VIRY.CZ

Zdravim,

dneska mi začal nějak blbnout PC. Zamrzává celý nebo jen jeho časti (lišta, prohližeč, etc.) a problikavaji okna semtam, taky často naskakuje u ruznch programu neodpovida... Prosím o kontrolu


Logfile of random's system information tool 1.08 (written by random/random)
Run by Nikko at 2011-03-18 22:58:08
Microsoft Windows 7 Ultimate
System drive C: has 8 GB (26%) free of 30 GB
Total RAM: 3070 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:59:23, on 18.3.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16722)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\QIP 2010\qip.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Nikko\AppData\Roaming\Mikogo\Mikogo-Host.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TableNinja\TableNinja.exe
C:\Program Files\PokerStars\PokerStars.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Users\Nikko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nikko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Nikko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Nikko\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\Nikko\Downloads\RSIT.exe
C:\Program Files\trend micro\Nikko.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60347
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATICustomerCare] "C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [QIP 2010] C:\Program Files\QIP 2010\qip.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Google Update] "C:\Users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Mikogo] "C:\Users\Nikko\AppData\Roaming\Mikogo\Mikogo-Host.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [UniblueSpeedUpMyPC] C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe -minimize
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2470539108-3690302615-3584564314-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-2470539108-3690302615-3584564314-1004\..\Run: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe (User 'postgres')
O4 - HKUS\S-1-5-21-2470539108-3690302615-3584564314-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: GS In-Game Service - ClanServers Hosting LLC - C:\Program Files\GameTracker\GSInGameService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

