VIRY.CZ

Prosím o kontrolu logu RSIT. Mám podezření, že je něco špatně. Děkuji.


Logfile of random's system information tool 1.06 (written by random/random)
Run by Bc. Jaroslav Kosmák at 2011-03-27 11:57:42
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 16 GB (17%) free of 94 GB
Total RAM: 2047 MB (60% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2007-04-25 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33}]
VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2006-04-26 1707264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~1\FlashGet\fgiebar.dll [2005-06-07 86016]
{55FAF0F2-44D4-425F-B5F5-6B275B621EAB}
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2007-04-25 491520]
{4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - VMN Toolbar - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL [2006-04-26 1707264]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"=C:\WINDOWS\htpatch.exe [2002-10-30 28672]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2003-01-07 46592]
"OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2010-09-22 2839888]
"ooccctrl.exe"=C:\Program Files\OO Software\CleverCache\ooccctrl.exe [2007-01-28 1911568]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]
"itype"=c:\Program Files\Microsoft IntelliType Pro\itype.exe [2009-11-11 1505144]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
[]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
BTTray.lnk - C:\Program Files\MSI\BToes Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2008-06-03 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2009-10-02 128360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=03FEFF03
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoResolveSearch"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\UBISOFT\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\UBISOFT\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\WINDOWS\system32\muzapp.exe"="C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player"
"C:\Program Files\SAMSUNG\AllShare\AllShareSlideShowService.exe"="C:\Program Files\SAMSUNG\AllShare\AllShareSlideShowService.exe:*:Enabled:SimpleSlideShowServer"
"C:\Program Files\SAMSUNG\AllShare\AllShare.exe"="C:\Program Files\SAMSUNG\AllShare\AllShare.exe:*:Enabled:SamsungAllSharePCSW"
"C:\Program Files\SAMSUNG\AllShare\AllShareAgent.exe"="C:\Program Files\SAMSUNG\AllShare\AllShareAgent.exe:*:Enabled:SamsungAllShareAgent"
"C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe:*:Enabled:SamsungAllShareServer"
"C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe"="C:\Program Files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe:*:Enabled:SamsungAllShareHttpServer"
"C:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe"="C:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe:*:Enabled:Two Worlds"
"C:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe"="C:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe:*:Enabled:Two Worlds"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2011-03-27 11:57:41 ----D---- C:\rsit
2011-03-26 04:02:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2524375$
2011-03-24 00:48:55 ----D---- C:\Program Files\Yamicsoft
2011-03-23 18:06:40 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-03-23 16:27:36 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-03-23 16:27:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-03-23 16:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-03-23 16:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2011-03-23 16:25:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-03-23 16:25:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-03-23 16:24:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2259922$
2011-03-23 16:24:34 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-03-23 16:24:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-03-23 16:23:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-03-23 16:23:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2485376$
2011-03-23 16:22:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-03-23 16:21:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-03-23 16:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2011-03-23 16:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-03-23 16:19:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-03-23 16:18:43 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-03-23 16:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2479628$
2011-03-23 16:17:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-03-23 16:16:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-03-23 16:16:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-03-23 16:15:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-03-23 16:15:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-03-23 16:15:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2121546$
2011-03-23 16:13:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-03-23 16:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-03-23 16:12:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2476687$
2011-03-23 16:11:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-03-23 16:11:24 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-03-23 16:09:27 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-03-23 16:08:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2482017$
2011-03-23 16:07:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2141007$
2011-03-23 16:07:20 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-03-23 16:07:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-03-23 16:06:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-03-23 16:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-03-23 16:05:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-03-23 12:35:09 ----D---- C:\WINDOWS\Prefetch
2011-03-23 12:30:22 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2011-03-23 12:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-03-23 12:27:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-03-23 12:07:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-03-23 11:14:52 ----A---- C:\WINDOWS\003102_.tmp
2011-03-23 09:51:01 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$
2011-03-23 09:45:58 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-03-23 09:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-03-23 09:45:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-03-23 09:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-03-23 09:44:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-03-23 09:44:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-03-23 09:44:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-03-23 09:43:46 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-03-23 09:43:27 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2011-03-23 09:43:05 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-03-23 09:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2011-03-23 09:42:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-03-23 09:42:06 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-03-23 09:41:49 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-03-23 09:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$
2011-03-23 09:41:13 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-03-23 09:40:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-03-23 09:40:37 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-03-23 09:40:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-03-23 09:40:01 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-03-23 09:39:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-03-23 09:39:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-03-23 09:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-03-23 09:38:37 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-03-23 09:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-03-23 09:37:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-03-23 09:37:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-03-23 09:37:11 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-03-23 09:36:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2011-03-23 09:36:25 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-03-23 09:36:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-03-23 09:35:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-03-23 09:35:16 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-03-23 09:34:58 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-03-23 09:34:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-03-23 09:34:12 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2011-03-23 09:33:53 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-03-23 09:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-03-23 09:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-03-23 09:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-03-23 09:32:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2011-03-23 09:32:17 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-03-23 09:31:55 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-03-23 09:31:35 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-03-23 09:30:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-03-23 09:30:33 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2011-03-23 09:29:54 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-03-23 09:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-03-23 09:28:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-03-23 09:27:38 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-03-23 09:27:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-03-23 09:26:42 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-03-23 09:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-03-23 09:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-03-23 09:25:15 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2011-03-23 09:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2011-03-23 09:24:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-03-23 09:24:09 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-03-23 09:09:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-03-23 09:09:07 ----HDC---- C:\WINDOWS\$NtUninstallKB885884$
2011-03-23 09:08:31 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-03-23 09:08:04 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2011-03-23 09:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-03-23 09:06:45 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-03-23 09:05:41 ----A---- C:\WINDOWS\system32\SET67.tmp
2011-03-23 09:05:40 ----A---- C:\WINDOWS\system32\SET66.tmp
2011-03-23 09:04:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2011-03-23 08:59:41 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2011-03-23 08:46:46 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2011-03-22 23:35:39 ----A---- C:\WINDOWS\_delis43.ini
2011-03-22 23:34:32 ----D---- C:\Program Files\Realtek Sound Manager
2011-03-22 23:34:29 ----N---- C:\WINDOWS\avrack.ini
2011-03-22 23:34:29 ----D---- C:\Program Files\AvRack
2011-03-22 23:34:20 ----N---- C:\WINDOWS\alcupd.exe
2011-03-22 23:34:20 ----N---- C:\WINDOWS\alcrmv.exe
2011-03-22 23:25:11 ----A---- C:\shell.txt
2011-03-22 20:48:47 ----A---- C:\AUTOEXEC.BAT
2011-03-22 20:47:04 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2011-03-22 20:46:47 ----HD---- C:\Program Files\WindowsUpdate
2011-03-22 20:45:19 ----D---- C:\Program Files\ComPlus Applications
2011-03-22 20:25:22 ----A---- C:\WINDOWS\pnplog.txt
2011-03-22 20:16:29 ----A---- C:\WINDOWS\system32\spxcoins.dll
2011-03-22 20:16:29 ----A---- C:\WINDOWS\system32\irclass.dll
2011-03-22 20:16:09 ----RA---- C:\WINDOWS\SET12A.tmp
2011-03-22 20:16:06 ----RA---- C:\WINDOWS\SET11E.tmp
2011-03-22 20:16:04 ----RA---- C:\WINDOWS\SET11B.tmp
2011-03-19 23:02:25 ----D---- C:\Program Files\APO Usb Autorun
2011-03-19 22:30:03 ----D---- C:\Program Files\PHD
2011-03-19 22:29:54 ----A---- C:\WINDOWS\UnstPHD.exe
2011-03-19 20:59:32 ----SH---- C:\boot.ini
2011-03-15 01:55:54 ----D---- C:\Program Files\Inside Operations
2011-03-15 01:55:54 ----D---- C:\Documents and Settings\Bc. Jaroslav Kosmák\Data aplikací\TwoWorldsCP
2011-03-03 16:41:50 ----A---- C:\WINDOWS\WTRAN32.INI

