim souhlasite a je hotovo
Stahnete na plochu RKill http://download.bleepingcomputer.com/grinler/rkill.com
- Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
- Spustte tradicne dvojklikem - program probehne temer okamzite a ukonci i svou cinnost
- RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
- V zadnem pripade ted nerestartujte PC - prisli byste o ucinek RKillu
Nize je navod na ComboFix - pri jeho stahovani jej ulozte jako Beruska.comPROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Vložte do PC vsechny USB klice (flash disky, ext.disky apod.)
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
ComboFix 10-09-26.04 - digiart 27.09.2010 18:06:46.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1310 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 16:17 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 01:39 . 2010-09-27 08:28 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 01:39 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\slots\1\brook32.dll
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-27 00:44 . 2010-09-27 00:46 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:38 . 2010-09-27 14:22 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-23 05:17 . 2010-09-26 16:36 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-23 05:17 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\slots\0\brook32.dll
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-17 09:14 . 2010-08-13 01:39 11031552 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\ap_5.06_x86_SSE2_Brook_OpenCL_ATI_r449.exe
2010-09-17 09:14 . 2009-10-26 17:25 102400 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\brook_cal.dll
2010-09-17 09:14 . 2009-10-26 17:24 151552 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\brook.dll
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-09 12:28 . 2010-09-09 12:29 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:28 . 2010-09-09 12:29 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-08-05 20:10 411648 ----a-w- c:\users\digiart\AppData\Roaming\magentictb\incredimail1_0dn.exe
2010-09-06 19:53 . 2010-08-05 16:13 356864 ----a-w- c:\users\digiart\AppData\Roaming\magentictb\incredimail1_0dn.dll
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 13:02 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 12:59 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:58 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 08:56 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2010-08-26 23:14 . 2010-08-26 21:06 -------- d-----w- c:\users\digiart\AppData\Roaming\PSpad
2010-08-26 21:06 . 2010-08-26 21:06 -------- d-----w- c:\program files\PSPad editor
2010-08-25 17:21 . 2010-08-25 17:21 -------- d-----w- c:\users\digiart\AppData\Roaming\ct24crawl
2010-08-25 14:39 . 2010-08-09 23:34 -------- d-----w- c:\program files\ICQ7.2
2010-08-24 07:40 . 2010-08-24 07:40 2995712 ----a-w- c:\programdata\BOINC\projects\abcathome.com\abc_sieve_2.10_windows_intelx86.exe
2010-08-23 13:20 . 2010-08-21 07:17 448600 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-1-1a_upx.dll
2010-08-23 13:20 . 2010-08-21 07:17 406016 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
2010-08-21 14:06 . 2010-08-21 07:17 267776 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
2010-08-19 20:00 . 2010-06-21 18:33 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-08-18 21:39 . 2010-08-18 18:54 -------- d-----w- c:\users\digiart\AppData\Roaming\Hamachi
2010-08-18 19:30 . 2010-08-18 19:30 -------- d-----w- c:\programdata\FLEXnet
2010-08-18 18:54 . 2010-08-18 18:54 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-08-18 17:56 . 2010-08-18 17:56 -------- d-----w- c:\programdata\ALM
2010-08-18 17:55 . 2010-08-18 17:55 -------- d-----w- c:\program files\Bonjour
2010-08-18 17:55 . 2010-06-21 19:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-18 17:46 . 2010-08-18 17:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-08-18 17:23 . 2010-08-18 17:22 -------- d-----w- c:\program files\HD Tune Pro
2010-08-18 17:22 . 2010-08-18 17:22 -------- d-----w- c:\users\digiart\AppData\Roaming\HD Tune Pro
2010-08-18 13:34 . 2010-08-18 13:34 -------- d-----w- c:\program files\Webteh
2010-08-18 11:30 . 2010-08-18 11:30 -------- d-----w- c:\program files\EA GAMES
2010-08-18 11:23 . 2010-08-18 11:23 -------- d-----w- c:\program files\Codemasters
2010-08-18 10:05 . 2010-08-18 10:05 -------- d-----w- c:\program files\Rockstar Games
2010-08-17 22:53 . 2010-08-17 22:53 339968 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.09_windows_intelx86__ati13ati.exe
2010-08-17 22:53 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\brook32_v3_cal13ati.dll
2010-08-16 20:32 . 2010-08-16 20:32 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-16 20:32 . 2010-08-16 20:32 -------- d--h--r- c:\users\digiart\AppData\Roaming\SecuROM
2010-08-14 10:53 . 2010-06-25 16:41 -------- d-----w- c:\program files\Common Files\Acronis
2010-08-14 10:53 . 2010-06-25 16:41 -------- d-----w- c:\program files\Acronis
2010-08-14 10:50 . 2010-08-14 10:45 -------- d-----w- c:\program files\Chameleon Startup Manager Free Edition 2
2010-08-14 10:46 . 2010-08-14 10:46 -------- d-----w- c:\users\digiart\AppData\Roaming\NeoSoftTools
2010-08-14 10:46 . 2010-08-14 10:46 -------- d-----w- c:\programdata\NeoSoftTools
2010-08-11 22:25 . 2010-08-11 10:25 -------- d-----w- c:\users\digiart\AppData\Roaming\DivX
2010-08-11 14:24 . 2010-08-11 13:23 -------- d-----w- c:\programdata\Norton
2010-08-11 14:24 . 2010-08-11 13:23 -------- d-----w- c:\programdata\Symantec
2010-08-11 13:23 . 2010-08-11 13:23 -------- d-----w- c:\programdata\NortonInstaller
2010-08-11 10:30 . 2010-08-11 10:30 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-11 10:30 . 2010-08-11 10:23 -------- d-----w- c:\programdata\DivX
2010-08-11 10:25 . 2010-08-11 10:25 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:23 -------- d-----w- c:\program files\DivX
2010-08-11 10:25 . 2010-08-11 10:25 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:25 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:25 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-08-11 10:23 . 2010-08-11 10:25 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-08-11 10:23 . 2010-08-11 10:25 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-08-10 20:56 . 2010-08-10 20:56 -------- d-----w- c:\users\digiart\AppData\Roaming\RigNRoll_eng
2010-08-10 20:55 . 2010-08-10 20:55 -------- d-----w- c:\program files\OpenAL
2010-08-10 20:30 . 2010-08-10 20:30 -------- d-----w- c:\program files\1C Company
2010-08-10 13:34 . 2010-07-06 16:11 -------- d-----w- c:\program files\OLYMPUS
2010-08-10 13:32 . 2010-08-08 17:38 -------- d-----w- c:\program files\Share Rapid Uploader
2010-08-10 13:29 . 2010-07-18 21:29 -------- d-----w- c:\program files\CPUID
2010-08-10 13:15 . 2010-08-09 22:56 -------- d-----w- c:\program files\Valusoft
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:04]
2010-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.magentic.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.apd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.arw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bmp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cr2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.crw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcr"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dng"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.gif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpe"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpeg"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mrw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.nef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.orf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-3206388712-2485161940-1246515707-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.png"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sr2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.srf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tiff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-09-27 18:21:14
ComboFix-quarantined-files.txt 2010-09-27 16:21
ComboFix2.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 463 574 646 784
Po spuštění: Volných bajtů: 467 500 204 032
- - End Of File - - 7F405213E34207B8F0156010F4616669
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1310 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
.