--
End of file - 9874 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22 1242504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar BHO - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll [2010-12-10 1254136]
{8dcb7100-df86-4384-8842-8fa844297b3f} - @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll [2010-09-22 612616]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"=C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2010-05-04 311296]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-02-17 2216960]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2006-12-26 196608]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"QIP 2010"=C:\Program Files\QIP 2010\qip.exe [2011-03-09 5973888]
"NVMixerTray"=C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe [2004-10-07 131072]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-11-29 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2011-03-07 421160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-02-17 3318784]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-01-26 15026056]
"Google Update"=C:\Users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-17 136176]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]
"Mikogo"=C:\Users\Nikko\AppData\Roaming\Mikogo\Mikogo-Host.exe [2011-02-17 2748416]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"UniblueSpeedUpMyPC"=C:\Program Files\Uniblue\SpeedUpMyPC\Launcher.exe [2009-04-29 614696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-03-18 22:58:09 ----D---- C:\Program Files\trend micro
2011-03-18 22:58:08 ----D---- C:\rsit
2011-03-18 22:27:06 ----D---- C:\Users\Nikko\AppData\Roaming\uniblue
2011-03-18 22:26:09 ----HDC---- C:\ProgramData\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2011-03-18 22:24:27 ----D---- C:\Program Files\Uniblue
2011-03-18 22:12:29 ----D---- C:\ProgramData\Uniblue
2011-03-16 13:50:16 ----D---- C:\Windows\system32\Wat
2011-03-14 17:29:46 ----D---- C:\Program Files\iPod
2011-03-09 03:06:53 ----A---- C:\Windows\system32\FntCache.dll
2011-03-09 03:06:53 ----A---- C:\Windows\system32\DWrite.dll
2011-03-09 03:06:52 ----A---- C:\Windows\system32\d2d1.dll
2011-03-09 03:06:50 ----A---- C:\Windows\system32\CPFilters.dll
2011-03-09 03:06:49 ----A---- C:\Windows\system32\EncDec.dll
2011-03-09 03:06:48 ----A---- C:\Windows\system32\sbe.dll
2011-03-09 03:06:44 ----A---- C:\Windows\system32\mstscax.dll
2011-03-09 03:06:43 ----A---- C:\Windows\system32\mstsc.exe
2011-03-09 00:16:27 ----D---- C:\Users\Nikko\AppData\Roaming\GameTracker
2011-03-09 00:16:10 ----D---- C:\Program Files\GameTracker
2011-03-09 00:08:56 ----D---- C:\Program Files\GamePark
2011-03-08 21:53:23 ----A---- C:\Windows\system32\drivers\PnkBstrK.sys
2011-03-08 21:53:23 ----A---- C:\Users\Nikko\AppData\Roaming\PnkBstrK.sys
2011-03-08 21:52:55 ----A---- C:\Windows\system32\PnkBstrB.exe
2011-03-08 21:52:51 ----A---- C:\Windows\system32\PnkBstrA.exe
2011-03-08 21:52:49 ----A---- C:\Windows\game.ini
2011-03-08 21:42:03 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2011-03-08 21:41:49 ----D---- C:\Program Files\DAEMON Tools Toolbar
2011-03-08 21:41:40 ----D---- C:\Program Files\DAEMON Tools Lite
2011-03-08 21:41:31 ----D---- C:\Users\Nikko\AppData\Roaming\DAEMON Tools Lite
2011-03-08 21:41:31 ----D---- C:\ProgramData\DAEMON Tools Lite
2011-03-08 19:47:52 ----D---- C:\Program Files\CCleaner
2011-03-05 17:08:26 ----A---- C:\Windows\system32\GEARAspi.dll
2011-03-05 17:08:26 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2011-03-05 17:07:36 ----D---- C:\Program Files\iTunes
2011-03-05 17:06:03 ----D---- C:\Windows\system32\appmgmt
2011-03-05 16:45:39 ----D---- C:\Users\Nikko\AppData\Roaming\Apple Computer
2011-03-05 16:44:40 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-05 16:41:25 ----D---- C:\Program Files\QuickTime
2011-03-05 16:41:24 ----D---- C:\ProgramData\Apple Computer
2011-03-05 16:41:12 ----D---- C:\Program Files\Apple Software Update
2011-03-05 16:40:24 ----D---- C:\Program Files\Bonjour
2011-03-05 16:40:15 ----D---- C:\ProgramData\Apple
2011-03-05 16:40:15 ----D---- C:\Program Files\Common Files\Apple
2011-03-05 11:34:43 ----D---- C:\Program Files\TableNinja
2011-03-03 20:44:54 ----D---- C:\Program Files\Common Files\Adobe
2011-03-03 20:44:54 ----D---- C:\Program Files\Adobe
2011-03-03 20:44:03 ----D---- C:\ProgramData\Adobe
2011-03-02 19:12:40 ----D---- C:\Program Files\In The Money
2011-02-24 23:13:19 ----D---- C:\HMArchive
2011-02-24 19:38:21 ----D---- C:\Windows\system32\Macromed
2011-02-24 19:37:27 ----D---- C:\Users\Nikko\AppData\Roaming\GameRanger
2011-02-24 14:38:13 ----A---- C:\Windows\system32\wcncsvc.dll
2011-02-23 15:14:33 ----A---- C:\Windows\system32\XpsPrint.dll
2011-02-23 15:14:33 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2011-02-21 18:02:32 ----A---- C:\Windows\system32\XAudio2_7.dll
2011-02-21 18:02:32 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2011-02-21 18:02:32 ----A---- C:\Windows\system32\xactengine3_7.dll
2011-02-21 18:02:32 ----A---- C:\Windows\system32\d3dcsx_43.dll
2011-02-21 18:02:32 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\XAudio2_6.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\xactengine3_6.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\D3DX9_43.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\d3dx11_43.dll
2011-02-21 18:02:31 ----A---- C:\Windows\system32\d3dx10_43.dll
2011-02-21 18:02:30 ----A---- C:\Windows\system32\xactengine3_5.dll
2011-02-21 18:02:30 ----A---- C:\Windows\system32\D3DX9_42.dll
2011-02-21 18:02:30 ----A---- C:\Windows\system32\d3dx11_42.dll
2011-02-21 18:02:30 ----A---- C:\Windows\system32\d3dcsx_42.dll
2011-02-21 18:02:30 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2011-02-21 18:02:29 ----A---- C:\Windows\system32\XAudio2_4.dll
2011-02-21 18:02:29 ----A---- C:\Windows\system32\D3DX9_41.dll
2011-02-21 18:02:29 ----A---- C:\Windows\system32\d3dx10_41.dll
2011-02-21 18:02:29 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2011-02-21 18:02:28 ----A---- C:\Windows\system32\xactengine3_4.dll
2011-02-21 18:02:28 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2011-02-21 18:02:28 ----A---- C:\Windows\system32\d3dx10_40.dll
2011-02-21 18:02:28 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2011-02-21 18:02:27 ----A---- C:\Windows\system32\D3DX9_40.dll
2011-02-21 18:02:25 ----A---- C:\Windows\system32\XAudio2_3.dll
2011-02-21 18:02:25 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2011-02-21 18:02:25 ----A---- C:\Windows\system32\xactengine3_3.dll
2011-02-21 18:02:25 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\XAudio2_2.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\xactengine3_2.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\d3dx10_39.dll