======List of files/folders modified in the last 1 months======

2011-03-27 11:58:06 ----D---- C:\WINDOWS\Temp
2011-03-27 11:58:05 ----D---- C:\Program Files\trend micro
2011-03-27 00:25:46 ----D---- C:\Program Files\CCleaner
2011-03-27 00:19:16 ----D---- C:\WINDOWS\system32\drivers
2011-03-27 00:05:45 ----SD---- C:\WINDOWS\Tasks
2011-03-27 00:01:06 ----D---- C:\WINDOWS\system32\CatRoot2
2011-03-26 23:50:07 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-03-26 21:01:47 ----D---- C:\Program Files\Mozilla Firefox
2011-03-26 15:19:43 ----D---- C:\Program Files\Bonjour
2011-03-26 11:55:24 ----HD---- C:\WINDOWS\inf
2011-03-26 11:54:45 ----D---- C:\WINDOWS
2011-03-26 04:00:54 ----HD---- C:\WINDOWS\$hf_mig$
2011-03-26 02:00:00 ----D---- C:\WINDOWS\system32\Filt
2011-03-24 01:20:18 ----A---- C:\WINDOWS\win.ini
2011-03-24 01:20:18 ----A---- C:\WINDOWS\system.ini
2011-03-24 01:14:20 ----SHD---- C:\System Volume Information
2011-03-24 01:14:20 ----D---- C:\WINDOWS\system32\Restore
2011-03-24 01:07:01 ----D---- C:\WINDOWS\pss
2011-03-24 01:00:33 ----A---- C:\WINDOWS\ntbtlog.txt
2011-03-24 00:49:06 ----SHD---- C:\WINDOWS\Installer
2011-03-24 00:49:06 ----D---- C:\Config.Msi
2011-03-24 00:48:55 ----RD---- C:\Program Files
2011-03-24 00:19:50 ----D---- C:\WINDOWS\system32
2011-03-23 19:40:51 ----D---- C:\Program Files\Common Files\Ahead
2011-03-23 18:06:51 ----A---- C:\WINDOWS\imsins.BAK
2011-03-23 18:06:44 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-03-23 17:38:34 ----D---- C:\WINDOWS\system32\wbem
2011-03-23 17:36:11 ----RSD---- C:\WINDOWS\assembly
2011-03-23 17:36:00 ----D---- C:\WINDOWS\AppPatch
2011-03-23 16:28:15 ----D---- C:\WINDOWS\system32\CatRoot
2011-03-23 16:27:38 ----D---- C:\Program Files\Messenger
2011-03-23 16:10:26 ----D---- C:\Program Files\Outlook Express
2011-03-23 16:09:30 ----D---- C:\Program Files\Movie Maker
2011-03-23 15:26:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-03-23 12:35:38 ----A---- C:\WINDOWS\setuplog.txt
2011-03-23 12:34:18 ----D---- C:\WINDOWS\system32\Setup
2011-03-23 12:34:16 ----RSD---- C:\WINDOWS\Fonts
2011-03-23 12:25:01 ----D---- C:\WINDOWS\security
2011-03-23 12:22:34 ----D---- C:\WINDOWS\ime
2011-03-23 12:22:34 ----D---- C:\WINDOWS\Help
2011-03-23 12:21:58 ----D---- C:\WINDOWS\PeerNet
2011-03-23 12:21:58 ----D---- C:\Program Files\Internet Explorer
2011-03-23 12:18:04 ----D---- C:\WINDOWS\system32\npp
2011-03-23 12:18:01 ----D---- C:\WINDOWS\msagent
2011-03-23 12:17:59 ----D---- C:\WINDOWS\srchasst
2011-03-23 12:17:58 ----D---- C:\Program Files\NetMeeting
2011-03-23 12:17:55 ----D---- C:\WINDOWS\system32\Com
2011-03-23 12:17:51 ----D---- C:\Program Files\Windows Media Player
2011-03-23 12:17:49 ----D---- C:\Program Files\Windows NT
2011-03-23 12:17:43 ----D---- C:\Program Files\Common Files\System
2011-03-23 12:17:12 ----D---- C:\WINDOWS\system32\oobe
2011-03-23 12:17:11 ----D---- C:\WINDOWS\system32\usmt
2011-03-23 12:17:10 ----D---- C:\WINDOWS\system
2011-03-23 12:12:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-03-23 12:07:09 ----D---- C:\WINDOWS\EHome
2011-03-23 11:13:05 ----D---- C:\WINDOWS\SoftwareDistribution
2011-03-23 08:39:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-03-22 23:34:20 ----HD---- C:\Program Files\InstallShield Installation Information
2011-03-22 21:10:23 ----D---- C:\WINDOWS\Registration
2011-03-22 21:08:38 ----D---- C:\WINDOWS\Media
2011-03-22 21:06:41 ----D---- C:\WINDOWS\system32\config
2011-03-22 21:05:27 ----D---- C:\WINDOWS\system32\1029
2011-03-22 21:05:12 ----D---- C:\WINDOWS\twain_32
2011-03-22 21:04:18 ----D---- C:\WINDOWS\system32\icsxml
2011-03-22 21:03:43 ----D---- C:\WINDOWS\system32\1033
2011-03-22 20:55:51 ----D---- C:\WINDOWS\repair
2011-03-22 20:48:32 ----A---- C:\WINDOWS\OEWABLog.txt
2011-03-22 20:48:25 ----A---- C:\WINDOWS\ODBCINST.INI
2011-03-22 20:47:47 ----D---- C:\WINDOWS\system32\ias
2011-03-22 20:47:08 ----RD---- C:\WINDOWS\Web
2011-03-22 20:46:55 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2011-03-22 20:22:38 ----D---- C:\Program Files\LG DPF Manager
2011-03-22 20:16:15 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2011-03-22 19:09:02 ----D---- C:\WINDOWS\system32\oodag
2011-03-16 02:51:42 ----D---- C:\WINDOWS\Downloaded Installations
2011-03-15 01:55:20 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2011-03-15 00:57:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2011-03-15 00:56:39 ----D---- C:\Program Files\Common Files\Adobe
2011-03-15 00:55:33 ----D---- C:\Program Files\Adobe
2011-03-14 22:37:42 ----D---- C:\WINDOWS\system32\DirectX
2011-03-12 21:33:37 ----A---- C:\WINDOWS\WDICT32.INI
2011-03-11 17:07:26 ----D---- C:\Program Files\Mozilla Thunderbird
2011-03-10 20:41:33 ----D---- C:\WINDOWS\Debug
2011-03-10 20:41:26 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-05-14 9216]
R1 HWiNFO32;HWiNFO32 Kernel Driver; \??\C:\Program Files\HWiNFO32\HWiNFO32.SYS []
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2002-06-28 12900]
R1 LGMonldr;LGMonldr Bus Enumerator; C:\WINDOWS\system32\DRIVERS\LGMonldr.sys [2009-08-11 20696]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl02945da1;MpKsl02945da1; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl02945da1.sys []
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-04-08 54272]
R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-04-09 31548]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 TRIXX;TRIXX; \??\C:\Program Files\TRIXX\TRIXXDriver.sys []
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-11-20 281504]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-11-20 25888]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 VPCAppSv;Virtual PC Application Services; C:\WINDOWS\system32\DRIVERS\VPCAppSv.sys [2003-03-14 10374]
R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2010-04-20 34280]
R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2010-08-11 267752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2003-01-10 695852]
R3 ASWFilt;ASWFilt; \??\C:\WINDOWS\system32\Filt\ASWFilt.dll []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-06-03 3100160]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-05-21 93696]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2010-09-04 539072]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LGMonmin;LGMonmin; C:\WINDOWS\system32\DRIVERS\LGMonmin.sys [2009-08-11 13912]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-18 12160]
R3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-18 2944]
R3 PTSimBus;PenTablet Bus Enumerator; C:\WINDOWS\system32\DRIVERS\PTSimBus.sys [2007-06-07 18944]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-18 5888]
R3 rtl8139;Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver; C:\WINDOWS\system32\DRIVERS\R8139n51.SYS [2002-10-04 46976]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 MpKsl0013e6a7;MpKsl0013e6a7; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl0013e6a7.sys []
