prosím o kontrolu PC - dík

Zpráva

kamiliuss · #1 Příspěvek od **kamiliuss** » 14 kvě 2011 09:31

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kamiliuss at 2011-05-14 10:30:03
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 4 GB (14%) free of 30 GB
Total RAM: 2046 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:30:06, on 14.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\Stahovani\RSIT.exe
C:\Program Files\trend micro\Kamiliuss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: DVDVideoSoftTB - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5359652250
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - (no file)
O20 - Winlogon Notify: !SASWinLogon - D:\instalace\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca8038948bb26c) (gupdate1ca8038948bb26c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

--
End of file - 12243 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-706699826-839522115-1003Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-706699826-839522115-1003UA.job
C:\WINDOWS\tasks\SLOW-PCfighter-Kamiliuss-Startup.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-02-03 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49E0E0F0-5C30-11D4-945D-000000000003}]
IE PopUp-Killer - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll [2004-09-01 414720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
DVDVideoSoftTB Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B5863A0-C43F-4C0A-982B-CC0E9125783F}]
QipLI Class - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll [2010-05-14 48080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
GdfrDUEn Class - C:\Program Files\Get Styles\enlbrdr.dll [2010-02-11 185856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-11-28 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-24 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-02-03 491520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-11-28 2403392]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - DVDVideoSoftTB Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Ashampoo PopUpBlocker"=C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe [2004-02-03 1216000]
"TuneUp MemOptimizer"=C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe [2005-09-21 294912]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.0\ICQ.exe silent loginmode=4 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\WINDOWS\OETRN.EXE [2009-09-07 26624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kamiliuss^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83.lnk]
C:\PROGRA~1\FREERA~1.83\frd.exe [2009-10-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\instalace\SASWINLO.DLL [2009-09-06 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2007-06-27 118784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\instalace\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Gamesky\Lost via domus\Yeti_Final_Win32.exe"="D:\Gamesky\Lost via domus\Yeti_Final_Win32.exe:*:Enabled:Lost Via Domus Game"
"D:\Gamesky\Lost via domus\gu.exe"="D:\Gamesky\Lost via domus\gu.exe:*:Enabled:Lost Via Domus Updater"
"D:\Gamesky\Lost via domus\detection\Launcher.exe"="D:\Gamesky\Lost via domus\detection\Launcher.exe:*:Enabled:Lost Via Domus Requirements Tool"
"D:\Gamesky\Far Cry 2\bin\FarCry2.exe"="D:\Gamesky\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"D:\Gamesky\Far Cry 2\bin\FC2Launcher.exe"="D:\Gamesky\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"D:\Gamesky\Far Cry 2\bin\FC2Editor.exe"="D:\Gamesky\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\ICQ6.5\ICQ.exe"="C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-05-14 10:06:43 ----D---- C:\Program Files\ActiveDBSoft
2011-05-14 09:54:42 ----D---- C:\Program Files\ConduitEngine
2011-05-14 09:54:42 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-05-14 09:05:26 ----D---- C:\Program Files\Zrychleni Pocitace
2011-05-14 09:04:56 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-05-14 09:03:06 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-14 09:03:01 ----D---- C:\WINDOWS\system32\en-US
2011-05-14 09:02:56 ----D---- C:\Program Files\Reference Assemblies
2011-05-14 08:53:14 ----RHD---- C:\AHCache
2011-05-14 08:48:48 ----A---- C:\WINDOWS\OEWABLog.txt
2011-05-14 08:47:51 ----D---- C:\WINDOWS\Prefetch
2011-05-14 08:43:55 ----A---- C:\WINDOWS\setuplog.txt
2011-05-14 08:43:09 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-05-14 08:43:09 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-05-14 08:43:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\credssp.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\azroles.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mssha.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qutil.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qagent.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napstat.exe
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-05-14 08:43:02 ----N---- C:\WINDOWS\system32\setupn.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-05-14 08:42:59 ----D---- C:\WINDOWS\system32\cs-cz
2011-05-14 08:42:58 ----D---- C:\WINDOWS\system32\cs
2011-05-14 08:42:58 ----D---- C:\WINDOWS\system32\bits
2011-05-14 08:42:58 ----D---- C:\WINDOWS\l2schemas
2011-05-14 08:38:33 ----D---- C:\WINDOWS\network diagnostic
2011-05-14 08:38:31 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-05-14 08:37:40 ----A---- C:\WINDOWS\005338_.tmp
2011-05-14 08:37:38 ----A---- C:\WINDOWS\imsins.BAK
2011-05-14 08:19:40 ----A---- C:\WINDOWS\cdplayer.ini
2011-05-14 08:19:09 ----D---- C:\Program Files\Common Files\xing shared
2011-05-14 08:18:51 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2011-05-14 08:18:46 ----A---- C:\WINDOWS\system32\pndx5032.dll
2011-05-14 08:18:46 ----A---- C:\WINDOWS\system32\pndx5016.dll
2011-05-14 08:18:44 ----D---- C:\Program Files\Real
2011-05-14 08:18:44 ----D---- C:\Program Files\Common Files\Real
2011-05-14 08:17:29 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\Real