2011-02-21 18:02:24 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2011-02-21 18:02:23 ----A---- C:\Windows\system32\XAudio2_1.dll
2011-02-21 18:02:23 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2011-02-21 18:02:23 ----A---- C:\Windows\system32\xactengine3_1.dll
2011-02-21 18:02:22 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2011-02-21 18:02:22 ----A---- C:\Windows\system32\D3DX9_38.dll
2011-02-21 18:02:22 ----A---- C:\Windows\system32\d3dx10_38.dll
2011-02-21 18:02:22 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2011-02-21 18:02:21 ----A---- C:\Windows\system32\XAudio2_0.dll
2011-02-21 18:02:21 ----A---- C:\Windows\system32\xactengine3_0.dll
2011-02-21 18:02:21 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2011-02-21 18:02:21 ----A---- C:\Windows\system32\d3dx10_37.dll
2011-02-21 18:02:21 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2011-02-21 18:02:20 ----A---- C:\Windows\system32\xactengine2_10.dll
2011-02-21 18:02:20 ----A---- C:\Windows\system32\D3DX9_37.dll
2011-02-21 18:02:19 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2011-02-21 18:02:19 ----A---- C:\Windows\system32\d3dx9_36.dll
2011-02-21 18:02:19 ----A---- C:\Windows\system32\d3dx10_36.dll
2011-02-21 18:02:19 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2011-02-21 18:00:17 ----D---- C:\Windows\system32\directx
2011-02-20 16:24:28 ----D---- C:\Windows\Minidump
2011-02-20 16:17:27 ----A---- C:\Windows\system32\CapabilityTable.exe
2011-02-20 16:17:19 ----D---- C:\Program Files\Common Files\NVIDIA Shared
2011-02-20 16:17:18 ----D---- C:\Program Files\NVIDIA Corporation
2011-02-20 16:13:25 ----A---- C:\Windows\system32\idecoi.dll
2011-02-20 16:13:25 ----A---- C:\Windows\system32\drivers\nvatabus.sys
2011-02-20 16:13:13 ----A---- C:\Windows\system32\NVUNINST.EXE
2011-02-20 16:05:31 ----D---- C:\Program Files\Lavalys
2011-02-20 15:53:37 ----D---- C:\ProgramData\Windows Genuine Advantage
2011-02-20 13:53:40 ----A---- C:\Windows\system32\drivers\atksgt.sys
2011-02-20 13:53:38 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2011-02-20 13:53:21 ----A---- C:\Windows\system32\xactengine2_9.dll
2011-02-20 13:53:21 ----A---- C:\Windows\system32\d3dx10_35.dll
2011-02-20 13:53:21 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2011-02-20 13:53:20 ----A---- C:\Windows\system32\xactengine2_8.dll
2011-02-20 13:53:20 ----A---- C:\Windows\system32\d3dx9_35.dll
2011-02-20 13:53:20 ----A---- C:\Windows\system32\d3dx10_34.dll
2011-02-20 13:53:20 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2011-02-20 13:53:19 ----A---- C:\Windows\system32\xinput1_3.dll
2011-02-20 13:53:19 ----A---- C:\Windows\system32\d3dx9_34.dll
2011-02-20 13:53:18 ----A---- C:\Windows\system32\xactengine2_7.dll
2011-02-20 13:53:18 ----A---- C:\Windows\system32\d3dx9_33.dll
2011-02-20 13:53:18 ----A---- C:\Windows\system32\d3dx10_33.dll
2011-02-20 13:53:18 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2011-02-20 13:53:17 ----A---- C:\Windows\system32\xactengine2_6.dll
2011-02-20 13:53:16 ----A---- C:\Windows\system32\xactengine2_5.dll
2011-02-20 13:53:16 ----A---- C:\Windows\system32\d3dx10.dll
2011-02-20 13:53:15 ----A---- C:\Windows\system32\xactengine2_4.dll
2011-02-20 13:53:15 ----A---- C:\Windows\system32\x3daudio1_1.dll
2011-02-20 13:53:15 ----A---- C:\Windows\system32\d3dx9_31.dll
2011-02-20 13:53:14 ----A---- C:\Windows\system32\xinput1_2.dll
2011-02-20 13:53:14 ----A---- C:\Windows\system32\xactengine2_3.dll
2011-02-20 13:53:14 ----A---- C:\Windows\system32\xactengine2_2.dll
2011-02-20 13:53:13 ----A---- C:\Windows\system32\xinput1_1.dll
2011-02-20 13:53:13 ----A---- C:\Windows\system32\xactengine2_1.dll
2011-02-20 13:52:55 ----A---- C:\Windows\system32\d3dx9_30.dll
2011-02-20 13:52:54 ----A---- C:\Windows\system32\xactengine2_0.dll
2011-02-20 13:52:54 ----A---- C:\Windows\system32\x3daudio1_0.dll
2011-02-20 13:52:53 ----A---- C:\Windows\system32\d3dx9_29.dll
2011-02-20 13:52:53 ----A---- C:\Windows\system32\d3dx9_28.dll
2011-02-20 13:52:53 ----A---- C:\Windows\system32\d3dx9_27.dll
2011-02-20 13:52:52 ----A---- C:\Windows\system32\d3dx9_26.dll
2011-02-20 13:52:51 ----A---- C:\Windows\system32\d3dx9_25.dll
2011-02-20 13:52:51 ----A---- C:\Windows\system32\d3dx9_24.dll
2011-02-20 01:31:24 ----A---- C:\Windows\system32\wbhelp2.dll
2011-02-20 01:31:24 ----A---- C:\Windows\system32\W95INF32.DLL
2011-02-20 01:31:24 ----A---- C:\Windows\system32\W95INF16.DLL
2011-02-20 01:31:24 ----A---- C:\Windows\system32\unicows.dll
2011-02-20 01:31:24 ----A---- C:\Windows\system32\gdiplus.dll
2011-02-20 01:31:24 ----A---- C:\Windows\system32\anim.dll
2011-02-20 01:31:23 ----D---- C:\Program Files\WinUtilities
2011-02-20 00:21:37 ----D---- C:\Users\Nikko\AppData\Roaming\ParetoLogic
2011-02-20 00:21:37 ----D---- C:\Users\Nikko\AppData\Roaming\DriverCure
2011-02-20 00:19:02 ----D---- C:\ProgramData\ParetoLogic
2011-02-19 19:42:37 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-19 19:42:37 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2011-02-19 19:33:00 ----D---- C:\Program Files\Microsoft
2011-02-19 19:32:58 ----D---- C:\Program Files\MSN Toolbar
2011-02-19 19:32:41 ----D---- C:\Program Files\Bing Bar Installer
2011-02-19 19:32:32 ----A---- C:\Windows\system32\XAudio2_5.dll
2011-02-19 19:32:32 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2011-02-19 19:32:32 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-02-19 19:32:19 ----A---- C:\Windows\system32\d3dx9_32.dll
2011-02-19 19:31:27 ----D---- C:\Program Files\Microsoft Silverlight
2011-02-19 19:29:25 ----D---- C:\Program Files\Common Files\Windows Live
2011-02-19 19:16:30 ----D---- C:\Users\Nikko\AppData\Roaming\GHISLER
2011-02-19 19:16:30 ----D---- C:\Program Files\Total Commander
2011-02-19 19:16:30 ----A---- C:\Windows\UC.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\RAR.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\PKZIP.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\PKUNZIP.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\NOCLOSE.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\LHA.PIF
2011-02-19 19:16:30 ----A---- C:\Windows\ARJ.PIF
2011-02-19 18:16:21 ----D---- C:\Program Files\Common Files\DESIGNER
2011-02-19 18:15:26 ----D---- C:\Program Files\Microsoft Synchronization Services
2011-02-19 18:14:47 ----D---- C:\Windows\PCHEALTH
2011-02-19 18:14:47 ----D---- C:\Program Files\Microsoft Sync Framework
2011-02-19 18:14:47 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2011-02-19 18:13:39 ----D---- C:\Program Files\Microsoft Visual Studio 8
2011-02-19 18:12:59 ----D---- C:\Program Files\Microsoft Analysis Services
2011-02-19 18:11:57 ----D---- C:\Program Files\Microsoft Office
2011-02-19 18:11:56 ----D---- C:\ProgramData\Microsoft Help
2011-02-19 18:11:35 ----RHD---- C:\MSOCache
2011-02-19 14:53:02 ----D---- C:\Program Files\SideShow Gadgets