S1 MpKsl17fca43d;MpKsl17fca43d; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D4F8E6AB-2881-49D1-BA2D-5FCB12BA4B15}\MpKsl17fca43d.sys []
S1 MpKsl260c3184;MpKsl260c3184; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68004BFE-33FD-465A-B832-620273E2685A}\MpKsl260c3184.sys []
S1 MpKsl58a83d4c;MpKsl58a83d4c; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl58a83d4c.sys []
S1 MpKslc0c5d131;MpKslc0c5d131; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{41A9F765-13A0-4157-BFD7-BA0FD9133118}\MpKslc0c5d131.sys []
S1 MpKsle3ffa8cf;MpKsle3ffa8cf; \??\C:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E24671EE-E27A-4595-B4DD-C9917EE1D7DC}\MpKsle3ffa8cf.sys []
S1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys []
S2 BT848;BtCap, WDM Video Capture; C:\WINDOWS\system32\drivers\BT848.sys [2000-10-17 204843]
S2 BTTUNER;BtTuner, WDM TvTuner; C:\WINDOWS\system32\drivers\BTTUNER.sys [2000-03-13 12700]
S2 BTXBAR;BtXBar, WDM Crossbar; C:\WINDOWS\system32\drivers\BTXBAR.sys [2000-03-13 12600]
S2 ousbehci;NEC PCI to USB Enhanced Host Controller; C:\WINDOWS\System32\Drivers\ousbehci.sys [2010-09-04 42752]
S2 THP878;THP878; C:\WINDOWS\system32\drivers\THP878.sys []
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.; C:\WINDOWS\system32\drivers\wf88vcap.sys [2004-10-18 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.; C:\WINDOWS\system32\drivers\WF88XBAR.sys [2004-10-18 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.; C:\WINDOWS\system32\drivers\WF88TUNE.sys [2004-10-18 34789]
S3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-05-14 14336]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\WINDOWS\System32\Drivers\ssadadb.sys [2010-12-21 30312]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2004-11-30 30299]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2004-11-30 148040]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2004-11-30 55288]
S3 CardReaderFilter;Card Reader Filter; \??\C:\WINDOWS\system32\Drivers\USBCRFT.SYS []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 cpuz;cpuz; \??\C:\DOCUME~1\BC7B7A~1.JAR\LOCALS~1\Temp\cpuz.sys []
S3 cpuz132;cpuz132; \??\C:\DOCUME~1\BC7B7A~1.JAR\LOCALS~1\Temp\cpuz132\cpuz132_x32.sys []
S3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
S3 dgderdrv;dgderdrv; C:\WINDOWS\System32\drivers\dgderdrv.sys [2011-01-29 20032]
S3 FileObjInfo;STFileDriver; \??\C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys []
S3 FreshIO;FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys []
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
S3 GMSIPCI;GMSIPCI; \??\F:\INSTALL\GMSIPCI.SYS []
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nm;Ovladač programu Sledování sítě; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NTACCESS;NTACCESS; \??\F:\NTACCESS.sys []
S3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
S3 P17;Sound Blaster Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2004-06-04 840960]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2007-04-26 47360]
S3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2004-04-01 10368]
S3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2010-09-04 19072]
S3 PTSimHid;PenTablet Simulated HID MiniDriver; C:\WINDOWS\System32\Drivers\PTSimHid.sys [2007-04-23 10752]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RivaTuner32;RivaTuner32; \??\C:\Program Files\RivaTuner v2.0 RC 16\RivaTuner32.sys []
S3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2010-09-04 130432]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007.SP1\Sandra.sys []
S3 SetupNTGLM7X;SetupNTGLM7X; \??\F:\NTGLM7X.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\ssadbus.sys [2011-01-03 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys [2011-01-03 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\WINDOWS\system32\DRIVERS\ssadmdm.sys [2011-01-03 136680]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2010-12-21 104648]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2010-12-21 14920]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2010-12-21 132424]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 Tablet2k;Serial Tablet Port Driver; C:\WINDOWS\System32\Drivers\Tablet2k.sys [2007-04-23 17920]
S3 TClass2k;Tablet Class Driver; C:\WINDOWS\system32\DRIVERS\TClass2k.sys [2007-04-23 18432]
S3 UCTblHid;HID Tablet Port Driver; C:\WINDOWS\system32\DRIVERS\UCTblHid.sys [2007-05-31 12800]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 VPCNetS2;Virtual PC Emulated Ethernet Switch; C:\WINDOWS\system32\DRIVERS\VPCNetS2.sys [2002-06-27 35040]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WEBNTACCESS;WEBNTACCESS; \??\C:\Program Files\MSI\Live Update 3\NTACCESS.SYS []
S3 WFIOCTL;WFIOCTL; \??\C:\Program Files\WinFast\WFTVFM\WFIOCTL.SYS []
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2010-09-22 2035512]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2008-06-03 552960]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 MSSQLSERVER;MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe [2000-08-06 7442493]
R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-10-20 71096]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2007-01-12 707344]
R2 OOCleverCacheAgent;O&O CleverCache Agent; C:\Program Files\OO Software\CleverCache\ooccag.exe [2007-01-28 391952]
R2 ProtexisLicensing;ProtexisLicensing; C:\WINDOWS\system32\PSIService.exe [2006-11-02 174656]
R2 SamsungAllShare;Samsung AllShare PC Service; C:\Program Files\Samsung\AllShare\AllShareDMS\WiselinkPro.exe [2011-02-18 7233952]
R2 SQLSERVERAGENT;SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE [2000-08-06 303170]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 WinTabService;WinTab Service; C:\WINDOWS\System32\Drivers\WTSRV.EXE [2007-05-31 53248]
R2 WMDM PMSP Service;WMDM PMSP Service; C:\WINDOWS\system32\MsPMSPSv.exe [2000-06-26 53520]
R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2008-06-02 593920]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S2 SimpleSlideShowServer;SimpleSlideShowServer; C:\Program Files\Samsung\AllShare\AllShareSlideShowService.exe [2011-02-18 22464]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-06-11 654848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2007-11-02 504104]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2000-08-06 65602]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe []
S3 pr2ahqjb;Dawn of Magic Drivers Auto Removal (pr2ahqjb); C:\WINDOWS\system32\pr2ahqjb.exe [2007-03-29 407168]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-12 133104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 Prime95 Service;Prime95 Service; C:\Program Files\Prime95\prime95.exe []
S4 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe [2004-08-05 117760]