======List of files/folders modified in the last 1 months======

2011-05-14 10:30:06 ----D---- C:\Program Files\Trend Micro
2011-05-14 10:30:04 ----D---- C:\WINDOWS\temp
2011-05-14 10:19:49 ----RD---- C:\Program Files
2011-05-14 10:18:38 ----HD---- C:\WINDOWS
2011-05-14 10:18:38 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-05-14 10:15:58 ----HD---- C:\WINDOWS\system32\CatRoot2
2011-05-14 10:15:57 ----HD---- C:\WINDOWS\inf
2011-05-14 10:12:42 ----D---- C:\Program Files\Mozilla Firefox
2011-05-14 10:05:59 ----AH---- C:\WINDOWS\wincmd.ini
2011-05-14 09:54:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-14 09:54:48 ----HD---- C:\WINDOWS\SoftwareDistribution
2011-05-14 09:54:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-14 09:54:47 ----HD---- C:\WINDOWS\system32
2011-05-14 09:54:45 ----D---- C:\Program Files\XfireXO
2011-05-14 09:54:04 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\PriceGong
2011-05-14 09:40:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-14 09:40:10 ----HD---- C:\WINDOWS\system32\config
2011-05-14 09:17:54 ----SD---- C:\WINDOWS\Tasks
2011-05-14 09:09:57 ----RSD---- C:\WINDOWS\assembly
2011-05-14 09:09:57 ----HD---- C:\WINDOWS\Microsoft.NET
2011-05-14 09:06:48 ----HD---- C:\Config.Msi
2011-05-14 09:04:50 ----SHD---- C:\WINDOWS\Installer
2011-05-14 09:03:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2011-05-14 09:03:00 ----RSD---- C:\WINDOWS\Fonts
2011-05-14 09:00:48 ----HD---- C:\WINDOWS\WinSxS
2011-05-14 08:59:59 ----D---- C:\Program Files\Internet Explorer
2011-05-14 08:48:21 ----HD---- C:\WINDOWS\Debug
2011-05-14 08:47:25 ----HD---- C:\WINDOWS\system32\wbem
2011-05-14 08:47:25 ----HD---- C:\WINDOWS\system32\Setup
2011-05-14 08:47:25 ----HD---- C:\WINDOWS\AppPatch
2011-05-14 08:47:21 ----HD---- C:\WINDOWS\system32\drivers
2011-05-14 08:46:45 ----HD---- C:\WINDOWS\security
2011-05-14 08:45:26 ----HD---- C:\WINDOWS\system32\CatRoot
2011-05-14 08:43:28 ----D---- C:\Program Files\Messenger
2011-05-14 08:43:19 ----D---- C:\Program Files\Windows Media Player
2011-05-14 08:43:17 ----HD---- C:\WINDOWS\Help
2011-05-14 08:43:11 ----HD---- C:\WINDOWS\EHome
2011-05-14 08:43:09 ----HD---- C:\WINDOWS\system32\inetsrv
2011-05-14 08:43:09 ----HD---- C:\WINDOWS\ime
2011-05-14 08:42:59 ----HD---- C:\WINDOWS\system32\usmt
2011-05-14 08:42:58 ----HD---- C:\WINDOWS\peernet
2011-05-14 08:42:57 ----D---- C:\Program Files\Movie Maker
2011-05-14 08:40:18 ----HD---- C:\WINDOWS\system32\Restore
2011-05-14 08:40:18 ----HD---- C:\WINDOWS\system32\npp
2011-05-14 08:40:17 ----HD---- C:\WINDOWS\msagent
2011-05-14 08:40:15 ----HD---- C:\WINDOWS\srchasst
2011-05-14 08:40:14 ----D---- C:\Program Files\NetMeeting
2011-05-14 08:40:13 ----HD---- C:\WINDOWS\system32\Com
2011-05-14 08:40:10 ----D---- C:\Program Files\Windows NT
2011-05-14 08:40:10 ----D---- C:\Program Files\Outlook Express
2011-05-14 08:40:07 ----D---- C:\Program Files\Common Files\System
2011-05-14 08:39:52 ----HD---- C:\WINDOWS\system32\oobe
2011-05-14 08:39:51 ----HD---- C:\WINDOWS\system
2011-05-14 08:37:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-05-14 08:29:47 ----HD---- C:\WINDOWS\Minidump
2011-05-14 08:19:09 ----D---- C:\Program Files\Common Files
2011-05-14 08:18:46 ----A---- C:\WINDOWS\system32\pncrt.dll
2011-05-14 08:14:37 ----AH---- C:\WINDOWS\win.ini
2011-05-13 11:57:58 ----A---- C:\WINDOWS\NeroDigital.ini
2011-05-08 22:54:28 ----A---- C:\WINDOWS\WTRAN32.INI
2011-05-05 19:28:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-05-05 19:28:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
2011-04-25 18:05:13 ----A---- C:\WINDOWS\WDICT32.INI
2011-04-25 17:54:35 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\gtk-2.0