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 16:17 . 2010-09-27 16:17 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 16:17 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 01:39 . 2010-09-27 08:28 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 01:39 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\slots\1\brook32.dll
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-27 00:44 . 2010-09-27 00:46 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:38 . 2010-09-27 14:22 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-23 05:17 . 2010-09-26 16:36 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-23 05:17 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\slots\0\brook32.dll
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-17 09:14 . 2010-08-13 01:39 11031552 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\ap_5.06_x86_SSE2_Brook_OpenCL_ATI_r449.exe
2010-09-17 09:14 . 2009-10-26 17:25 102400 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\brook_cal.dll
2010-09-17 09:14 . 2009-10-26 17:24 151552 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\brook.dll
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-09 12:28 . 2010-09-09 12:29 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:28 . 2010-09-09 12:29 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-08-05 20:10 411648 ----a-w- c:\users\digiart\AppData\Roaming\magentictb\incredimail1_0dn.exe
2010-09-06 19:53 . 2010-08-05 16:13 356864 ----a-w- c:\users\digiart\AppData\Roaming\magentictb\incredimail1_0dn.dll
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 13:02 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 12:59 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:58 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 08:56 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2010-08-26 23:14 . 2010-08-26 21:06 -------- d-----w- c:\users\digiart\AppData\Roaming\PSpad
2010-08-26 21:06 . 2010-08-26 21:06 -------- d-----w- c:\program files\PSPad editor
2010-08-25 17:21 . 2010-08-25 17:21 -------- d-----w- c:\users\digiart\AppData\Roaming\ct24crawl
2010-08-25 14:39 . 2010-08-09 23:34 -------- d-----w- c:\program files\ICQ7.2
2010-08-24 07:40 . 2010-08-24 07:40 2995712 ----a-w- c:\programdata\BOINC\projects\abcathome.com\abc_sieve_2.10_windows_intelx86.exe
2010-08-23 13:20 . 2010-08-21 07:17 448600 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\libfftw3f-3-1-1a_upx.dll
2010-08-23 13:20 . 2010-08-21 07:17 406016 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\setiathome_6.03_windows_intelx86.exe
2010-08-21 14:06 . 2010-08-21 07:17 267776 ----a-w- c:\programdata\BOINC\projects\setiathome.berkeley.edu\setigraphics_6.03_windows_intelx86.exe
2010-08-19 20:00 . 2010-06-21 18:33 -------- d-----w- c:\program files\Common Files\ACD Systems
2010-08-18 21:39 . 2010-08-18 18:54 -------- d-----w- c:\users\digiart\AppData\Roaming\Hamachi
2010-08-18 19:30 . 2010-08-18 19:30 -------- d-----w- c:\programdata\FLEXnet
2010-08-18 18:54 . 2010-08-18 18:54 25280 ----a-w- c:\windows\system32\drivers\hamachi.sys
2010-08-18 17:56 . 2010-08-18 17:56 -------- d-----w- c:\programdata\ALM
2010-08-18 17:55 . 2010-08-18 17:55 -------- d-----w- c:\program files\Bonjour
2010-08-18 17:55 . 2010-06-21 19:17 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-18 17:46 . 2010-08-18 17:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2010-08-18 17:23 . 2010-08-18 17:22 -------- d-----w- c:\program files\HD Tune Pro
2010-08-18 17:22 . 2010-08-18 17:22 -------- d-----w- c:\users\digiart\AppData\Roaming\HD Tune Pro
2010-08-18 13:34 . 2010-08-18 13:34 -------- d-----w- c:\program files\Webteh
2010-08-18 11:30 . 2010-08-18 11:30 -------- d-----w- c:\program files\EA GAMES
2010-08-18 11:23 . 2010-08-18 11:23 -------- d-----w- c:\program files\Codemasters
2010-08-18 10:05 . 2010-08-18 10:05 -------- d-----w- c:\program files\Rockstar Games
2010-08-17 22:53 . 2010-08-17 22:53 339968 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.09_windows_intelx86__ati13ati.exe
2010-08-17 22:53 . 2010-08-17 22:53 307200 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\brook32_v3_cal13ati.dll
2010-08-16 20:32 . 2010-08-16 20:32 108144 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-08-16 20:32 . 2010-08-16 20:32 -------- d--h--r- c:\users\digiart\AppData\Roaming\SecuROM
2010-08-14 10:53 . 2010-06-25 16:41 -------- d-----w- c:\program files\Common Files\Acronis
2010-08-14 10:53 . 2010-06-25 16:41 -------- d-----w- c:\program files\Acronis
2010-08-14 10:50 . 2010-08-14 10:45 -------- d-----w- c:\program files\Chameleon Startup Manager Free Edition 2
2010-08-14 10:46 . 2010-08-14 10:46 -------- d-----w- c:\users\digiart\AppData\Roaming\NeoSoftTools
2010-08-14 10:46 . 2010-08-14 10:46 -------- d-----w- c:\programdata\NeoSoftTools
2010-08-11 22:25 . 2010-08-11 10:25 -------- d-----w- c:\users\digiart\AppData\Roaming\DivX
2010-08-11 14:24 . 2010-08-11 13:23 -------- d-----w- c:\programdata\Norton
2010-08-11 14:24 . 2010-08-11 13:23 -------- d-----w- c:\programdata\Symantec
2010-08-11 13:23 . 2010-08-11 13:23 -------- d-----w- c:\programdata\NortonInstaller
2010-08-11 10:30 . 2010-08-11 10:30 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-11 10:30 . 2010-08-11 10:23 -------- d-----w- c:\programdata\DivX
2010-08-11 10:25 . 2010-08-11 10:25 56765 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:23 -------- d-----w- c:\program files\DivX
2010-08-11 10:25 . 2010-08-11 10:25 56997 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:25 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe
2010-08-11 10:25 . 2010-08-11 10:25 57715 ----a-w- c:\programdata\DivX\Player\Uninstaller.exe
2010-08-11 10:23 . 2010-08-11 10:25 1062184 ----a-w- c:\programdata\DivX\Setup\Resource.dll
2010-08-11 10:23 . 2010-08-11 10:25 895256 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe
2010-08-10 20:56 . 2010-08-10 20:56 -------- d-----w- c:\users\digiart\AppData\Roaming\RigNRoll_eng
2010-08-10 20:55 . 2010-08-10 20:55 -------- d-----w- c:\program files\OpenAL
2010-08-10 20:30 . 2010-08-10 20:30 -------- d-----w- c:\program files\1C Company
2010-08-10 13:34 . 2010-07-06 16:11 -------- d-----w- c:\program files\OLYMPUS
2010-08-10 13:32 . 2010-08-08 17:38 -------- d-----w- c:\program files\Share Rapid Uploader
2010-08-10 13:29 . 2010-07-18 21:29 -------- d-----w- c:\program files\CPUID
2010-08-10 13:15 . 2010-08-09 22:56 -------- d-----w- c:\program files\Valusoft
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
.