-----------------EOF-----------------

Zdravím, stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Díky za kontrolu. Tady je log z OTM:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\SET66.tmp moved successfully.
C:\WINDOWS\System32\SET67.tmp moved successfully.
C:\WINDOWS\003102_.tmp moved successfully.
C:\WINDOWS\A7E07C2B2220441587E3784D5814BC93.TMP folder moved successfully.
C:\WINDOWS\DD1865F0AD7340FBB23E1822E02396FF.TMP folder moved successfully.
C:\WINDOWS\msdownld.tmp folder moved successfully.
C:\WINDOWS\SET11B.tmp moved successfully.
C:\WINDOWS\SET11E.tmp moved successfully.
C:\WINDOWS\SET12A.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->FireFox cache emptied: 33729430 bytes
->Flash cache emptied: 562 bytes

User: All Users

User: Bc. Jaroslav Kosm k
->Temporary Internet Files folder emptied: 33170 bytes

User: Bc. Jaroslav Kosmák
->Temp folder emptied: 4068970 bytes
->Temporary Internet Files folder emptied: 3744175 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 115598546 bytes
->Google Chrome cache emptied: 6591495 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 2325 bytes

User: BC7B7A~1~JAR

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes

User: K8K
->Temp folder emptied: 112013 bytes
->Temporary Internet Files folder emptied: 1131062 bytes
->FireFox cache emptied: 20804572 bytes
->Flash cache emptied: 576 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 611418 bytes
->Temporary Internet Files folder emptied: 467333 bytes
->FireFox cache emptied: 749873 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 7004625 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 186,00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 03272011_200253

Files moved on Reboot...
File C:\WINDOWS\temp\Perflib_Perfdata_ab4.dat not found!
File C:\WINDOWS\temp\TMP00000003B5D15CD8C9F0DBB8 not found!

Registry entries deleted on Reboot...

Po tomto zásahu se systém chová podivně.

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Jak divně se PC chová, smázli jsme jen zbytečnosti ?

Ten počítač vykazuje chyby; po asi šestiletém provozu Windows ani není divu. Před několika měsíci jsem měl potíže s ovladači (USB a grafické karty). To se částečně zpravilo opravnou instalací Windows. Možná ani základní deska už není úplně v pořádku. Na toto fórum jsem šel s tím, že mně nefunguje AutoRun u CD a DVD mechaniky a hlavně nešel killnout proces Explorer.exe. Byly tam dva. Jeden se choval normálně, ale ten druhý nešel ukončit ani Task Manažerem, ani programy CodeStuff Starter a Process Explorer.
Po RSIT proces Explorer.exe zmizel (už je spuštěný jen jeden). Ale padal Firefox, padalo spojení na Internet (ale to nemusí souviset) a padala mi otevřená okna - např log RSIT. To vše po reset Windows. To je to "divné" chování.
Přes noc jsem nechal běžet úplnou kontrolu MBAM. Přikládám výpis. Udělal jsem i OTMoveIt CleanUp.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Verze databáze: 6185

Windows 5.1.2600 Service Pack 3
Internet Explorer 6.0.2900.5512

28.3.2011 5:29:28
mbam-log-2011-03-28 (05-29-14).txt

Typ kontroly: Úplný test (C:\|G:\|)
Testované objekty: 434377
Uplynulý čas: 4 hodin, 14 minut, 38 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\trackmania single\trackmania.exe (Trojan.Agent) -> No action taken.
g:\instalace02\oo.defrag.v10.pro.keygen\oo.defrag.v10.pro.keygen\keygen.exe (RiskWare.Tool.CK) -> No action taken.

Po ránu okna už nepadají. AutoRun stále nefunguje. To je ale asi na jinou diskuzi. Zatím dík.

Tohle :

c:\program files\trackmania single\trackmania.exe

otestuj na VIRUSTOTAL

(po načtení stránky klikni na tlačítko Procházet, najdi cestu k výše zmíněnému souboru a klikni na tlačítko Odeslat soubor

trvá to okolo deseti minut pak mi sem zkopíruj link, to je ten řádek nahoře v prohlížeči)

Pokud ti to napíše že soubor již byl testován nech otestovat znovu.