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-08-30 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-08-24 66560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-07-06 716272]
R0 vax347b;vax347b; C:\WINDOWS\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
R0 vax347s;vax347s; C:\WINDOWS\System32\Drivers\vax347s.sys [2004-04-30 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 SASDIFSV;SASDIFSV; \??\D:\instalace\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\instalace\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2007-06-27 2303488]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2007-06-28 45824]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2007-06-28 20480]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S3 a2i2qijw;a2i2qijw; C:\WINDOWS\system32\drivers\a2i2qijw.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-01-02 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-01-02 22368]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-07-10 25280]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2006-03-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2006-03-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2006-03-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2006-03-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2006-03-13 79488]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-26 47360]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 SASENUM;SASENUM; \??\D:\instalace\SASENUM.SYS []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-11-10 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-11-10 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-11-10 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-11-10 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-11-10 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-11-10 90800]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2007-06-27 483328]
R2 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-19 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-10-03 214520]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-29 520192]
S2 gupdate1ca8038948bb26c;Služba Google Update (gupdate1ca8038948bb26c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-19 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-19 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-28 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-11 118272]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 14 kvě 2011 10:05

Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET Smart Security mate legalni = zakoupena licence

kamiliuss · #3 Příspěvek od **kamiliuss** » 14 kvě 2011 10:45

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:07:31, on 14.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Outlook Express\msimn.exe
C:\totalcmd\TOTALCMD.EXE
D:\Stahovani\RSIT.exe
C:\Program Files\trend micro\Kamiliuss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: DVDVideoSoftTB - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: QipLI - {6B5863A0-C43F-4C0A-982B-CC0E9125783F} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qstatsrv.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {53F6FCCD-9E22-4d71-86EA-6E43136192AB} - (no file)
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5359652250
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/html - {574940E0-1B7A-4881-8FA3-1E809714B156} - (no file)
O20 - Winlogon Notify: !SASWinLogon - D:\instalace\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate1ca8038948bb26c) (gupdate1ca8038948bb26c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
mám problém, včera jsem nainstaloval abdobe flash player 10, aby mohla manželka pouštěn seriály v české televize v archivu si,když to chci spustit vypíná se PC, ve flash playeru mi to píše že není naistalován ACTIVE X, nevím odkud ho tam nainstalovat,děkuji

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

--
End of file - 12313 bytes

#4 Příspěvek od **vyosek** » 14 kvě 2011 10:46

vyosek píše:Zdravim a pekny den preji

Poprosim i o druhy log z RSIT s nazvem info.txt, je ulozen v c:\rsit

Predpokladam, ze ten ESET Smart Security mate legalni = zakoupena licence

A dale proc zakladate neustale nove temata

To s tim ComboFixem (ktery se mimochodem nema pouzivat bez doporuceni radce), Vam opet zamknu a budeme pokracovat zde...