======List of files/folders modified in the last 1 months======

2011-03-18 22:59:10 ----D---- C:\Windows\Temp
2011-03-18 22:58:09 ----RD---- C:\Program Files
2011-03-18 22:43:56 ----D---- C:\Windows\system32\config
2011-03-18 22:37:08 ----D---- C:\Windows\System32
2011-03-18 22:37:07 ----D---- C:\Windows\inf
2011-03-18 22:37:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-03-18 22:36:48 ----D---- C:\Users\Nikko\AppData\Roaming\uTorrent
2011-03-18 22:36:13 ----D---- C:\Windows\Prefetch
2011-03-18 22:33:20 ----D---- C:\Users\Nikko\AppData\Roaming\Skype
2011-03-18 22:32:14 ----D---- C:\Windows
2011-03-18 22:26:43 ----SHD---- C:\Windows\Installer
2011-03-18 22:26:09 ----HD---- C:\ProgramData
2011-03-18 22:15:58 ----D---- C:\Windows\debug
2011-03-18 22:10:00 ----D---- C:\Users\Nikko\AppData\Roaming\skypePM
2011-03-18 20:53:35 ----SHD---- C:\System Volume Information
2011-03-18 20:33:03 ----D---- C:\Users\Nikko\AppData\Roaming\Spyware Terminator
2011-03-18 20:27:53 ----D---- C:\Program Files\Spyware Terminator
2011-03-18 13:39:30 ----D---- C:\ProgramData\Spyware Terminator
2011-03-16 13:50:27 ----D---- C:\Windows\winsxs
2011-03-16 13:50:13 ----D---- C:\Windows\system32\catroot
2011-03-14 23:30:38 ----D---- C:\Windows\system32\catroot2
2011-03-11 10:52:10 ----D---- C:\Program Files\QIP 2010
2011-03-10 03:01:21 ----A---- C:\Windows\system32\MRT.exe
2011-03-08 23:55:17 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-08 21:54:09 ----RSD---- C:\Windows\assembly
2011-03-08 21:53:23 ----D---- C:\Windows\system32\drivers
2011-03-08 21:52:51 ----D---- C:\Windows\system32\LogFiles
2011-03-08 21:42:21 ----D---- C:\Windows\system32\DriverStore
2011-03-08 19:46:21 ----SHD---- C:\Boot
2011-03-05 16:41:47 ----D---- C:\Program Files\Internet Explorer
2011-03-05 16:41:14 ----D---- C:\Windows\system32\Tasks
2011-03-05 16:40:15 ----D---- C:\Program Files\Common Files
2011-03-03 20:45:50 ----SD---- C:\Users\Nikko\AppData\Roaming\Microsoft
2011-03-03 20:45:50 ----D---- C:\Users\Nikko\AppData\Roaming\Adobe
2011-02-28 00:55:31 ----D---- C:\Windows\system32\wdi
2011-02-20 16:19:34 ----D---- C:\Program Files\ATI
2011-02-20 16:19:21 ----SHD---- C:\$Recycle.Bin
2011-02-20 16:19:18 ----D---- C:\Program Files\ATI Technologies
2011-02-20 16:17:16 ----D---- C:\Program Files\Common Files\InstallShield
2011-02-20 15:57:55 ----SD---- C:\ProgramData\Microsoft
2011-02-20 15:54:26 ----D---- C:\Windows\SoftwareDistribution
2011-02-20 13:52:58 ----D---- C:\Windows\Microsoft.NET
2011-02-20 05:38:17 ----D---- C:\Windows\rescache
2011-02-20 05:30:24 ----D---- C:\Windows\Logs
2011-02-20 03:51:43 ----D---- C:\Windows\system32\drivers\UMDF
2011-02-20 00:51:54 ----D---- C:\Windows\Tasks
2011-02-19 19:33:18 ----D---- C:\Program Files\Common Files\microsoft shared
2011-02-19 18:16:38 ----RSD---- C:\Windows\Fonts
2011-02-19 18:16:29 ----D---- C:\Windows\system32\wbem
2011-02-19 18:16:06 ----D---- C:\Program Files\MSBuild
2011-02-19 18:15:26 ----D---- C:\Windows\ShellNew
2011-02-19 18:14:47 ----D---- C:\Program Files\Microsoft.NET
2011-02-19 18:13:11 ----A---- C:\Windows\win.ini
2011-02-19 18:13:10 ----D---- C:\Program Files\Common Files\System

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 Si3114r5;SiI-3114 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3114r5.sys [2008-04-29 210472]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-04-29 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-04-29 12200]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\Windows\system32\DRIVERS\Amfilter.sys [2006-12-16 8704]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-08 218688]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-02-17 142592]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2011-02-20 281760]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2011-02-20 25888]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-19 4172832]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-19 20992]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 Amps2prt;A4Tech PS/2 Port Mouse Driver; C:\Windows\system32\DRIVERS\Amps2prt.sys [2006-05-09 13824]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\Windows\system32\DRIVERS\Amusbprt.sys [2006-12-16 13824]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-27 7566848]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 39272]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2011-02-18 41984]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-26 176128]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-10-07 345376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 GS In-Game Service;GS In-Game Service; C:\Program Files\GameTracker\GSInGameService.exe [2010-11-09 1677096]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-03-09 66872]
R2 postgresql-8.4;PostgreSQL Server 8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w []
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-09-22 249136]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe [2011-02-17 496128]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-03-07 820520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1343400]

-----------------EOF-----------------

Dejte log z ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode, pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k nezadoucim kolizim s rezidentem antispyware