Tady to je:

http://www.virustotal.com/file-scan/rep ... 1301334004

Tak že tu trackmanii v Mbamu nech zřejmě se jedná o hru, zbytek smaž.


Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Nevím, nakolik je kontrola ComboFixem relevantní, protože jsem nevypnul antivir (resp. po vypnutí znovu naběhl); stejně to bylo u Outpostu. Tyto procesy jsem odznačil v MSConfig; zůstaly vypnuty až po restartu vyvolaném ComboFixem. ComboFix také hlásil, že je spuštěn Avira Antivir Personal Edition (soubor ssmdrv.sys); ale já tento antivir dávno nepoužívám. Jeho rezidua jsou v registru.
Až po těchto zjištěních jsem nechal proběhnout ComboFix.

ComboFix 11-03-28.01 - Bc. Jaroslav Kosmák 28.03.2011 20:49:48.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2047.1235 [GMT 2:00]
Spuštěný z: g:\instalace02\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Enabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Outpost Firewall Pro *Enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\system32
c:\windows\system32\system32\3DAudio.ax
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-02-28 do 2011-03-28 )))))))))))))))))))))))))))))))
.
.
2011-03-28 18:37 . 2011-03-28 18:37 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl431a2163.sys
2011-03-28 17:25 . 2011-03-28 17:25 28752 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKslac0f7058.sys
2011-03-23 22:48 . 2011-03-23 22:48 -------- d-----w- c:\program files\Yamicsoft
2011-03-23 15:43 . 2009-07-27 23:19 135168 -c----w- c:\windows\system32\dllcache\shsvcs.dll
2011-03-23 13:34 . 2010-09-18 06:53 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll
2011-03-23 13:34 . 2010-09-18 06:53 974848 -c----w- c:\windows\system32\dllcache\mfc42.dll
2011-03-23 13:34 . 2010-08-23 16:12 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll
2011-03-23 13:33 . 2010-11-02 15:17 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys
2011-03-23 13:31 . 2009-08-13 15:24 512000 -c----w- c:\windows\system32\dllcache\jscript.dll
2011-03-23 13:31 . 2010-10-11 14:59 45568 -c----w- c:\windows\system32\dllcache\wab.exe
2011-03-23 13:31 . 2010-08-16 08:45 590848 -c----w- c:\windows\system32\dllcache\rpcrt4.dll
2011-03-23 09:15 . 2009-07-31 09:05 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll
2011-03-23 09:15 . 2008-04-14 06:00 80896 -c----w- c:\windows\system32\dllcache\msxml6r.dll
2011-03-23 09:15 . 2008-04-14 03:22 380928 ----a-w- c:\windows\system32\irprops.cpl
2011-03-23 07:09 . 2008-06-14 17:35 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2011-03-23 07:07 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2011-03-23 07:07 . 2009-11-21 16:03 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2011-03-23 07:03 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2011-03-23 07:00 . 2008-10-15 16:38 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2011-03-22 21:34 . 2011-03-22 21:34 -------- d-----w- c:\program files\Realtek Sound Manager
2011-03-22 21:34 . 2011-03-22 21:34 -------- d-----w- c:\program files\AvRack
2011-03-22 21:34 . 2003-01-09 07:19 131072 ------w- c:\windows\alcrmv.exe
2011-03-22 21:34 . 2002-12-06 07:32 208896 ------w- c:\windows\alcupd.exe
2011-03-22 18:51 . 2008-04-14 03:19 15872 -c--a-w- c:\windows\system32\dllcache\padrs404.dll
2011-03-22 18:50 . 2008-04-14 03:16 13463552 -c--a-w- c:\windows\system32\dllcache\hwxjpn.dll
2011-03-22 18:49 . 2001-10-24 11:24 45056 -c--a-w- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2011-03-22 18:49 . 2001-10-24 11:24 5632 -c--a-w- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2011-03-22 18:49 . 2003-04-14 19:48 16384 -c--a-w- c:\windows\system32\dllcache\tcptsat.dll
2011-03-22 18:49 . 2003-04-14 19:48 212992 -c--a-w- c:\windows\system32\dllcache\fpmmcsat.dll
2011-03-22 18:46 . 2004-08-18 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2011-03-22 18:46 . 2004-08-18 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2011-03-22 18:16 . 2004-08-18 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2011-03-22 18:16 . 2004-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2011-03-22 18:16 . 2004-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2011-03-22 18:16 . 2004-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2011-03-21 19:15 . 2011-02-11 06:54 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\mpengine.dll
2011-03-19 21:02 . 2011-03-19 21:06 -------- d-----w- c:\program files\APO Usb Autorun
2011-03-19 20:30 . 2011-03-19 20:30 -------- d-----w- c:\program files\PHD
2011-03-19 20:29 . 2011-03-19 20:29 32768 ----a-w- c:\windows\UnstPHD.exe
2011-03-16 00:39 . 2011-03-16 00:39 -------- d-----w- c:\documents and settings\Bc. Jaroslav Kosmák\Level
2011-03-14 23:55 . 2011-03-14 23:55 165888 ----a-r- c:\documents and settings\Bc. Jaroslav Kosmák\Data aplikací\Microsoft\Installer\{6EEEF30E-0AD2-4AD9-B854-22F1488637C7}\IconC202CEA6.exe
2011-03-14 23:55 . 2011-03-14 23:55 -------- d-----w- c:\program files\Inside Operations
2011-03-14 23:55 . 2011-03-14 23:55 -------- d-----w- c:\documents and settings\Bc. Jaroslav Kosmák\Data aplikací\TwoWorldsCP
2011-02-27 19:11 . 2011-02-27 19:11 -------- d-----w- c:\program files\PixiePack Codec Pack
2011-02-27 19:05 . 2011-02-27 19:05 -------- d-----w- c:\documents and settings\All Users\Data aplikací\RapidSolution
2011-02-27 19:05 . 2011-02-27 19:05 -------- d-----w- c:\program files\RapidSolution
2011-02-27 19:02 . 2011-02-27 19:02 -------- d-----w- c:\documents and settings\Bc. Jaroslav Kosmák\Local Settings\Data aplikací\RapidSolution
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-11 06:54 . 2010-09-21 09:45 5943120 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-02-09 13:53 . 2004-08-18 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-18 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-02 07:58 . 2006-04-20 23:15 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-29 16:00 . 2011-01-30 18:28 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-01-29 16:00 . 2011-01-29 16:00 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2011-01-29 16:00 . 2011-01-29 16:00 325552 ----a-w- c:\windows\MASetupCaller.dll
2011-01-29 16:00 . 2011-01-29 16:00 30568 ----a-w- c:\windows\MusiccityDownload.exe
2011-01-29 16:00 . 2011-02-15 15:36 20032 ----a-w- c:\windows\system32\drivers\dgderdrv.sys
2011-01-29 16:00 . 2011-02-15 15:36 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-01-29 16:00 . 2011-02-15 15:36 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
2011-01-27 11:57 . 2006-04-20 23:15 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-24 22:01 . 2006-04-26 00:03 737280 ----a-w- c:\windows\iun6002.exe
2011-01-21 14:44 . 2004-08-18 12:00 440320 ----a-w- c:\windows\system32\shimgvw.dll
2011-01-13 09:41 . 2011-02-01 21:19 5890896 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\Updates\mpengine.dll
2011-01-07 14:09 . 2004-08-18 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll
2011-01-05 21:22 . 2011-01-05 21:22 30056 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-01-04 15:10 . 2011-01-04 15:10 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-01-04 15:10 . 2011-01-04 15:10 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-01-04 15:10 . 2011-01-04 15:10 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-01-04 15:10 . 2011-01-04 15:10 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-01-04 15:10 . 2011-01-04 15:10 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-01-04 15:10 . 2011-01-04 15:10 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-01-04 15:10 . 2011-01-04 15:10 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-01-04 15:10 . 2011-01-04 15:10 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-01-04 15:10 . 2011-01-04 15:10 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-01-04 15:10 . 2011-01-04 15:10 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-01-04 15:10 . 2011-01-04 15:10 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-01-04 15:10 . 2011-01-04 15:10 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-01-04 15:10 . 2011-01-04 15:10 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-01-04 15:10 . 2011-01-04 15:10 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-01-04 15:10 . 2011-01-04 15:10 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-01-04 15:10 . 2011-01-04 15:10 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-01-04 15:10 . 2011-01-04 15:10 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-01-04 15:10 . 2011-01-04 15:10 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-01-04 15:10 . 2011-01-04 15:10 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-01-04 15:10 . 2011-01-04 15:10 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-01-04 15:10 . 2011-01-04 15:10 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-01-04 15:10 . 2011-01-04 15:10 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-01-04 15:10 . 2011-01-04 15:10 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-01-04 15:10 . 2011-01-04 15:10 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-01-03 08:38 . 2011-02-02 17:58 136680 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-01-03 08:38 . 2011-02-02 17:58 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-01-03 08:38 . 2011-02-02 17:58 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2011-01-03 08:38 . 2011-02-02 17:58 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2011-01-03 08:38 . 2011-02-02 17:58 121192 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2011-01-03 08:38 . 2011-02-02 17:58 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2011-01-03 08:38 . 2011-01-30 18:30 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2010-12-31 14:04 . 2004-08-18 12:00 1854976 ----a-w- c:\windows\system32\win32k.sys
2007-01-12 14:59 . 2010-11-19 20:32 43893701 ----a-w- c:\program files\setup-gumboycrazyadventures-1.21-DX.exe
2007-01-12 11:11 . 2010-11-19 20:32 44698390 ----a-w- c:\program files\setup-gumboycrazyadventures-1.16-GL.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Outpost]
@="{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}"
[HKEY_CLASSES_ROOT\CLSID\{33C9E362-3EDA-4930-8AFE-5DA39A8BB77A}]
2010-08-27 12:13 283224 ----a-w- c:\program files\Agnitum\Outpost Firewall Pro\op_shell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HTpatch"="c:\windows\htpatch.exe" [2002-10-30 28672]
"SoundMan"="SOUNDMAN.EXE" [2003-01-07 46592]
"ooccctrl.exe"="c:\program files\OO Software\CleverCache\ooccctrl.exe" [2007-01-28 1911568]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 1505144]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2002-12-03 49152]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"DefaultP17MIDI"="MidiDef.Exe" [2002-12-03 49152]
"DefaultP17"="P17Def.Exe" [2003-07-25 20480]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-18 44544]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BTTray.lnk - c:\program files\MSI\BToes Bluetooth Software\BTTray.exe [2004-11-30 565309]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files\Stardock\Fences\FencesMenu.dll" [2009-10-02 128360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS\0sprestrt
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Synchronizer.lnk]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyP]
2008-07-15 15:33 65536 ----a-w- g:\instalace02\hotkeyp\HotkeyP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
2010-11-30 12:20 997408 ----a-w- c:\program files\Microsoft Security Client\msseces.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OutpostMonitor]
2010-09-22 18:00 2839888 ----a-w- c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MsMpSvc"=2 (0x2)
"SharedAccess"=2 (0x2)
"acssrv"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\UBISOFT\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\SAMSUNG\\AllShare\\AllShareSlideShowService.exe"=
"c:\\Program Files\\SAMSUNG\\AllShare\\AllShare.exe"=
"c:\\Program Files\\SAMSUNG\\AllShare\\AllShareAgent.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareDMS\\WiselinkPro.exe"=
"c:\\Program Files\\Samsung\\AllShare\\AllShareDMS\\http_ss_win_pro.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds.exe"=
"c:\\Program Files\\Reality Pump\\Two Worlds\\TwoWorlds_RADEON.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015
"1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016
"500:UDP"= 500:UDP:@xpsp2res.dll,-22017
.
R0 pe3ahqjb;Dawn of Magic Environment Driver (pe3ahqjb);c:\windows\system32\drivers\pe3ahqjb.sys [29.3.2007 13:25 64896]
R0 ps6ahqjb;Dawn of Magic Synchronization Driver (ps6ahqjb);c:\windows\system32\drivers\ps6ahqjb.sys [29.3.2007 13:25 52616]
R1 HWiNFO32;HWiNFO32 Kernel Driver;c:\program files\HWiNFO32\HWiNFO32.SYS [16.5.2010 17:43 19064]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [8.7.2009 16:05 12900]
R1 LGMonldr;LGMonldr Bus Enumerator;c:\windows\system32\drivers\LGMonldr.sys [29.4.2010 20:50 20696]
R1 MpKsl431a2163;MpKsl431a2163;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl431a2163.sys [28.3.2011 20:37 28752]
R1 MpKslac0f7058;MpKslac0f7058;c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKslac0f7058.sys [28.3.2011 19:25 28752]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [10.1.2011 3:50 713672]
R1 TRIXX;TRIXX;c:\program files\TRIXX\TRIXXDriver.sys [16.8.2005 13:17 15360]
R2 SamsungAllShare;Samsung AllShare PC Service;c:\program files\SAMSUNG\AllShare\AllShareDMS\WiselinkPro.exe [18.2.2011 17:30 7233952]
R2 VPCAppSv;Virtual PC Application Services;c:\windows\system32\drivers\vpcappsv.sys [30.9.2001 17:51 10374]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [10.1.2011 3:49 34280]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [10.1.2011 3:50 267752]
R3 ASWFilt;ASWFilt;c:\windows\system32\Filt\ASWFilt.dll [10.1.2011 3:50 72232]
R3 LGMonmin;LGMonmin;c:\windows\system32\drivers\LGMonmin.sys [29.4.2010 20:50 13912]
R3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\drivers\PTSimBus.sys [7.6.2007 19:16 18944]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [28.4.2007 21:37 685816]
S1 MpKsl0013e6a7;MpKsl0013e6a7;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl0013e6a7.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl0013e6a7.sys [?]
S1 MpKsl17fca43d;MpKsl17fca43d;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D4F8E6AB-2881-49D1-BA2D-5FCB12BA4B15}\MpKsl17fca43d.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{D4F8E6AB-2881-49D1-BA2D-5FCB12BA4B15}\MpKsl17fca43d.sys [?]