kamiliuss · #5 Příspěvek od **kamiliuss** » 14 kvě 2011 11:14

omlouvám se, jsem laik PC jsem projel malware jeden , flash player chybí ovladač ACTIVE X ????dá se doinstalovat,žena ho tam včera nainstalova z netu a nejdou videa na netu,děkuji

info.txt logfile of random's system information tool 1.06 2009-09-06 18:12:00

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.3 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A91000000001}
Call of Duty(R) 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{D0A05794-48C2-4424-A15A-9F20FCFDD374} /l2057
CCleaner (remove only)-->"D:\instalace\CCleaner\uninst.exe"
DivX 4.02 Codec-->"C:\Program Files\DivXCodec\uninstall.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.9.8 Be-->"C:\Program Files\DVDFab 5\unins000.exe"
DVDStyler v1.7.2-->"D:\instalace\DVDStyler\unins000.exe"
ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
ESET Smart Security-->MsiExec.exe /I{49B6C667-BADF-4CBB-81A5-62053B02240A}
GamePark-->"C:\Program Files\GamePark\unins000.exe"
GIMP 2.6.4-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
ICQ Toolbar-->C:\Program Files\ICQ6Toolbar\ICQUnToolbar.exe
ICQ6.5-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7-->"C:\WINDOWS\$NtUninstallWdf01007$\spuninst\spuninst.exe"
Mozilla Firefox (3.0.13)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MPEG2 Codec(libmpeg2/mad)-->"C:\Program Files\GNU\MPEG2\Uninstall.exe"
Nero 7 Ultra Edition-->MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31029}
NOD32 v3.0.642 FiX1.2 by TemDono (31 days remaining forever up -->"C:\Program Files\ESET\ESET Smart Security\unins000.exe"
OpenOffice.org 3.0-->MsiExec.exe /I{BE8BE32F-F595-4693-9F82-1E0A5A047BB6}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PunkBuster Services-->C:\WINDOWS\system32\pbsvc.exe -u
QIP 2005 8080-->"C:\Program Files\QIP\unins000.exe"
Rossmann Foto-Shop Client 4.2-->C:\Program Files\Rossmann Foto-Shop Client\Deinstalace.exe
Skype™ 3.6-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
The Playa-->"C:\Program Files\The Playa\uninstall.exe"
Tomb Raider: Underworld Demo 1.0-->D:\Gamesky\TB 7\Eidos\Tomb Raider - Underworld\uninst.exe
Update Service-->"C:\Program Files\Sony Ericsson\Update Service\Uninstall Update Service\Uninstall Update Service.exe"

=====HijackThis Backups=====

O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) [2008-05-30]
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\CF15956.exe /c C:\ComboFix\Combobatch.bat [2008-05-30]
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing) [2008-06-16]
O20 - Winlogon Notify: ssqOHywt - ssqOHywt.dll (file missing) [2008-06-16]
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll (file missing) [2008-06-16]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html [2008-06-16]
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file) [2008-06-16]

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: KAMILIUS-S22BM4
Event Code: 43033
Message: Edid checksum error

Record Number: 35670
Source Name: ati2mtag
Time Written: 20090831061207.000000+120
Event Type: Chyba
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 3100
Message: Ovladač Microsoft IPv6 Developer Edition byl spuštěn.

Record Number: 35669
Source Name: Tcpip6
Time Written: 20090831061207.000000+120
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 35668
Source Name: EventLog
Time Written: 20090831061143.000000+120
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 35667
Source Name: EventLog
Time Written: 20090831061143.000000+120
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 6006
Message: Služba Event Log byla zastavena.

Record Number: 35666
Source Name: EventLog
Time Written: 20090830204015.000000+120
Event Type: Informace
User:

=====Application event log=====

Computer Name: KAMILIUS-S22BM4
Event Code: 4
Message: The LightScribe Service started successfully.

Record Number: 5546
Source Name: LightScribeService
Time Written: 20090202142901.000000+060
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 105
Message: The service was started.

Record Number: 5545
Source Name: ATI Smart
Time Written: 20090202142900.000000+060
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 1517
Message: Systém Windows uložil registr uživatele KAMILIUS-S22BM4\Kamiliuss, ale některá z aplikací nebo služeb během odhlášení registr nadále používala. Paměť používaná registrem uživatele nebyla uvolněna. Registr bude uvolněn, jakmile již nebude používán.

To je často způsobeno tím, že jsou služby spuštěny pomocí uživatelského účtu. Zkuste služby konfigurovat pro spuštění pomocí účtu místní nebo síťové služby.

Record Number: 5544
Source Name: Userenv
Time Written: 20090201201958.000000+060
Event Type: Upozornění
User: NT AUTHORITY\SYSTEM

Computer Name: KAMILIUS-S22BM4
Event Code: 101
Message: wuauclt (1560) Databázový stroj byl zastaven.