Obsah adresáře 'Naplánované úlohy'
2010-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:04]
2010-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 20:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.magentic.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.032"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ani"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.apd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.arw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bay"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bmp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.bw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cr2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.crw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cs1"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.cur"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcr"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dcx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dib"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djv"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.djvu"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.dng"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.emf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.eps"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.erf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.fpx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.gif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.hdr"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icl"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.icn"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ico"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ilbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.int"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.inta"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.iw4"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2c"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.j2k"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jfif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jp2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpc"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpe"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpeg"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpg"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpk"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.jpx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.lbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mos"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.mrw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.nef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.orf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pct"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pcx"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pef"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pgm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pic"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pict"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pix"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-3206388712-2485161940-1246515707-1000)
@Denied: (2) (LocalSystem)
"Progid"="ZPS120.Document.png"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ppm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psd"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.psp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.pspimage"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ras"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.raw"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgb"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rgba"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rle"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.rsb"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sgi"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.sr2"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.srf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tga"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.thm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.tiff"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttc"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.ttf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wbmp"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.wmf"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xbm"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xif"
[HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 10.0.xpm"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-09-27 18:21:14
ComboFix-quarantined-files.txt 2010-09-27 16:21
ComboFix2.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 463 574 646 784
Po spuštění: Volných bajtů: 467 500 204 032
- - End Of File - - 7F405213E34207B8F0156010F4616669
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Vy jste nekdy v posledni dobe pouzival ComboFix? Mel byste tam mit dva logy (ComboFix.txt a ComboFix2.txt) a jeste soubor ComboFix-quarantined-files.txt.
Poslete mi je vsechny prosim na vyosek@forum.viry.cz
Poslete mi je vsechny prosim na vyosek@forum.viry.cz
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Ne bohužel tam mám jen ComboFix.txt nic víc.
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Driver:: ICQ Service MyWebSearchService File:: C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll C:\Windows\system32\tmpD38E.tmp C:\Windows\system32\tmp9A55.tmp C:\Windows\system32\tmp5386.tmp Registry:: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{855F3B16-6D32-4fe6-8A56-BBB695989046}"=- "{07B18EA9-A523-4961-B6BB-170DE4475CCA}"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "MyWebSearch Email Plugin"=- "My Web Search Bar Search Scope Monitor"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyWebSearch Email Plugin"=- Folder:: C:\Program Files\MyWebSearch C:\Program Files\ICQ6Toolbar DDS:: uStart Page = hxxp://mystart.magentic.com/ RegLock:: [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice] [HKEY_USERS\S-1-5-21-3206388712-2485161940-1246515707-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
ComboFix 10-09-26.04 - digiart 27.09.2010 21:04:29.3.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1156 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\digiart\Desktop\CFScript.txt.txt
* Vytvořen nový Bod Obnovení
FILE ::
"c:\users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\windows\system32\tmp5386.tmp"
"c:\windows\system32\tmp9A55.tmp"
"c:\windows\system32\tmpD38E.tmp"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
c:\windows\system32\tmp5386.tmp
c:\windows\system32\tmp9A55.tmp
c:\windows\system32\tmpD38E.tmp
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ICQ Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 18:48 . 2010-09-27 18:48 -------- d-----w- c:\program files\Miranda IM Bagr pack
2010-09-27 18:38 . 2010-09-27 18:42 -------- d-----w- c:\program files\Naevius USB Antivirus
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 19:16 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 00:38 . 2010-09-27 17:07 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 19:16 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 19:15 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 16:32 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:58 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 08:28 . 2010-09-27 01:39 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:44 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 16:36 . 2010-09-23 05:17 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2010-08-26 23:14 . 2010-08-26 21:06 -------- d-----w- c:\users\digiart\AppData\Roaming\PSpad
2010-08-26 21:06 . 2010-08-26 21:06 -------- d-----w- c:\program files\PSPad editor
2010-08-25 17:21 . 2010-08-25 17:21 -------- d-----w- c:\users\digiart\AppData\Roaming\ct24crawl
2010-08-25 14:39 . 2010-08-09 23:34 -------- d-----w- c:\program files\ICQ7.2
2010-08-24 07:40 . 2010-08-24 07:40 2995712 ----a-w- c:\programdata\BOINC\projects\abcathome.com\abc_sieve_2.10_windows_intelx86.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-18 1956864]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ALSYSIO
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5516)
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hard Disk Sentinel\HDSentinel.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\IncrediMail\Bin\ImApp.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2010-09-27 21:21:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-27 19:21
ComboFix2.txt 2010-09-27 16:21
ComboFix3.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 467 379 163 136
Po spuštění: Volných bajtů: 466 993 352 704
- - End Of File - - 027922D68E57B06ACAE0881A25D6C301
Ještě mám dotaz po dokončení senu ComboFix odesílal nějaká data na nějaký servr o co šlo?