ComboFix 11-03-18.01 - Nikko 19.03.2011 0:13.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.2038 [GMT 1:00]
Spuštěný z: c:\users\Nikko\Downloads\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Nikko\AppData\Roaming\chrtmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-18 do 2011-03-18 )))))))))))))))))))))))))))))))
.
.
2011-03-18 23:19 . 2011-03-18 23:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-18 21:58 . 2011-03-18 21:59 -------- d-----w- c:\program files\trend micro
2011-03-18 21:58 . 2011-03-18 21:59 -------- d-----w- C:\rsit
2011-03-18 21:26 . 2011-03-18 21:26 -------- dc-h--w- c:\programdata\{C4C0E335-EDDF-46A0-A57D-F3802AE44275}
2011-03-18 21:24 . 2011-03-18 21:37 -------- d-----w- c:\program files\Uniblue
2011-03-18 21:12 . 2011-03-18 21:12 -------- d-----w- c:\programdata\Uniblue
2011-03-18 12:34 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92EB5705-0CEE-4EDA-BCD3-CAFBBB9351E8}\mpengine.dll
2011-03-16 12:50 . 2011-03-16 12:50 -------- d-----w- c:\windows\system32\Wat
2011-03-14 16:29 . 2011-03-14 16:29 -------- d-----w- c:\program files\iPod
2011-03-09 02:06 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 02:06 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 02:06 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 02:06 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 02:06 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 02:06 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 02:06 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 02:06 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 02:06 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 23:16 . 2011-03-08 23:16 -------- d-----w- c:\program files\GameTracker
2011-03-08 23:08 . 2011-03-08 23:08 -------- d-----w- c:\program files\GamePark
2011-03-08 20:53 . 2011-03-08 23:18 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-08 20:52 . 2011-03-08 23:18 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-08 20:52 . 2011-03-08 23:11 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-08 20:42 . 2011-03-08 20:42 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-08 20:41 . 2011-03-08 20:42 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2011-03-08 20:41 . 2011-03-08 20:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-03-08 20:41 . 2011-03-09 12:20 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-03-08 18:47 . 2011-03-08 18:47 -------- d-----w- c:\program files\CCleaner
2011-03-05 16:08 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-05 16:08 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-03-05 16:07 . 2011-03-14 16:30 -------- d-----w- c:\program files\iTunes
2011-03-05 15:44 . 2011-03-05 15:45 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-05 10:34 . 2011-03-18 23:00 -------- d-----w- c:\program files\TableNinja
2011-03-03 19:44 . 2011-03-03 19:45 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-03 13:36 . 2011-03-03 13:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-03 13:36 . 2011-03-03 13:36 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-03-02 18:12 . 2011-03-02 18:12 -------- d-----w- c:\program files\In The Money
2011-02-24 22:13 . 2011-02-25 14:23 -------- d-----w- C:\HMArchive
2011-02-24 18:38 . 2011-02-24 18:38 -------- d-----w- c:\windows\system32\Macromed
2011-02-24 13:38 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 14:14 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 14:14 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-20 15:17 . 2004-10-29 14:28 348160 ----a-w- c:\windows\system32\CapabilityTable.exe
2011-02-20 15:17 . 2011-02-20 15:17 -------- d-----w- c:\program files\Common Files\NVIDIA Shared
2011-02-20 15:17 . 2011-02-20 15:17 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-20 15:13 . 2005-01-11 23:32 309248 ----a-w- c:\windows\system32\idecoi.dll
2011-02-20 15:13 . 2005-01-11 23:32 138240 ----a-w- c:\windows\system32\drivers\nvatabus.sys
2011-02-20 15:13 . 2004-10-29 14:25 176128 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-02-20 15:05 . 2011-02-20 15:05 -------- d-----w- c:\program files\Lavalys
2011-02-20 12:52 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-02-20 00:31 . 2010-07-25 21:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-02-20 00:31 . 2010-07-25 21:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-02-20 00:31 . 2010-07-25 21:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-02-20 00:31 . 2010-07-25 21:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-02-20 00:31 . 2010-07-25 21:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-20 00:31 . 2010-07-25 21:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-02-20 00:31 . 2010-07-25 21:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-02-20 00:31 . 2011-03-18 21:53 -------- d-----w- c:\program files\WinUtilities
2011-02-19 23:19 . 2011-02-20 00:10 -------- d-----w- c:\programdata\ParetoLogic
2011-02-19 18:42 . 2011-03-05 16:08 -------- dc----w- c:\windows\system32\DRVSTORE
2011-02-19 18:42 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-19 18:33 . 2011-02-19 18:33 -------- d-----w- c:\program files\Microsoft
2011-02-19 18:32 . 2011-02-19 18:32 -------- d-----w- c:\program files\MSN Toolbar
2011-02-19 18:32 . 2011-02-19 18:33 -------- d-----w- c:\program files\Bing Bar Installer
2011-02-19 18:32 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-19 18:32 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-19 18:32 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-19 18:32 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-02-19 18:31 . 2011-02-19 23:03 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-19 18:29 . 2011-02-19 18:29 -------- d-----w- c:\program files\Common Files\Windows Live
2011-02-19 18:16 . 2011-02-19 18:16 -------- d-----w- c:\program files\Total Commander
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-02-19 17:15 . 2011-02-19 17:15 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-02-19 17:14 . 2011-02-19 18:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-02-19 17:14 . 2011-02-19 17:14 -------- d-----w- c:\windows\PCHEALTH
2011-02-19 17:14 . 2011-02-19 17:14 -------- d-----w- c:\program files\Microsoft Sync Framework