Record Number: 5543
Source Name: ESENT
Time Written: 20090201114558.000000+060
Event Type: Informace
User:

Computer Name: KAMILIUS-S22BM4
Event Code: 103
Message: wuaueng.dll (1560) SUS20ClientDataStore: Databázový stroj zastavil instanci (0).

Record Number: 5542
Source Name: ESENT
Time Written: 20090201114558.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Common Files\Teleca

Shared;C:\Program Files\Microsoft SQL Server\90\Tools\binn;C:\Program Files\VoiceAge\Common
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6b02
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO

-----------------EOF-----------------

#6 Příspěvek od **vyosek** » 14 kvě 2011 11:19

A co budeme delat s tim nelegalnim antivirem co tam mate

Na to ze jste laik si docela troufate, poustet si tam ComboFix - to opravdu neni hracka a umi paradne poslat system do kytek

Dle pravidel fora (viz zde a a zde bod c.3 ) se vsak nelegalnim SW nezabyvame, jelikoz nelegalni programy jsou vetsinou zdrojem haveti. Navic tim porusujete i autorska prava Obrázek

, pachate trestny cin a ten jako takovy nebude nasim forem podporovan. Uvedomte si, ze jste na bezpecnostnim foru - podpora warezu by byla zcela proti logice fora

Takze ten nelegalni ESET Smart Security odinstalujte, nainstalujte si tam Avast, ktery je zdarma a pak budeme pokracovat

kamiliuss · #7 Příspěvek od **kamiliuss** » 14 kvě 2011 11:23

dobře to hned udělám, mne to tady dával kolega antivir neb já byl tenkrát bez netu, takže stahnu z netu a nainstaluju ho tam, zatím děkuji

#8 Příspěvek od **vyosek** » 14 kvě 2011 12:06

Ok, pak mi sem dejte novy log z RSIT kde bude jiz jen Avast

kamiliuss · #9 Příspěvek od **kamiliuss** » 14 kvě 2011 19:32

vše napraveno, omlouvám se za vzniklé potíže,

Logfile of random's system information tool 1.08 (written by random/random)
Run by Kamiliuss at 2011-05-14 20:31:09
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 5 GB (17%) free of 30 GB
Total RAM: 2046 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:31:13, on 14.5.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Documents and Settings\Kamiliuss\Plocha\RSIT(2).exe
C:\Program Files\trend micro\Kamiliuss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - (no file)
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: IE PopUp-Killer - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: DVDVideoSoftTB - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: GdfrDUEn - {A3CF7606-E683-4375-A372-96B75DA0AEF7} - C:\Program Files\Get Styles\enlbrdr.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: DVDVideoSoftTB Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\prxtbXfi2.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {925DAB62-F9AC-4221-806A-057BFB1014AA} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 5359652250
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\instalace\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca8038948bb26c) (gupdate1ca8038948bb26c) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

--
End of file - 11131 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2008-02-03 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{49E0E0F0-5C30-11D4-945D-000000000003}]
IE PopUp-Killer - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll [2004-09-01 414720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
DVDVideoSoftTB Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
GdfrDUEn Class - C:\Program Files\Get Styles\enlbrdr.dll [2010-02-11 185856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}]
QIPBHO Class - C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2009-07-14 150768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-11-28 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-12-24 737776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
SweetIM Toolbar Helper - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2008-02-03 491520]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-11-28 2403392]
{EEE6C35B-6118-11DC-9C72-001320C79847} - SweetIM Toolbar for Internet Explorer - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [2008-10-08 1172792]
{5e5ab302-7f65-44cd-8211-c1d4caaccea3} - DVDVideoSoftTB Toolbar - C:\Program Files\XfireXO\prxtbXfi2.dll [2011-01-17 175912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-05-10 3459712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
C:\WINDOWS\OETRN.EXE [2009-09-07 26624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Kamiliuss^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83.lnk]
C:\PROGRA~1\FREERA~1.83\frd.exe [2009-10-18 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
D:\instalace\SASWINLO.DLL [2009-09-06 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-04-20 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\instalace\SASSEH.DLL [2008-05-13 77824]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoDriveAutoRun"=67108863