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1156 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\digiart\Desktop\CFScript.txt.txt
* Vytvořen nový Bod Obnovení
FILE ::
"c:\users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\windows\system32\tmp5386.tmp"
"c:\windows\system32\tmp9A55.tmp"
"c:\windows\system32\tmpD38E.tmp"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\config.xml
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Version.txt
c:\users\digiart\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
c:\windows\system32\tmp5386.tmp
c:\windows\system32\tmp9A55.tmp
c:\windows\system32\tmpD38E.tmp
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_ICQ Service
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 19:13 . 2010-09-27 19:13 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 18:48 . 2010-09-27 18:48 -------- d-----w- c:\program files\Miranda IM Bagr pack
2010-09-27 18:38 . 2010-09-27 18:42 -------- d-----w- c:\program files\Naevius USB Antivirus
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 19:16 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 00:38 . 2010-09-27 17:07 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 19:16 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 19:15 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 16:32 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:58 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 08:28 . 2010-09-27 01:39 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:44 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 16:36 . 2010-09-23 05:17 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2010-08-26 23:14 . 2010-08-26 21:06 -------- d-----w- c:\users\digiart\AppData\Roaming\PSpad
2010-08-26 21:06 . 2010-08-26 21:06 -------- d-----w- c:\program files\PSPad editor
2010-08-25 17:21 . 2010-08-25 17:21 -------- d-----w- c:\users\digiart\AppData\Roaming\ct24crawl
2010-08-25 14:39 . 2010-08-09 23:34 -------- d-----w- c:\program files\ICQ7.2
2010-08-24 07:40 . 2010-08-24 07:40 2995712 ----a-w- c:\programdata\BOINC\projects\abcathome.com\abc_sieve_2.10_windows_intelx86.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-01-09 2262352]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-18 1956864]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ALSYSIO
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
- - - - - - - > 'Explorer.exe'(5516)
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
c:\program files\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Hard Disk Sentinel\HDSentinel.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\IncrediMail\Bin\ImApp.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2010-09-27 21:21:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-27 19:21
ComboFix2.txt 2010-09-27 16:21
ComboFix3.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 467 379 163 136
Po spuštění: Volných bajtů: 466 993 352 704
- - End Of File - - 027922D68E57B06ACAE0881A25D6C301
Ještě mám dotaz po dokončení senu ComboFix odesílal nějaká data na nějaký servr o co šlo?
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Doporucuji odinstalovat Advanced SystemCare 3 - jedna se o cinsky smejd a mezi radci neni obliben - asi i tim ze ukradli databazi haveti spolecnosti co dela MBAM Nakrmte ComboFix jeste timto skriptem (postup je stejny jako minule) - log mi sem pak vlozte
Kód: Vybrat vše
Driver::
ALSysIO
File::
c:\users\digiart\AppData\Local\Temp\ALSysIO.sys- Provedte aktualizaci - treti zalozka
- Provedte uplny sken - nic nemazte
- MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu logu RSIT, předem moc dík.
CF by nemel odesilat nic po dokonceni skenu na nejaky server, jak jste na to prosim prisel ze se neco nekam posilalo 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Když se dokončil sken tak mi psal že potřebuje odeslat nějaké malwerové vzorky na server a že mám zkontrolovat jestli jsem připojen k internetu.
Po potvrzení OK se připojil a jelo to do 100% pak vyběhl log a ComboFix se ukončil. Měl jsem to nafotit škoda.
Po potvrzení OK se připojil a jelo to do 100% pak vyběhl log a ComboFix se ukončil. Měl jsem to nafotit škoda.
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
CF zrejme posilal vzorky haveti jeho autorovi sUBSovi pro dalsi vyvoj utility... Ten dalsi skript pro CF jste aplikoval, pokud ne, tak vzhuru do nej A pak hura na MBAM"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
ComboFix 10-09-27.01 - digiart 27.09.2010 22:27:49.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1003 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\digiart\Desktop\CFScript.txt.txt
FILE ::
"c:\users\digiart\AppData\Local\Temp\ALSysIO.sys"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ALSYSIO
-------\Service_ALSysIO
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 18:48 . 2010-09-27 18:48 -------- d-----w- c:\program files\Miranda IM Bagr pack
2010-09-27 18:38 . 2010-09-27 18:42 -------- d-----w- c:\program files\Naevius USB Antivirus
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 20:38 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 00:38 . 2010-09-27 17:07 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 20:41 . 2010-09-27 20:41 -------- d-----w- c:\users\digiart\AppData\Roaming\Malwarebytes
2010-09-27 20:40 . 2010-09-27 20:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-27 20:40 . 2010-09-27 20:40 -------- d-----w- c:\programdata\Malwarebytes
2010-09-27 20:38 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-27 20:38 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 20:36 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 20:14 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 20:14 . 2010-09-27 01:39 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:44 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 16:36 . 2010-09-23 05:17 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-24 04:35 . 2010-09-27 20:07 551936 ----a-w- c:\programdata\BOINC\slots\9\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-27 20:07 524288 ----a-w- c:\programdata\BOINC\slots\9\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-18 1956864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ALSYSIO
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Hard Disk Sentinel\HDSentinel.exe
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\IncrediMail\Bin\ImApp.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2010-09-27 22:43:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-27 20:43
ComboFix2.txt 2010-09-27 19:21
ComboFix3.txt 2010-09-27 16:21
ComboFix4.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 467 372 163 072
Po spuštění: Volných bajtů: 467 495 137 280
- - End Of File - - F5671EFDD7421B52BA8C1963506F4813
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.2046.1003 [GMT 2:00]
Spuštěný z: c:\users\digiart\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\digiart\Desktop\CFScript.txt.txt
FILE ::
"c:\users\digiart\AppData\Local\Temp\ALSysIO.sys"
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ALSYSIO
-------\Service_ALSysIO
((((((((((((((((((((((((( Soubory vytvořené od 2010-08-27 do 2010-09-27 )))))))))))))))))))))))))))))))
.