2011-02-19 17:13 . 2011-02-19 17:13 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-02-19 17:12 . 2011-02-19 17:12 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-02-19 17:11 . 2011-03-10 02:00 -------- d-----w- c:\programdata\Microsoft Help
2011-02-19 17:11 . 2011-02-19 17:11 -------- d-----r- C:\MSOCache
2011-02-19 13:53 . 2011-02-19 13:53 -------- d-----w- c:\program files\SideShow Gadgets
2011-02-18 18:04 . 2011-02-18 18:03 737280 ----a-w- c:\windows\iun6002.exe
2011-02-18 18:04 . 2011-02-18 18:04 -------- d-----w- c:\program files\Codec Pack - All In 1
2011-02-18 18:04 . 2011-02-18 18:04 -------- d-----w- c:\windows\system32\languages
2011-02-18 17:57 . 2011-02-18 17:57 -------- d-----w- c:\program files\uTorrent
2011-02-18 15:36 . 2011-02-18 15:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 12:50 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-02-17 21:28 . 2011-02-17 21:28 -------- d-----w- c:\program files\Realtek AC97
2011-02-17 21:28 . 2009-04-14 14:43 10975264 ----a-w- c:\windows\system32\RTLCPL.EXE
2011-02-17 21:28 . 2009-06-19 02:45 4172832 ----a-w- c:\windows\system32\drivers\RTKVAC.SYS
2011-02-17 21:28 . 2009-04-14 14:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE
2011-02-17 21:28 . 2009-04-14 14:43 154144 ----a-w- c:\windows\system32\RTLCPAPI.dll
2011-02-17 21:28 . 2009-04-14 14:43 19036704 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2011-02-17 21:28 . 2009-04-14 14:43 965664 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-02-17 21:28 . 2009-04-14 14:43 141856 ----a-w- c:\windows\system32\RtkCfg.dll
2011-02-17 21:28 . 2009-04-14 14:43 2510368 ----a-w- c:\windows\system32\RtkAPO.dll
2011-02-17 21:28 . 2009-04-14 14:42 223776 ----a-w- c:\windows\alcrmv.exe
2011-02-17 21:28 . 2006-07-31 10:19 315392 ----a-w- c:\windows\alcupd.exe
2011-02-17 21:28 . 2011-02-17 21:28 319488 ----a-w- c:\windows\HideWin.exe
2011-02-17 20:45 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-17 20:44 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-02-17 20:44 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-02-17 20:44 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-02-17 20:44 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-02-17 20:44 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-02-17 20:25 . 2011-02-17 20:25 -------- d-----w- c:\program files\Realtek
2011-02-17 20:25 . 2011-02-17 20:49 -------- d--h--w- c:\program files\Temp
2011-02-17 20:25 . 2011-01-24 12:29 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-02-17 20:25 . 2011-02-20 15:17 -------- d-----w- c:\program files\Common Files\InstallShield
2011-02-17 20:25 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-17 20:23 . 2011-03-17 20:11 -------- d-----w- c:\users\postgres
2011-02-17 20:21 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-17 20:20 . 2011-02-17 20:20 -------- d-----w- c:\program files\PostgreSQL
2011-02-17 20:17 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-02-17 20:16 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2011-02-17 20:16 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-02-17 20:16 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2011-02-17 20:16 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 20:11 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-01-26 23:36 . 2011-01-26 23:36 7566848 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:00 . 2011-01-26 23:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2011-01-26 23:00 596480 ----a-w- c:\windows\system32\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59 17204736 ----a-w- c:\windows\system32\atioglxx.dll
2011-01-26 22:56 . 2011-01-26 22:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55 . 2011-01-26 22:55 393216 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-01-26 22:49 . 2009-07-13 22:09 4105728 ----a-w- c:\windows\system32\atidxx32.dll
2011-01-26 22:32 . 2011-01-26 22:32 1912832 ----a-w- c:\windows\system32\atiumdmv.dll
2011-01-26 22:28 . 2009-08-18 01:20 4170752 ----a-w- c:\windows\system32\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-01-26 22:25 . 2011-01-26 22:25 5580800 ----a-w- c:\windows\system32\aticaldd.dll
2011-01-26 22:24 . 2009-08-18 01:05 3463680 ----a-w- c:\windows\system32\atiumdva.dll
2011-01-26 22:20 . 2011-01-26 22:20 52736 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2011-01-26 22:14 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 238592 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 . 2011-01-26 22:12 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2011-01-26 22:12 . 2011-01-26 22:12 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\system32\amdpcom32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2011-02-17 3318784]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Google Update"="c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-17 136176]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Mikogo"="c:\users\Nikko\AppData\Roaming\Mikogo\Mikogo-Host.exe" [2011-02-17 2748416]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"UniblueSpeedUpMyPC"="c:\program files\Uniblue\SpeedUpMyPC\Launcher.exe" [2009-04-29 614696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-02-17 2216960]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2006-12-26 196608]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
"QIP 2010"="c:\program files\QIP 2010\qip.exe" [2011-03-09 5973888]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 131072]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\DRIVERS\Amps2prt.sys [2006-05-09 13824]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-08 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-02-17 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
S2 GS In-Game Service;GS In-Game Service;c:\program files\GameTracker\GSInGameService.exe [2010-11-09 1677096]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001Core.job
- c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-17 18:52]
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001UA.job
- c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-17 18:52]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-19 00:22:37
ComboFix-quarantined-files.txt 2011-03-18 23:22
.
Před spuštěním: 7 722 774 528
Po spuštění: 7 655 862 272
.
- - End Of File - - B792D1FC5D350156F4DD9E53604693D1