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"D:\Gamesky\Lost via domus\Yeti_Final_Win32.exe"="D:\Gamesky\Lost via domus\Yeti_Final_Win32.exe:*:Enabled:Lost Via Domus Game"
"D:\Gamesky\Lost via domus\gu.exe"="D:\Gamesky\Lost via domus\gu.exe:*:Enabled:Lost Via Domus Updater"
"D:\Gamesky\Lost via domus\detection\Launcher.exe"="D:\Gamesky\Lost via domus\detection\Launcher.exe:*:Enabled:Lost Via Domus Requirements Tool"
"D:\Gamesky\Far Cry 2\bin\FarCry2.exe"="D:\Gamesky\Far Cry 2\bin\FarCry2.exe:*:Enabled:Far Cry 2"
"D:\Gamesky\Far Cry 2\bin\FC2Launcher.exe"="D:\Gamesky\Far Cry 2\bin\FC2Launcher.exe:*:Enabled:Far Cry 2 Updater"
"D:\Gamesky\Far Cry 2\bin\FC2Editor.exe"="D:\Gamesky\Far Cry 2\bin\FC2Editor.exe:*:Enabled:Editor"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.0\ICQ.exe"="C:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"C:\Program Files\ICQ7.0\aolload.exe"="C:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"C:\Program Files\ICQ7.1\ICQ.exe"="C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1"
"C:\Program Files\ICQ7.2\ICQ.exe"="C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2"
"C:\Program Files\ICQ7.2\aolload.exe"="C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2011-05-14 20:25:47 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2011-05-14 20:25:47 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2011-05-14 20:25:46 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2011-05-14 20:25:46 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2011-05-14 20:25:46 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2011-05-14 20:25:45 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2011-05-14 20:25:45 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2011-05-14 20:25:45 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2011-05-14 20:25:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-05-14 20:04:16 ----D---- C:\Program Files\AMD APP
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\ativvamv.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\atioglxx.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\atimpc32.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\aticalrt.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\aticaldd.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\aticalcl.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\atibtmon.exe
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2011-05-14 20:03:39 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2011-05-14 20:03:03 ----D---- C:\Program Files\ATI
2011-05-14 20:01:46 ----D---- C:\ATI
2011-05-14 12:41:16 ----D---- C:\Program Files\AVAST Software
2011-05-14 12:41:16 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2011-05-14 11:40:09 ----SHD---- C:\RECYCLER
2011-05-14 11:24:57 ----D---- C:\WINDOWS\temp
2011-05-14 11:24:56 ----A---- C:\ComboFix.txt
2011-05-14 11:17:09 ----A---- C:\WINDOWS\MBR.exe
2011-05-14 09:54:42 ----D---- C:\Program Files\ConduitEngine
2011-05-14 09:54:42 ----A---- C:\WINDOWS\system32\ConduitEngine.tmp
2011-05-14 09:04:56 ----HDC---- C:\WINDOWS\$NtUninstallXPSEPSCLP$
2011-05-14 09:03:06 ----D---- C:\WINDOWS\system32\XPSViewer
2011-05-14 09:03:01 ----D---- C:\WINDOWS\system32\en-US
2011-05-14 09:02:56 ----D---- C:\Program Files\Reference Assemblies
2011-05-14 08:53:14 ----RD---- C:\AHCache
2011-05-14 08:47:51 ----D---- C:\WINDOWS\Prefetch
2011-05-14 08:43:09 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-05-14 08:43:09 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-05-14 08:43:08 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\credssp.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-05-14 08:43:07 ----N---- C:\WINDOWS\system32\azroles.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-05-14 08:43:06 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-05-14 08:43:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mssha.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-05-14 08:43:04 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qutil.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\qagent.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\onex.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napstat.exe
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-05-14 08:43:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-05-14 08:43:02 ----N---- C:\WINDOWS\system32\setupn.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\verclsid.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tzchange.exe
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-05-14 08:43:01 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-05-14 08:42:59 ----D---- C:\WINDOWS\system32\cs-cz
2011-05-14 08:42:58 ----D---- C:\WINDOWS\system32\cs
2011-05-14 08:42:58 ----D---- C:\WINDOWS\system32\bits
2011-05-14 08:42:58 ----D---- C:\WINDOWS\l2schemas
2011-05-14 08:38:33 ----D---- C:\WINDOWS\network diagnostic
2011-05-14 08:38:31 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-05-14 08:37:40 ----A---- C:\WINDOWS\005338_.tmp
2011-05-14 08:19:40 ----A---- C:\WINDOWS\cdplayer.ini
2011-05-14 08:18:44 ----D---- C:\Program Files\Real
2011-05-14 08:18:44 ----D---- C:\Program Files\Common Files\Real
2011-05-14 08:17:29 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\Real
2011-04-19 22:10:32 ----A---- C:\WINDOWS\system32\OVDecode.dll
2011-04-19 22:10:18 ----A---- C:\WINDOWS\system32\OpenCL.dll
2011-04-19 22:10:02 ----A---- C:\WINDOWS\system32\amdocl.dll