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-09-27 20:35 . 2010-09-27 20:35 -------- d-----w- c:\users\boinc_master\AppData\Local\temp
2010-09-27 18:48 . 2010-09-27 18:48 -------- d-----w- c:\program files\Miranda IM Bagr pack
2010-09-27 18:38 . 2010-09-27 18:42 -------- d-----w- c:\program files\Naevius USB Antivirus
2010-09-27 12:19 . 2010-09-27 12:19 -------- d-----w- C:\Device
2010-09-27 12:19 . 2010-09-27 20:38 -------- d-----w- c:\users\digiart\AppData\Local\temp
2010-09-27 10:05 . 2010-09-27 15:57 -------- d-----w- c:\program files\trend micro
2010-09-27 10:05 . 2010-09-27 10:05 -------- d-----w- C:\rsit
2010-09-27 00:38 . 2010-09-27 17:07 -------- d-----w- c:\program files\Tomb Raider
2010-09-26 16:49 . 2005-02-09 22:00 110080 ----a-w- c:\windows\system32\Orbitron.scr
2010-09-26 16:49 . 2010-09-26 16:49 -------- d-----w- c:\program files\Orbitron
2010-09-26 16:20 . 2010-09-26 16:20 -------- d-----w- c:\users\digiart\AppData\Roaming\vlc
2010-09-21 14:53 . 2009-07-14 17:55 608 ----a-w- c:\windows\FIN.cmd
2010-09-21 14:53 . 2009-07-14 16:23 343 ----a-w- c:\windows\FIN2.cmd
2010-09-21 14:53 . 2010-09-21 14:53 -------- d-----w- C:\TokensBackup
2010-09-19 13:52 . 2010-09-19 13:52 -------- d-----w- c:\program files\Common Files\Steam
2010-09-19 10:30 . 2010-09-19 10:30 680288 ----a-w- c:\windows\system32\McLaren 2010.scr
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\programdata\Screentime
2010-09-19 10:30 . 2010-09-19 10:30 -------- d-----w- c:\users\digiart\AppData\Local\Screentime
2010-09-17 19:58 . 2010-09-17 20:06 -------- d-----w- c:\users\digiart\AppData\Roaming\Feedreader
2010-09-17 19:58 . 2010-09-18 21:42 -------- d-----w- c:\program files\FeedReader30
2010-09-16 17:44 . 2010-09-16 17:44 -------- d-----w- c:\programdata\ProcessLasso
2010-09-16 17:44 . 2010-09-18 21:45 -------- d--h--w- c:\program files\Process Lasso
2010-09-16 10:32 . 2010-09-16 10:32 -------- d-----w- c:\users\digiart\AppData\Local\Magentic
2010-09-15 20:35 . 2010-09-15 20:45 -------- d-----w- c:\users\digiart\AppData\Roaming\Scribus
2010-09-15 15:28 . 2010-09-15 15:29 -------- d-----w- c:\program files\Scribus 1.3.7
2010-09-15 14:56 . 2010-09-16 10:33 -------- d-----w- C:\wamp
2010-09-15 03:45 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2010-09-14 14:47 . 2010-09-14 14:47 -------- d-----w- c:\users\digiart\AppData\Roaming\Vivox
2010-09-13 17:03 . 2010-09-26 22:20 -------- d-----w- c:\users\digiart\AppData\Local\PMB Files
2010-09-13 17:03 . 2010-09-13 17:03 -------- d-----w- c:\programdata\PMB Files
2010-09-13 17:02 . 2010-09-13 17:02 -------- d-----w- c:\program files\Pando Networks
2010-09-11 16:29 . 2010-09-11 16:29 -------- d-----w- c:\users\digiart\AppData\Local\Apple Computer
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Roaming\Quark
2010-09-10 10:11 . 2010-09-10 10:11 -------- d-----w- c:\users\digiart\AppData\Local\Quark
2010-09-10 10:09 . 2010-09-18 21:46 -------- d-----w- c:\programdata\Quark
2010-09-10 10:09 . 2010-09-10 10:09 -------- d-----w- c:\program files\Quark
2010-09-10 09:54 . 2010-09-18 21:50 -------- d-----w- c:\program files\QuickTime
2010-09-10 09:54 . 2010-09-10 09:54 -------- d-----w- c:\programdata\Apple Computer
2010-09-09 23:51 . 2010-09-09 23:51 -------- d-----w- c:\program files\Pixarra
2010-09-09 17:22 . 2010-09-09 17:22 -------- d-----w- c:\program files\Raven
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\Oberon Media
2010-09-08 20:03 . 2010-09-08 20:03 -------- d-----w- c:\program files\IncrediGames
2010-09-08 13:52 . 2010-09-10 09:23 -------- d-----w- c:\users\digiart\.scribus
2010-09-06 19:53 . 2010-09-06 19:53 -------- d-----w- c:\users\digiart\AppData\Roaming\magentictb
2010-09-06 19:53 . 2010-09-06 19:58 -------- d-----w- c:\program files\magentictb
2010-09-06 19:26 . 2010-09-17 17:59 -------- d-----w- c:\users\digiart\AppData\Local\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\programdata\IncrediMail
2010-09-06 19:26 . 2010-09-06 19:27 -------- d-----w- c:\programdata\IM
2010-09-06 19:26 . 2010-09-06 19:26 -------- d-----w- c:\program files\IncrediMail
2010-09-04 14:20 . 2010-09-04 14:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Ice Age 2
2010-09-04 14:19 . 2010-09-04 14:19 1 ----a-w- C:\DXOkay.bin
2010-09-04 14:15 . 2010-09-04 14:15 -------- d-----w- c:\program files\Sierra
2010-09-04 14:04 . 2010-09-04 14:04 -------- d-----w- c:\program files\PowerISO
2010-09-03 15:10 . 2010-09-03 15:10 88 ----a-w- c:\windows\fnerr.dat
2010-09-03 15:07 . 2010-09-03 15:07 -------- d-----w- c:\programdata\Bitstream
2010-09-01 20:06 . 2010-09-01 20:06 -------- d-----w- c:\program files\ALCPU
2010-09-01 19:08 . 2010-09-01 19:08 -------- d-----w- c:\programdata\M-Photo
2010-09-01 19:00 . 2010-09-01 19:36 -------- d-----w- C:\CDSM
2010-09-01 19:00 . 2010-09-01 19:00 22558007 ----a-w- c:\windows\system32\CDSM_CDSM Designer_uninstaller.exe
2010-08-31 20:56 . 2010-08-31 20:59 -------- d-----w- c:\users\digiart\AppData\Roaming\Net Meter Pro
2010-08-31 20:56 . 2010-08-31 20:56 -------- d-----w- c:\program files\Net Meter Pro
2010-08-31 19:03 . 2010-08-31 19:05 -------- d-----w- c:\program files\CPU Speed Pro
2010-08-29 00:34 . 2010-08-30 17:46 -------- d-----w- C:\ABRAG1
2010-08-29 00:33 . 2010-08-29 00:33 -------- d-----w- c:\program files\Firebird
2010-08-29 00:06 . 2010-08-29 00:06 -------- d-----w- c:\program files\OKsystem
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-27 20:41 . 2010-09-27 20:41 -------- d-----w- c:\users\digiart\AppData\Roaming\Malwarebytes
2010-09-27 20:40 . 2010-09-27 20:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-27 20:40 . 2010-09-27 20:40 -------- d-----w- c:\programdata\Malwarebytes
2010-09-27 20:38 . 2010-06-21 18:35 -------- d-----w- c:\program files\MSI Afterburner