S1 MpKsl260c3184;MpKsl260c3184;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68004BFE-33FD-465A-B832-620273E2685A}\MpKsl260c3184.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{68004BFE-33FD-465A-B832-620273E2685A}\MpKsl260c3184.sys [?]
S1 MpKsl58a83d4c;MpKsl58a83d4c;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl58a83d4c.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{F5F1725E-F2C1-4984-B21D-FB3444C97275}\MpKsl58a83d4c.sys [?]
S1 MpKslc0c5d131;MpKslc0c5d131;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{41A9F765-13A0-4157-BFD7-BA0FD9133118}\MpKslc0c5d131.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{41A9F765-13A0-4157-BFD7-BA0FD9133118}\MpKslc0c5d131.sys [?]
S1 MpKsle3ffa8cf;MpKsle3ffa8cf;\??\c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E24671EE-E27A-4595-B4DD-C9917EE1D7DC}\MpKsle3ffa8cf.sys --> c:\documents and settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E24671EE-E27A-4595-B4DD-C9917EE1D7DC}\MpKsle3ffa8cf.sys [?]
S2 BT848;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT848.sys [30.4.2006 20:48 204843]
S2 BTTUNER;BtTuner, WDM TvTuner;c:\windows\system32\drivers\bttuner.sys [30.4.2006 20:52 12700]
S2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\btxbar.sys [2.5.2006 8:06 12600]
S2 ousbehci;NEC PCI to USB Enhanced Host Controller;c:\windows\system32\drivers\ousbehci.sys [4.9.2010 18:57 42752]
S2 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files\SAMSUNG\AllShare\AllShareSlideShowService.exe [18.2.2011 17:30 22464]
S2 THP878;THP878; [x]
S2 WF23880;WinFast TV2000/DV2000 WDM Video Capture.;c:\windows\system32\drivers\wf88vcap.sys [1.5.2008 10:42 208851]
S2 WF88XBAR;WinFast TV2000/DV2000 WDM Crossbar.;c:\windows\system32\drivers\WF88XBAR.sys [1.5.2008 23:40 10324]
S2 WFTUNE;WinFast TV2000/DV2000 WDM Tuner.;c:\windows\system32\drivers\wf88tune.sys [1.5.2008 23:40 34789]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [2.2.2011 19:58 30312]
S3 CardReaderFilter;Card Reader Filter;c:\windows\system32\drivers\USBCRFT.SYS [15.6.2010 20:07 13440]
S3 cpuz;cpuz;\??\c:\docume~1\BC7B7A~1.JAR\LOCALS~1\Temp\cpuz.sys --> c:\docume~1\BC7B7A~1.JAR\LOCALS~1\Temp\cpuz.sys [?]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [15.2.2011 17:36 20032]
S3 FileObjInfo;STFileDriver;\??\c:\documents and settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys --> c:\documents and settings\All Users\Data aplikací\Spyware Terminator\FileObjInfo.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;\??\c:\windows\system32\FsUsbExDisk.SYS --> c:\windows\system32\FsUsbExDisk.SYS [?]
S3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [8.8.2005 14:44 6640]
S3 pr2ahqjb;Dawn of Magic Drivers Auto Removal (pr2ahqjb);c:\windows\system32\pr2ahqjb.exe svc --> c:\windows\system32\pr2ahqjb.exe svc [?]
S3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\drivers\PTSimHid.sys [23.4.2007 17:28 10752]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\f:\ntglm7x.sys --> f:\NTGLM7X.sys [?]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2.2.2011 19:58 121192]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2.2.2011 19:58 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2.2.2011 19:58 136680]
S3 WEBNTACCESS;WEBNTACCESS;\??\c:\program files\MSI\Live Update 3\NTACCESS.SYS --> c:\program files\MSI\Live Update 3\NTACCESS.SYS [?]
S3 WFIOCTL;WFIOCTL;c:\program files\WinFast\WFTVFM\WFIOCTL.sys [1.5.2008 23:52 9510]
S4 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [10.1.2011 3:49 2035512]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12.9.2009 20:37 133104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 18:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2008-09-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-12 18:37]
.
2011-03-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-12 18:37]
.
2011-03-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 11:26]
.
.
------- Doplňkový sken -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send To &Bluetooth - c:\program files\MSI\BToes Bluetooth Software\btsendto_ie_ctx.htm
IE: Stáhnout pomocí FlashGet - c:\program files\FlashGet\jc_link.htm
IE: Stáhnout vše pomocí FlashGet - c:\program files\FlashGet\jc_all.htm
IE: YamicsoftDisabled
IE: YamicsoftDisabled\Add to Google Photos Screensa&ver
IE: YamicsoftDisabled\E&xport to Microsoft Excel
IE: YamicsoftDisabled\E&xportovat do aplikace Microsoft Office Excel - (value not set)
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game08.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - c:\documents and settings\Bc. Jaroslav Kosmák\Data aplikací\Mozilla\Firefox\Profiles\57pcph63.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: České slovníky pro kontrolu pravopisu: cs@dictionaries.addons.mozilla.org - %profile%\extensions\cs@dictionaries.addons.mozilla.org
FF - Ext: Forecastfox l10n: {B5EDFBB0-9827-11DA-A72B-0800200C9A66} - %profile%\extensions\{B5EDFBB0-9827-11DA-A72B-0800200C9A66}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: FireFTP: {a7c6cf7f-112c-4500-a7ea-39801a327e5f} - %profile%\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: capability.policy.policynames - localfilelinks
FF - user.js: capability.policy.localfilelinks.sites - hxxp://s1.travian.cz http://s2.travian.cz http://s3.travian.cz http://s4.travian.cz http://speed.travian.cz http://s1.travian.sk
FF - user.js: capability.policy.localfilelinks.checkloaduri.enabled - allAccess
FF - user.js: browser.sessionstore.resume_from_crash - false
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-28 21:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HTpatch = c:\windows\htpatch.exe?ows\CurrentVersion\Run???\???/?%[??????([??([??????????????????%[??%[0G????([$?????%[????????????S?%[????????m?%[???w????(???{??w???w???????w???w??%[????????d???b6%[%?%[??([????"?%[A?%[??'[.??wZ?%[?3%[?3%[????st.I??????&[????d???0=%[?K%[
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1454471165-308236825-682003330-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1552)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(332)
c:\program files\Agnitum\Outpost Firewall Pro\op_shell.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Stardock\Fences\FencesMenu.dll
c:\program files\stardock\fences\DesktopDock.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTsvcCDA.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\windows\system32\oodag.exe
c:\program files\OO Software\CleverCache\ooccag.exe
c:\windows\system32\PSIService.exe
c:\program files\Samsung\AllShare\AllShareDMS\http_ss_win_pro.exe
c:\program files\Microsoft SQL Server\MSSQL\Binn\sqlagent.EXE
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\System32\Drivers\WTSRV.EXE
c:\windows\system32\MsPMSPSv.exe
c:\windows\SOUNDMAN.EXE
c:\windows\system32\rundll32.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-03-28 21:19:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-03-28 19:19
.
Před spuštěním: Volných bajtů: 16 488 259 584
Po spuštění: Volných bajtů: 16 238 817 280
.
- - End Of File - - 2B16008187AFCC586F8BC6C645568B26

Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Otevři si Poznámkový blok

do něj zkopíruj text z následujícího okna:


ulož Tebou vytvořený TXT soubor jako autorun.reg na plochu,

dvojklikem spusť >> povol zápis do registru >> restart PC a hotovo.


Pak dej vědět jaký je stav PC.

Bohužel AutoRun stále nefunguje...
Mám tři mechaniky, 1 CD a 2 DVD. U DVD nefunguje ani boot (samozřejmostí je zapojení jako master); ještě to všechno podrobně vyzkouším. Mám ještě IDE, ParallelATA mechaniky.

Zkus všechny mechaniky odpojit, zapnout a vypnout PC, pak je znovu zapoj a zapni PC.

Případně se podívej do BIOSu zda je správně detekuje.

BIOS je správně detekuje (na AUTO); to už jsem se díval. Ale jak říkám, ještě vyzkouším všechny možnosti. Mimochodem, ten jeden proces explorer.exe, co nechtěl umřít,byl způsoben zamrznutím DVDčka v mechanice.

Ještě mě napadá zkus použít Tweak UI,

nastav to TAKHLE a restartni PC.

Po delší odmlce ...
musím říct, že funkci AutoRun se mi nepodařilo obnovit. Vyzkoušel jsem všechny dříve navržené postupy.
Potom jsem na to šel více systematicky a do hloubky. Provedl jsem následující kroky, přičemž jsem si dělal průběžně záznam:

BIOS základní desky jsem uvedl do nastavení Optimal Default Settings.
Fyzicky jsem vyjmul DVD a CD mechaniku. Mám celkem 3:
- HL-DT-STDVD-RAM GH22NP20 (DVD),
- TEAC DW 548D (CD) a
- HL-DT- DVDRAM GSA-4163B (DVD).
Provedl jsem reinstalaci Windows (opravnou instalaci), SP3 a ostatních aktualizací.
Postupně jsem připojil mechaniky jako Master a otestoval funkce Boot, AutoPlay a Autorun. Shledal jsem, že Boot funguje u prvních dvou mechanik, u třetí nefunguje; AutoPlay funguje u všech mechanik; AutoRun nefunguje u žádné mechaniky.
Průběžně podle potřeby jsem prováděl restart PC.
Operační systém je Windows XP Home Edition.

Vyzkoušel jsem TweakUI (a to už i dříve): bez výsledku;
dále FixIt od Microsoftu a tvůj výše uvedený návod zásahu do registru. Ten tvůj návod, jak jsem pochopil, asi vede k vymazání příslušných hodnot s tím, že po restartu by se tam měly zapsat správné hodnoty. Ale to se nestalo. To je vidět i z výpisu logu FixItu (viz níže).
Takže by to vypadalo, že všechny tři mechaniky jsou vadné, ale tomu se mi nechce věřit.

Máš ještě nějaký nápad, čím by to mohlo být? Co ještě vyzkoušet? Nemůže tomu vadit Firewall nebo jiný program? Nemůžu určit čas, kdy k těmto poruchám došlo.
Jsou uváděny virtualizační programy a virtuální mechaniky. Já jsem měl nainstalovanou virtuální mechaniku od Ahead Nero a nadále mám nainstalovaný Alcohol 120% a PowerISO Virtual Drive Manager. Souběžně s jejich používáním však AutoRun u HW mechanik fungoval.
V poslední době jsem instaloval např. Outpost Personal Firewall a synchronizační program Samsungu Kies a další programy, používal čističe disku a registru atd. Ale po jakém zásahu Autorun přestal fungovat, nevím.

AutoFix [V5.2.3790.67]
Time [2011-04-03 22:23:10]
Microsoft Windows Version [5.1 (Service Pack 3) <2600>]

Test [The Shell Hardware Detection service is running.] - Instance [N/A]:
Result [AutoStart Setting]: OK
Result [The Shell Hardware Detection service is running.]: OK

Test [Policies] - Instance [F:\, Drive Type: 5]:
Result [HKCU\...\Policies!NoDrives]: OK {Present}
Result [HKCU\...\Policies!NoDriveAutorun]: OK {Absent}
Result [HKCU\...\Policies!NoDriveTypeAutorun]: OK {Absent}
Result [HKLM\...\Policies!NoDrives]: OK {Present}
Result [HKLM\...\Policies!NoDriveAutorun]: OK {Absent}
Result [HKLM\...\Policies!NoDriveTypeAutorun]: OK {Absent}
Result [Driver level policies]: OK {
HKLM\...\Services\cdrom!Autorun (Present) <Allows>
HKLM\...\Services\cdrom\Parameters!Autorun (Absent) <Allows>
HKLM\System\CCS\Enum\...!AlwaysEnable (Absent) <Not set>
HKLM\System\CCS\Enum\...!AlwaysDisable (Absent) <Not set> }

Test [Drive Notification] - Instance [F:\, Drive Type: 5]:
Result [Legacy Notification]: OK
Result [AutoPlay V2 Notification]: Problems {
Service (Silent)
Shell (Deaf) }
>> Repair << [Autoplay V2 Event]
Step: No steps to take.
Result: This AutoPlay setting cannot be fixed. Either the device is malfunctioning, or the wizard cannot determine the problem.

>> Required action: The wizard found problems but cannot fix them -> None