1 položka byla smazány, zbytek logu vypadá čistý. Nastala nějaká změna?

Jo je to o dost lepší Díky moc

Nemáte zač!

Aha... tak jsem opět na tom na čem jsem byl... navíc když scrolluju třeba v nějakem programu (třeba WMP) tak hazí neodpovida na pul sekundy a taky se na pul sekundy zasekne.. nevím vubec jak to mám popsat tak snad pochopi ten kdo bude čist

Zkuste obnovu systému k datu, kdy korektně fungoval.

hmm.. obnovu systemu asi neudělam protože tam tam nemam žadne body obnovy... netušil jsem že to mám vyple nebo co.. ale spustil jsem znova combofix a našel něco noveho :/


ComboFix 11-03-18.05 - Nikko 19.03.2011 19:03:54.3.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.2217 [GMT 1:00]
Spuštěný z: c:\users\Nikko\Downloads\ComboFix.exe
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\System32\PrintBrmUi.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-19 do 2011-03-19 )))))))))))))))))))))))))))))))
.
.
2011-03-19 18:18 . 2011-03-19 18:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-19 13:12 . 2011-03-19 13:12 -------- d-----w- c:\program files\Common Files\Java
2011-03-19 13:12 . 2011-03-19 13:12 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-19 13:12 . 2011-03-19 13:12 -------- d-----w- c:\program files\Java
2011-03-19 13:11 . 2011-03-19 13:11 -------- d-----w- c:\programdata\McAfee
2011-03-18 21:58 . 2011-03-18 21:59 -------- d-----w- c:\program files\trend micro
2011-03-18 21:58 . 2011-03-18 21:59 -------- d-----w- C:\rsit
2011-03-18 21:24 . 2011-03-18 21:37 -------- d-----w- c:\program files\Uniblue
2011-03-18 21:12 . 2011-03-18 21:12 -------- d-----w- c:\programdata\Uniblue
2011-03-18 12:34 . 2011-02-11 06:54 5943120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92EB5705-0CEE-4EDA-BCD3-CAFBBB9351E8}\mpengine.dll
2011-03-16 12:50 . 2011-03-16 12:50 -------- d-----w- c:\windows\system32\Wat
2011-03-14 16:29 . 2011-03-14 16:29 -------- d-----w- c:\program files\iPod
2011-03-09 02:06 . 2011-02-19 05:33 802304 ----a-w- c:\windows\system32\FntCache.dll
2011-03-09 02:06 . 2011-02-19 05:32 1074176 ----a-w- c:\windows\system32\DWrite.dll
2011-03-09 02:06 . 2011-02-19 05:32 739840 ----a-w- c:\windows\system32\d2d1.dll
2011-03-09 02:06 . 2010-12-23 05:28 642048 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-09 02:06 . 2010-12-23 05:28 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-03-09 02:06 . 2010-12-23 05:28 850432 ----a-w- c:\windows\system32\sbe.dll
2011-03-09 02:06 . 2010-12-23 05:24 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-09 02:06 . 2010-12-18 05:30 2690560 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 02:06 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\system32\mstsc.exe
2011-03-08 20:53 . 2011-03-08 23:18 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-03-08 20:52 . 2011-03-08 23:18 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-03-08 20:52 . 2011-03-08 23:11 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-03-08 20:42 . 2011-03-08 20:42 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-08 20:41 . 2011-03-08 20:42 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-03-08 20:41 . 2011-03-09 12:20 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-03-08 18:47 . 2011-03-08 18:47 -------- d-----w- c:\program files\CCleaner
2011-03-05 16:08 . 2009-05-18 12:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-03-05 16:08 . 2008-04-17 11:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-03-05 16:07 . 2011-03-14 16:30 -------- d-----w- c:\program files\iTunes
2011-03-05 15:44 . 2011-03-05 15:45 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2011-03-05 10:34 . 2011-03-18 23:00 -------- d-----w- c:\program files\TableNinja
2011-03-03 19:44 . 2011-03-03 19:45 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-03 13:36 . 2011-03-03 13:36 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2011-03-03 13:36 . 2011-03-03 13:36 484160 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-03-02 18:12 . 2011-03-02 18:12 -------- d-----w- c:\program files\In The Money
2011-02-24 22:13 . 2011-02-25 14:23 -------- d-----w- C:\HMArchive
2011-02-24 18:38 . 2011-02-24 18:38 -------- d-----w- c:\windows\system32\Macromed
2011-02-24 13:38 . 2010-09-14 06:07 276992 ----a-w- c:\windows\system32\wcncsvc.dll
2011-02-23 14:14 . 2011-01-07 07:31 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2011-02-23 14:14 . 2011-01-07 07:31 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-20 15:17 . 2004-10-29 14:28 348160 ----a-w- c:\windows\system32\CapabilityTable.exe
2011-02-20 15:17 . 2011-02-20 15:17 -------- d-----w- c:\program files\Common Files\NVIDIA Shared
2011-02-20 15:17 . 2011-02-20 15:17 -------- d-----w- c:\program files\NVIDIA Corporation
2011-02-20 15:13 . 2005-01-11 23:32 309248 ----a-w- c:\windows\system32\idecoi.dll
2011-02-20 15:13 . 2005-01-11 23:32 138240 ----a-w- c:\windows\system32\drivers\nvatabus.sys
2011-02-20 15:13 . 2004-10-29 14:25 176128 ----a-w- c:\windows\system32\NVUNINST.EXE
2011-02-20 15:05 . 2011-02-20 15:05 -------- d-----w- c:\program files\Lavalys
2011-02-20 12:52 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-02-20 00:31 . 2010-07-25 21:23 56496 ----a-w- c:\windows\system32\wbhelp2.dll
2011-02-20 00:31 . 2010-07-25 21:23 544768 ----a-w- c:\windows\system32\wbocx.ocx
2011-02-20 00:31 . 2010-07-25 21:23 33968 ----a-w- c:\windows\system32\anim.dll
2011-02-20 00:31 . 2010-07-25 21:23 258352 ----a-w- c:\windows\system32\unicows.dll
2011-02-20 00:31 . 2010-07-25 21:23 1706800 ----a-w- c:\windows\system32\gdiplus.dll
2011-02-20 00:31 . 2010-07-25 21:23 4608 ----a-w- c:\windows\system32\W95INF32.DLL
2011-02-20 00:31 . 2010-07-25 21:23 2272 ----a-w- c:\windows\system32\W95INF16.DLL
2011-02-20 00:31 . 2011-03-19 17:34 -------- d-----w- c:\program files\WinUtilities
2011-02-19 23:19 . 2011-02-20 00:10 -------- d-----w- c:\programdata\ParetoLogic
2011-02-19 18:42 . 2011-03-05 16:08 -------- dc----w- c:\windows\system32\DRVSTORE
2011-02-19 18:42 . 2010-09-22 23:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2011-02-19 18:33 . 2011-02-19 18:33 -------- d-----w- c:\program files\Microsoft
2011-02-19 18:32 . 2011-02-19 18:32 -------- d-----w- c:\program files\MSN Toolbar
2011-02-19 18:32 . 2011-02-19 18:33 -------- d-----w- c:\program files\Bing Bar Installer
2011-02-19 18:32 . 2009-09-04 16:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-02-19 18:32 . 2009-09-04 16:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-02-19 18:32 . 2009-09-04 16:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-02-19 18:32 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-02-19 18:31 . 2011-02-19 23:03 -------- d-----w- c:\program files\Microsoft Silverlight
2011-02-19 18:29 . 2011-02-19 18:29 -------- d-----w- c:\program files\Common Files\Windows Live
2011-02-19 18:16 . 2011-02-19 18:16 -------- d-----w- c:\program files\Total Commander
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\UC.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\RAR.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKZIP.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\PKUNZIP.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\NOCLOSE.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\LHA.PIF
2011-02-19 18:16 . 2010-12-17 06:56 545 ----a-w- c:\windows\ARJ.PIF
2011-02-19 17:15 . 2011-02-19 17:15 -------- d-----w- c:\program files\Microsoft Synchronization Services
2011-02-19 17:14 . 2011-02-19 18:47 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2011-02-19 17:14 . 2011-02-19 17:14 -------- d-----w- c:\windows\PCHEALTH
2011-02-19 17:14 . 2011-02-19 17:14 -------- d-----w- c:\program files\Microsoft Sync Framework
2011-02-19 17:13 . 2011-02-19 17:13 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-02-19 17:12 . 2011-02-19 17:12 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-02-19 17:11 . 2011-03-10 02:00 -------- d-----w- c:\programdata\Microsoft Help
2011-02-19 17:11 . 2011-02-19 17:11 -------- d-----r- C:\MSOCache
2011-02-18 18:04 . 2011-02-18 18:03 737280 ----a-w- c:\windows\iun6002.exe
2011-02-18 18:04 . 2011-02-18 18:04 -------- d-----w- c:\program files\Codec Pack - All In 1
2011-02-18 18:04 . 2011-02-18 18:04 -------- d-----w- c:\windows\system32\languages
2011-02-18 17:57 . 2011-02-18 17:57 -------- d-----w- c:\program files\uTorrent