2010-09-27 20:38 . 2010-06-21 22:41 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys
2010-09-27 20:36 . 2010-07-02 20:04 17488 ----a-w- c:\windows\gdrv.sys
2010-09-27 20:14 . 2010-08-11 15:22 -------- d-----w- c:\programdata\BOINC
2010-09-27 20:14 . 2010-09-27 01:39 113 ----a-w- c:\programdata\BOINC\slots\1\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-27 12:46 . 2010-07-04 17:33 1 ----a-w- c:\users\digiart\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-09-27 08:47 . 2010-09-27 08:47 87 ----a-w- c:\programdata\BOINC\slots\5\pthreadGCE2.dll
2010-09-27 08:47 . 2010-09-27 08:47 84 ----a-w- c:\programdata\BOINC\slots\5\mingwm10.dll
2010-09-27 08:47 . 2010-09-27 08:47 83 ----a-w- c:\programdata\BOINC\slots\5\perl510.dll
2010-09-27 08:47 . 2010-09-27 08:47 110 ----a-w- c:\programdata\BOINC\slots\5\freehalboinc_1.73_windows_intelx86.exe
2010-09-27 01:26 . 2010-09-27 01:26 89 ----a-w- c:\programdata\BOINC\slots\7\abc_sieve_2.10_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:44 12480512 ----a-w- c:\programdata\BOINC\projects\boinc.bakerlab.org_rosetta\minirosetta_2.15_windows_intelx86.exe
2010-09-27 00:46 . 2010-09-27 00:46 72 ----a-w- c:\programdata\BOINC\slots\6\devil.dll
2010-09-27 00:46 . 2010-09-27 00:46 71 ----a-w- c:\programdata\BOINC\slots\6\ilut.dll
2010-09-27 00:46 . 2010-09-27 00:46 70 ----a-w- c:\programdata\BOINC\slots\6\ilu.dll
2010-09-26 20:28 . 2010-06-22 23:15 -------- d-----w- c:\users\digiart\AppData\Roaming\dvdcss
2010-09-26 19:18 . 2010-07-06 21:22 -------- d-----w- c:\users\digiart\AppData\Roaming\Skype
2010-09-26 16:36 . 2010-09-23 05:17 113 ----a-w- c:\programdata\BOINC\slots\0\collatz_2.09_windows_intelx86__ati13ati.exe
2010-09-26 14:02 . 2010-07-06 21:25 -------- d-----w- c:\users\digiart\AppData\Roaming\skypePM
2010-09-26 10:47 . 2010-07-11 15:26 2776 --sha-w- c:\programdata\Protexis\KGyGaAvL.sys
2010-09-25 20:28 . 2010-06-21 23:11 -------- d-----w- c:\users\digiart\AppData\Roaming\ICQ
2010-09-25 01:13 . 2010-09-25 01:13 103 ----a-w- c:\programdata\BOINC\slots\3\milkyway_0.19_windows_intelx86.exe
2010-09-24 23:00 . 2010-07-14 16:34 -------- d-----w- c:\users\digiart\AppData\Roaming\eM Client
2010-09-24 04:35 . 2010-09-27 20:07 551936 ----a-w- c:\programdata\BOINC\slots\9\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 551936 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-27 20:07 524288 ----a-w- c:\programdata\BOINC\slots\9\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_2.00_windows_intelx86.exe
2010-09-24 04:35 . 2010-09-24 04:35 454656 ----a-w- c:\programdata\BOINC\projects\dnetc.net\dnetc_1.29_windows_intelx86__ati14.exe
2010-09-24 04:35 . 2010-09-24 04:35 524288 ----a-w- c:\programdata\BOINC\projects\dnetc.net\wrapper_1.29_windows_intelx86__ati14.exe
2010-09-19 15:09 . 2010-07-12 20:52 -------- d-----w- c:\program files\Google
2010-09-19 14:10 . 2010-08-10 20:55 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-09-19 14:10 . 2010-08-10 20:55 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-09-19 10:30 . 2010-09-19 10:30 38752 ----a-w- c:\programdata\Screentime\McLaren 2010\saver1.dll
2010-09-19 10:30 . 2010-09-19 10:30 22640 ----a-w- c:\programdata\Screentime\McLaren 2010\saver2.dll
2010-09-18 22:32 . 2010-07-13 08:58 -------- d-----w- c:\program files\Common Files\Corel
2010-09-18 22:03 . 2010-06-30 22:07 -------- d-----w- c:\program files\Miranda Micro 0.1
2010-09-18 21:55 . 2010-08-03 06:49 -------- d-----w- c:\program files\BoincLogX
2010-09-18 21:54 . 2010-06-25 19:33 -------- d-----w- c:\program files\FahMon
2010-09-18 21:53 . 2010-06-23 11:20 -------- d-----w- c:\users\digiart\AppData\Roaming\TweakNow PowerPack 2009
2010-09-18 21:51 . 2010-06-21 16:03 122936 ----a-w- c:\users\digiart\AppData\Local\GDIPFONTCACHEV1.DAT
2010-09-18 21:50 . 2010-06-21 17:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-09-18 21:47 . 2010-08-18 22:14 -------- d-----w- c:\program files\thriXXX
2010-09-18 21:43 . 2010-06-22 12:00 -------- d-----w- c:\program files\PopTray
2010-09-17 12:53 . 2010-09-17 12:53 1906176 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\freehalboinc_1.73_windows_intelx86.exe
2010-09-16 19:24 . 2010-07-12 20:15 74648 ----a-w- c:\windows\system32\perfc014.dat
2010-09-16 19:24 . 2010-07-12 20:15 442758 ----a-w- c:\windows\system32\perfh014.dat
2010-09-16 19:24 . 2010-07-12 20:07 636242 ----a-w- c:\windows\system32\perfh007.dat
2010-09-16 19:24 . 2010-07-12 20:07 126574 ----a-w- c:\windows\system32\perfc007.dat
2010-09-16 19:24 . 2009-07-14 08:44 625676 ----a-w- c:\windows\system32\perfh005.dat
2010-09-16 19:24 . 2009-07-14 08:44 119794 ----a-w- c:\windows\system32\perfc005.dat
2010-09-16 14:49 . 2010-06-23 20:57 -------- d-----w- c:\program files\Ashampoo
2010-09-16 14:47 . 2010-08-18 13:35 -------- d-----w- c:\users\digiart\AppData\Roaming\BSplayer PRO
2010-09-16 12:57 . 2010-07-27 16:30 -------- d-----w- c:\program files\Venetica
2010-09-15 19:41 . 2010-06-28 18:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\wrapper_5.26_windows_intelx86.exe
2010-09-14 11:10 . 2010-09-14 11:10 94 ----a-w- c:\programdata\BOINC\slots\17\enigma2_0.76_windows_intelx86.exe
2010-09-14 07:51 . 2010-06-21 17:25 -------- d-----w- c:\users\digiart\AppData\Roaming\AIMP
2010-09-13 14:27 . 2010-06-22 16:36 -------- d-----w- c:\users\digiart\AppData\Roaming\FileZilla
2010-09-12 08:12 . 2010-09-12 08:12 97 ----a-w- c:\programdata\BOINC\slots\4\primaboinca_7.02_windows_intelx86.exe
2010-09-12 08:12 . 2010-09-12 08:12 67 ----a-w- c:\programdata\BOINC\slots\4\gmp.dll
2010-09-11 22:08 . 2010-09-11 22:08 88 ----a-w- c:\programdata\BOINC\slots\2\libfftw3f-3-1-1a_upx.dll
2010-09-11 22:08 . 2010-09-11 22:08 100 ----a-w- c:\programdata\BOINC\slots\2\setiathome_6.03_windows_intelx86.exe
2010-09-11 16:47 . 2010-09-11 16:47 634880 ----a-w- c:\programdata\BOINC\projects\spin.fh-bielefeld.de\metropolis_3.12_windows_intelx86.exe
2010-09-11 16:11 . 2010-06-21 18:50 -------- d-----w- c:\program files\ATI
2010-09-10 13:47 . 2010-09-10 13:47 649216 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_gcwsieve_1.01_windows_intelx86.exe
2010-09-10 03:17 . 2010-09-10 03:17 94 ----a-w- c:\programdata\BOINC\slots\8\camb_2.16_windows_intelx86.exe
2010-09-10 02:21 . 2010-09-10 02:21 4649824 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_nbody_0.04_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 57856 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\enigma2_0.76_windows_intelx86.exe
2010-09-09 12:29 . 2010-09-09 12:28 510976 ----a-w- c:\programdata\BOINC\projects\www.enigmaathome.net\wrapper_5.26_windows_intelx86.exe
2010-09-08 23:31 . 2010-06-21 18:28 -------- d-----w- c:\program files\Hard Disk Sentinel
2010-09-08 19:19 . 2010-09-08 19:19 253952 ----a-w- c:\programdata\BOINC\projects\boinc.thesonntags.com_collatz\collatz_2.00_windows_intelx86__sse.exe
2010-09-08 17:48 . 2010-09-08 17:48 1312768 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\perl510.dll
2010-09-08 17:48 . 2010-09-08 17:48 112556 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\pthreadGCE2.dll
2010-09-08 17:48 . 2010-09-08 17:48 13400 ----a-w- c:\programdata\BOINC\projects\www.freehal.net_freehal_at_home\mingwm10.dll
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\BOINCMGRLink_B65C4A4D2B2A46CCA2D918164C6297B8.exe
2010-09-08 17:08 . 2010-09-08 17:08 284646 ----a-r- c:\users\digiart\AppData\Roaming\Microsoft\Installer\{212D202D-487D-49C4-8A76-4D3BB91B8471}\ARPPRODUCTICON.exe
2010-09-08 17:08 . 2010-08-17 22:50 -------- d-----w- c:\program files\BOINC
2010-09-08 04:58 . 2010-09-08 04:58 8419840 ----a-w- c:\programdata\BOINC\projects\qah.uni-muenster.de\qasinoAlpha_5.01_windows_intelx86.exe
2010-09-07 15:12 . 2010-06-30 05:38 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-06-21 18:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-06-21 18:15 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-06-21 18:15 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-06-21 18:15 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-06-21 18:15 50768 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2010-09-07 14:47 . 2010-06-21 18:15 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-05 20:39 . 2010-09-05 20:39 356352 ----a-w- c:\programdata\BOINC\projects\boinc.bio.wzw.tum.de_boincsimap\simap_5.10_windows_intelx86.exe
2010-09-05 16:28 . 2010-09-05 16:28 4894720 ----a-w- c:\programdata\BOINC\projects\orbit.psi.edu_oah\SurveyReview_1.10_windows_intelx86.exe
2010-09-03 19:09 . 2010-09-03 19:09 635392 ----a-w- c:\programdata\BOINC\projects\www.primegrid.com\primegrid_ppsieve_1.26_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 672768 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\primaboinca_7.02_windows_intelx86.exe
2010-09-03 17:01 . 2010-09-03 17:01 208896 ----a-w- c:\programdata\BOINC\projects\www.primaboinca.com\gmp.dll
2010-09-03 12:03 . 2010-09-03 12:03 26112 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilu.dll
2010-09-03 12:03 . 2010-09-03 12:03 16384 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\ilut.dll
2010-09-03 12:03 . 2010-09-03 12:03 266752 ----a-w- c:\programdata\BOINC\projects\www.malariacontrol.net\devil.dll
2010-09-02 12:57 . 2010-08-01 12:10 -------- d-----w- c:\users\digiart\AppData\Roaming\SQLyog
2010-09-02 06:32 . 2010-07-23 22:24 -------- d-----w- c:\users\digiart\AppData\Roaming\Ahead
2010-08-30 17:44 . 2010-06-25 19:44 -------- d-----w- c:\users\digiart\AppData\Roaming\Folding@home-gpu
2010-08-27 00:24 . 2010-08-27 00:24 240640 ----a-w- c:\programdata\BOINC\projects\milkyway.cs.rpi.edu_milkyway\milkyway_0.19_windows_intelx86.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Core Temp"="c:\program files\Core Temp\Core Temp.exe" [2010-06-27 424464]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"IncrediMail"="c:\program files\IncrediMail\bin\IncMail.exe" [2010-09-06 353736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2010-09-07 2838912]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"lxbkbmgr.exe"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2008-02-28 74408]
"EasyTuneVPro"="c:\program files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 20480]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2009-09-11 2524416]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-25 7547424]
"MSIAfterburner"="c:\program files\MSI Afterburner\MSIAfterburnerWrapper.exe" [2010-06-07 44344]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"nusbantivirus"="c:\program files\Naevius USB Antivirus\usbantivirus.exe" [2009-08-18 1956864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MSI Afterburner.lnk - c:\program files\MSI Afterburner\MSIAfterburner.exe [2010-6-7 347448]
Yahoo! Widgets.lnk - c:\program files\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
R0 GVTDrv;GVTDrv; [x]
R2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [x]
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-11 136176]
R3 AODDriver;AODDriver;c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [2009-02-22 7168]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2010-06-25 17488]
R3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys [x]
R3 gMouPS2;PS2 Scroll Mouse Device;c:\windows\system32\DRIVERS\gMouPS2.sys [x]
R3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\DRIVERS\RtTeam60.sys [2009-12-21 43520]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys [2007-12-03 19968]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-06-21 691696]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-05 172032]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 50768]