2011-02-18 15:36 . 2011-02-18 15:36 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-18 15:36 . 2011-02-18 15:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-18 12:50 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys
2011-02-17 21:28 . 2011-02-17 21:28 -------- d-----w- c:\program files\Realtek AC97
2011-02-17 21:28 . 2009-04-14 14:43 10975264 ----a-w- c:\windows\system32\RTLCPL.EXE
2011-02-17 21:28 . 2009-06-19 02:45 4172832 ----a-w- c:\windows\system32\drivers\RTKVAC.SYS
2011-02-17 21:28 . 2009-04-14 14:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE
2011-02-17 21:28 . 2009-04-14 14:43 154144 ----a-w- c:\windows\system32\RTLCPAPI.dll
2011-02-17 21:28 . 2009-04-14 14:43 19036704 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2011-02-17 21:28 . 2009-04-14 14:43 965664 ----a-w- c:\windows\system32\RtkPgExt.dll
2011-02-17 21:28 . 2009-04-14 14:43 141856 ----a-w- c:\windows\system32\RtkCfg.dll
2011-02-17 21:28 . 2009-04-14 14:43 2510368 ----a-w- c:\windows\system32\RtkAPO.dll
2011-02-17 21:28 . 2009-04-14 14:42 223776 ----a-w- c:\windows\alcrmv.exe
2011-02-17 21:28 . 2006-07-31 10:19 315392 ----a-w- c:\windows\alcupd.exe
2011-02-17 21:28 . 2011-02-17 21:28 319488 ----a-w- c:\windows\HideWin.exe
2011-02-17 20:45 . 2009-09-10 05:52 257024 ----a-w- c:\windows\system32\msv1_0.dll
2011-02-17 20:44 . 2009-11-25 11:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-02-17 20:44 . 2009-11-25 11:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-02-17 20:44 . 2009-11-25 11:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-02-17 20:44 . 2009-11-25 11:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-02-17 20:44 . 2009-11-25 11:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-02-17 20:25 . 2011-02-17 20:25 -------- d-----w- c:\program files\Realtek
2011-02-17 20:25 . 2011-02-17 20:49 -------- d--h--w- c:\program files\Temp
2011-02-17 20:25 . 2011-01-24 12:29 1284712 ----a-w- c:\windows\RtlExUpd.dll
2011-02-17 20:25 . 2011-02-20 15:17 -------- d-----w- c:\program files\Common Files\InstallShield
2011-02-17 20:25 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2011-02-17 20:23 . 2011-03-19 17:29 -------- d-----w- c:\users\postgres
2011-02-17 20:21 . 2010-03-04 03:57 190976 ----a-w- c:\windows\system32\drivers\ks.sys
2011-02-17 20:20 . 2011-02-17 20:20 -------- d-----w- c:\program files\PostgreSQL
2011-02-17 20:17 . 2010-10-16 04:34 573440 ----a-w- c:\windows\system32\odbc32.dll
2011-02-17 20:16 . 2010-08-21 05:33 530432 ----a-w- c:\windows\system32\comctl32.dll
2011-02-17 20:16 . 2010-07-13 05:22 26504 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-02-17 20:16 . 2009-12-08 11:32 292864 ----a-w- c:\windows\system32\apphelp.dll
2011-02-17 20:16 . 2010-08-21 05:32 316928 ----a-w- c:\windows\system32\spoolsv.exe
2011-02-17 20:16 . 2010-10-27 04:32 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 20:11 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-01-26 23:36 . 2011-01-26 23:36 7566848 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-01-26 23:00 . 2011-01-26 23:00 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2011-01-26 23:00 . 2011-01-26 23:00 596480 ----a-w- c:\windows\system32\aticfx32.dll
2011-01-26 22:59 . 2011-01-26 22:59 17204736 ----a-w- c:\windows\system32\atioglxx.dll
2011-01-26 22:56 . 2011-01-26 22:56 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-01-26 22:55 . 2011-01-26 22:55 393216 ----a-w- c:\windows\system32\atieclxx.exe
2011-01-26 22:55 . 2011-01-26 22:55 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-01-26 22:54 . 2011-01-26 22:54 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-01-26 22:53 . 2011-01-26 22:53 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-01-26 22:53 . 2011-01-26 22:53 15872 ----a-w- c:\windows\system32\atimuixx.dll
2011-01-26 22:53 . 2011-01-26 22:53 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-01-26 22:49 . 2009-07-13 22:09 4105728 ----a-w- c:\windows\system32\atidxx32.dll
2011-01-26 22:32 . 2011-01-26 22:32 1912832 ----a-w- c:\windows\system32\atiumdmv.dll
2011-01-26 22:28 . 2009-08-18 01:20 4170752 ----a-w- c:\windows\system32\atiumdag.dll
2011-01-26 22:27 . 2011-01-26 22:27 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-01-26 22:27 . 2011-01-26 22:27 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-01-26 22:25 . 2011-01-26 22:25 5580800 ----a-w- c:\windows\system32\aticaldd.dll
2011-01-26 22:24 . 2009-08-18 01:05 3463680 ----a-w- c:\windows\system32\atiumdva.dll
2011-01-26 22:20 . 2011-01-26 22:20 52736 ----a-w- c:\windows\system32\coinst.dll
2011-01-26 22:14 . 2011-01-26 22:14 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-01-26 22:13 . 2011-01-26 22:13 238592 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-01-26 22:12 . 2011-01-26 22:12 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2011-01-26 22:12 . 2011-01-26 22:12 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2011-01-26 22:11 . 2011-01-26 22:11 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\system32\atimpc32.dll
2011-01-26 22:08 . 2011-01-26 22:08 52736 ----a-w- c:\windows\system32\amdpcom32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-01-26 15026056]
"Google Update"="c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe" [2011-02-17 136176]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"Mikogo"="c:\users\Nikko\AppData\Roaming\Mikogo\Mikogo-Host.exe" [2011-02-17 2748416]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-05-04 311296]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-08-12 2215064]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"QIP 2010"="c:\program files\QIP 2010\qip.exe" [2011-03-09 5973888]
"NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-10-07 131072]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2006-12-26 196608]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-11-15 20:02 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-01-21 16:22 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]
2011-02-17 18:47 2216960 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorShield.Exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdate]
2011-02-17 18:47 3318784 ----a-w- c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 amdiox86;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox86.sys [x]
R3 Amps2prt;A4Tech PS/2 Port Mouse Driver;c:\windows\system32\DRIVERS\Amps2prt.sys [2006-05-09 13824]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-16 1343400]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-03-08 218688]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-02-17 142592]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-01-26 176128]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
S2 postgresql-8.4;PostgreSQL Server 8.4;C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N postgresql-8.4 -D C:/Program Files/PostgreSQL/8.4/data -w [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-01-26 7566848]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-01-26 238592]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
S3 yukonw7;Ovladač NDIS6.2 Miniport pro řadič Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-03-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001Core.job
- c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-17 18:52]
.
2011-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2470539108-3690302615-3584564314-1001UA.job
- c:\users\Nikko\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-17 18:52]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\postgresql-8.4]
"ImagePath"="C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N \"postgresql-8.4\" -D \"C:/Program Files/PostgreSQL/8.4/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2011-03-19 19:21:00
ComboFix-quarantined-files.txt 2011-03-19 18:20
ComboFix2.txt 2011-03-19 13:45
ComboFix3.txt 2011-03-18 23:22
.
Před spuštěním: 7 248 314 368
Po spuštění: 7 198 482 432
.
- - End Of File - - 0FAB013FA10CB7B080F6C1DDBD3025C3

Otestujte soubor online na www.virustotal.com . Výsledek oznamte. Jinak v logu nevidím nic nebezpečného.

Soubor je naprosto čistý. Je to soubor systémový a jedná se o nástroj migrace tiskárny. Co jste instaloval těsně před tím, než se problém objevil?

Uniblue Power Suite myslím...

Takže teďka už se nedostanu ani do Winu... Naskočí černá obrazovka a blikající podtržítko a to je vše... Asi jsem donucen reinstalovat Win že? Nejde ani spustit v nouzovém režimu protože i když mačkam F8 tak se nic neděje

Možná bude stačit oprava z instal. média.