S2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
S2 lxbk_device;lxbk_device;c:\windows\system32\lxbkcoms.exe [2008-02-19 537256]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-11-16 50704]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys [2009-07-20 27648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-05-21 173352]
S2 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\digiart\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries24.gadget\WinRing0.sys [2010-06-23 14416]
S3 ALSysIO;ALSysIO;c:\users\digiart\AppData\Local\Temp\ALSysIO.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-05-05 5550592]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-05-05 176128]
S3 RTCore32;RTCore32;c:\program files\MSI Afterburner\RTCore32.sys [2010-06-07 12088]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-30 187392]
--- Ostatní služby/ovladače v paměti ---
*NewlyCreated* - ALSYSIO
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\digiart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG12.00.00.01PROFESSIONAL"="E54D7C8AEF96BBDD8107377D9E25BC7774274952B65412041344A78C9BB83B48C0A5457C55CE92CA2CF2FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808BA7FD869164D6794FEBC9E127BECC74CBA7FD869164D6794562A6D5310548024495197133546C98E4602830732F5E6EFD0BA90F9490D758ADEF8AE62DD2465756C73B6423AF7BD53675C1C2495BE3294E73A62A980828447B5D0EFA08B913EFDA51029314EFB2FBE3C235818B3A44503AB02706D9D5A34D21A1A1605538B615F3801FC52C203AF38ABC215EA1137910FC92D0488F9256F081BC2F6A88444571C392638397B00858E70A9234947CA396E405DDC5F85B8D6A31E3DDC4D82B0DD1B9162D29BF1A8ABF018CC498482769338E2372B7D41ADBFC9DBFE8754440BE628011CB658B0F851F387233E9186182D6CDA62951044E1B27F6181AA45D6D318F2973C466D59B058107329310926CFC46AA10D376938756BB08FC2EC4A57C9CA8EBBB4D37F9F52572267DDC1A74C00CDF80A669C7E5BCE5B2B994369B3F9760DF2A7F4A9554C2519E8C2C405CE75517041B4A3C7E8FE96269F0A8A2E7206229E7AE7F481DC3BB49B0A37660403333208D09B7DAF688CB924273D213F9E575A76E460AF0C25DB50118E4DCCBCEC2B4F23180A313EDEFA68E3BAE39492725B723F56C4A36D62B30961E0DD091F5B152006EC9F7DD050D91BA23982F5154E968053559F533EEADA3926D2982E10BCBF5A29094FA9BA674C86D864F15C2433A15EC64ECEC5893C7D79AD190054E9A70CFAB60AE1FC40F187AB2BE2DEE013C9A4AA5F8E8485D0F45CAA7BCBEA17F8536F428F70F3C39C6255C9F8BFCBA02ADAE146144C459F065BC9EE45E505957D1F73B4C52273CFFD4F166551690A3EA2D7ABD8159D6C29925430AD754A4BF22E0AB3992168A4F30570B949F831455FACD1E74B427CA6B753ED0B912ABB12D83238637E9DF0200B4926C70269CDF9ACEA7F93CC32CAF5E59556EA0B38E20070A7F4C731EACDD0EFD46FDA60CDD977D373BD3D4F2ECAAF529FE3F34BA34C0F6C202CB7486CF2F604A3759FF907D46307540A0988B224FE202A8BDDCBA8680E7C9EEDA31AB83B26AC2A005AA72B1FB67C09072D73F2E160F4DDEB7646358B215C1F708B441DE1C651CDFCDF8680013E6C867CF4CC5273277C5EC31C3AEAED3D450C8B83A5180B14DEE67F9AF784A31A1633D4BF186C2CF6643D7644EA212CAEF7C7BC3664DCBA1D47C5BC0A21689540B96B1F811A8EC44B60048CF55FE2461337A6A4E0E5D359C67C2B8E3E6B8FC9F71E7B0F41DEB956EF272EB1CF62EDA15DC9710954D71836497A4E73608392965F8CA8799AB223E18972AB360083B586D57EE651F52BF8812E3B560CA85ABF3666522A5A3B2A"
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files\Hard Disk Sentinel\HDSentinel.exe
c:\program files\OO Software\Defrag\oodag.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\windows\system32\sppsvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
c:\program files\IncrediMail\Bin\ImApp.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\digiart\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2010-09-27 22:43:34 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-09-27 20:43
ComboFix2.txt 2010-09-27 19:21
ComboFix3.txt 2010-09-27 16:21
ComboFix4.txt 2010-09-27 12:28
Před spuštěním: Volných bajtů: 467 372 163 072
Po spuštění: Volných bajtů: 467 495 137 280
- - End Of File - - F5671EFDD7421B52BA8C1963506F4813
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Fajn a ted uplny sken MBAM a uvidime jestli se nam nekde neco neschovalo 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.-
digiart
- Vzorný návštěvník
- Příspěvky: 136
- Registrován: 22 zář 2006 21:56
- Bydliště: Jablonec nad Nisou
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu RSIT, předem moc dík.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Verze databáze: 4705
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
27.9.2010 22:50:04
mbam-log-2010-09-27 (22-50-04).txt
Typ skenu: Rychlý sken
Skenované objekty: 153299
Uplynulý čas: 4 minuta(y), 28 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 43
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
www.malwarebytes.org
Verze databáze: 4705
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
27.9.2010 22:50:04
mbam-log-2010-09-27 (22-50-04).txt
Typ skenu: Rychlý sken
Skenované objekty: 153299
Uplynulý čas: 4 minuta(y), 28 sekunda(y)
Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 43
Infikované hodnoty registru: 1
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)
Infikované klíče registru:
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> No action taken.
Infikované hodnoty registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)
Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)
Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Jsem zapojen do systému BOINC
Preferuji a ,
----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Preferuji
a , ----------------------------------------------------------------------------------------------------------------------------------
Klima je to, co očekáváme, počasí je to, co dostaneme.
----------------------------------------------------------------------------------------------------------------------------------
Přispějete na provoz fóra?