======List of files/folders modified in the last 1 months======

2011-05-14 20:31:11 ----D---- C:\Program Files\Trend Micro
2011-05-14 20:30:30 ----AH---- C:\WINDOWS\wincmd.ini
2011-05-14 20:29:03 ----D---- C:\Program Files\Mozilla Firefox
2011-05-14 20:25:47 ----HD---- C:\WINDOWS\system32\drivers
2011-05-14 20:25:43 ----SHD---- C:\WINDOWS\Installer
2011-05-14 20:25:42 ----HD---- C:\WINDOWS\WinSxS
2011-05-14 20:25:42 ----D---- C:\Config.Msi
2011-05-14 20:25:34 ----HD---- C:\WINDOWS\system32
2011-05-14 20:25:34 ----D---- C:\WINDOWS
2011-05-14 20:16:57 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\Adobe
2011-05-14 20:13:56 ----A---- C:\WINDOWS\MAILTRAN.INI
2011-05-14 20:13:13 ----HD---- C:\WINDOWS\system32\CatRoot2
2011-05-14 20:10:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-05-14 20:08:18 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-05-14 20:07:51 ----HD---- C:\WINDOWS\inf
2011-05-14 20:04:16 ----RD---- C:\Program Files
2011-05-14 20:03:39 ----HDC---- C:\WINDOWS\system32\DRVSTORE
2011-05-14 20:03:28 ----D---- C:\Program Files\ATI Technologies
2011-05-14 19:51:31 ----HD---- C:\WINDOWS\Minidump
2011-05-14 19:36:34 ----D---- C:\Program Files\Sony
2011-05-14 13:17:54 ----D---- C:\Program Files\ESET
2011-05-14 12:48:57 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-14 12:34:55 ----RSD---- C:\WINDOWS\assembly
2011-05-14 12:32:21 ----HD---- C:\WINDOWS\Microsoft.NET
2011-05-14 11:53:33 ----HD---- C:\WINDOWS\Connection Wizard
2011-05-14 11:24:58 ----AD---- C:\QooBox
2011-05-14 11:24:08 ----SD---- C:\WINDOWS\Tasks
2011-05-14 11:23:20 ----A---- C:\WINDOWS\system.ini
2011-05-14 11:23:11 ----HD---- C:\WINDOWS\system32\drivers\etc
2011-05-14 11:21:22 ----HD---- C:\WINDOWS\AppPatch
2011-05-14 11:21:19 ----D---- C:\Program Files\Common Files
2011-05-14 10:42:28 ----HD---- C:\WINDOWS\Debug
2011-05-14 09:54:48 ----HD---- C:\WINDOWS\SoftwareDistribution
2011-05-14 09:54:47 ----SD---- C:\WINDOWS\Downloaded Program Files
2011-05-14 09:54:45 ----D---- C:\Program Files\XfireXO
2011-05-14 09:40:10 ----HD---- C:\WINDOWS\system32\config
2011-05-14 09:03:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2011-05-14 09:03:00 ----RSD---- C:\WINDOWS\Fonts
2011-05-14 08:59:59 ----D---- C:\Program Files\Internet Explorer
2011-05-14 08:47:25 ----HD---- C:\WINDOWS\system32\wbem
2011-05-14 08:47:25 ----HD---- C:\WINDOWS\system32\Setup
2011-05-14 08:46:45 ----HD---- C:\WINDOWS\security
2011-05-14 08:45:26 ----HD---- C:\WINDOWS\system32\CatRoot
2011-05-14 08:43:28 ----D---- C:\Program Files\Messenger
2011-05-14 08:43:19 ----D---- C:\Program Files\Windows Media Player
2011-05-14 08:43:17 ----HD---- C:\WINDOWS\Help
2011-05-14 08:43:11 ----HD---- C:\WINDOWS\EHome
2011-05-14 08:43:09 ----HD---- C:\WINDOWS\system32\inetsrv
2011-05-14 08:43:09 ----HD---- C:\WINDOWS\ime
2011-05-14 08:42:59 ----HD---- C:\WINDOWS\system32\usmt
2011-05-14 08:42:58 ----HD---- C:\WINDOWS\peernet
2011-05-14 08:42:57 ----D---- C:\Program Files\Movie Maker
2011-05-14 08:40:18 ----HD---- C:\WINDOWS\system32\Restore
2011-05-14 08:40:18 ----HD---- C:\WINDOWS\system32\npp
2011-05-14 08:40:17 ----HD---- C:\WINDOWS\msagent
2011-05-14 08:40:15 ----HD---- C:\WINDOWS\srchasst
2011-05-14 08:40:14 ----D---- C:\Program Files\NetMeeting
2011-05-14 08:40:13 ----HD---- C:\WINDOWS\system32\Com
2011-05-14 08:40:10 ----D---- C:\Program Files\Windows NT
2011-05-14 08:40:10 ----D---- C:\Program Files\Outlook Express
2011-05-14 08:40:07 ----D---- C:\Program Files\Common Files\System
2011-05-14 08:39:52 ----HD---- C:\WINDOWS\system32\oobe
2011-05-14 08:39:51 ----HD---- C:\WINDOWS\system
2011-05-14 08:37:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-05-14 08:14:37 ----AH---- C:\WINDOWS\win.ini
2011-05-13 11:57:58 ----A---- C:\WINDOWS\NeroDigital.ini
2011-05-08 22:54:28 ----A---- C:\WINDOWS\WTRAN32.INI
2011-05-05 19:28:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJPLM
2011-05-05 19:28:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJ
2011-04-25 18:05:13 ----A---- C:\WINDOWS\WDICT32.INI
2011-04-25 17:54:35 ----D---- C:\Documents and Settings\Kamiliuss\Data aplikací\gtk-2.0
2011-04-20 04:38:50 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2011-04-20 04:04:00 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2011-04-20 04:02:58 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2011-04-20 04:01:50 ----A---- C:\WINDOWS\system32\ati3duag.dll
2011-04-20 03:45:06 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2011-04-20 03:44:34 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2011-04-20 03:44:22 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2011-04-20 03:44:14 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2011-04-20 03:44:06 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2011-04-20 03:43:54 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2011-04-20 03:42:40 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2011-04-20 03:41:22 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2011-04-20 03:36:24 ----A---- C:\WINDOWS\system32\atikvmag.dll
2011-04-20 03:33:52 ----A---- C:\WINDOWS\system32\atitvo32.dll
2011-04-20 03:30:48 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2011-04-20 03:28:32 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2011-04-20 03:26:26 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-08-30 43528]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2005-08-10 50688]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2005-05-16 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2005-08-10 19968]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2005-08-24 66560]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-07-06 716272]
R0 vax347b;vax347b; C:\WINDOWS\system32\DRIVERS\vax347b.sys [2005-07-08 159616]
R0 vax347s;vax347s; C:\WINDOWS\System32\Drivers\vax347s.sys [2004-04-30 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-05-10 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-05-10 25432]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-05-10 307928]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-05-10 49240]
R1 SASDIFSV;SASDIFSV; \??\D:\instalace\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\instalace\SASKUTIL.sys []
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-04-14 225664]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-05-10 19544]
R2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-05-10 102616]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2008-02-08 278984]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2008-02-08 25416]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2011-04-20 6537728]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-09-05 4611072]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2007-06-28 45824]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2007-06-28 20480]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-14 12288]
S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-05-10 441176]
S3 abz10ubr;abz10ubr; C:\WINDOWS\system32\drivers\abz10ubr.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 Bridge;Most MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 BridgeMP;Miniport mostu MAC; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-14 71552]
S3 catchme;catchme; \??\C:\DOCUME~1\KAMILI~1\LOCALS~1\Temp\catchme.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\WINDOWS\system32\DRIVERS\ggflt.sys [2009-01-02 10976]
S3 ggsemc;SEMC USB Flash Driver; C:\WINDOWS\system32\DRIVERS\ggsemc.sys [2009-01-02 22368]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-07-10 25280]
S3 HdAudAddService;ATI Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\AtiHdAud.sys [2006-12-28 84992]
S3 K320bus;Sony Ericsson K320 driver (WDM); C:\WINDOWS\system32\DRIVERS\K320bus.sys [2006-08-18 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\K320mdfl.sys [2006-08-18 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\K320mdm.sys [2006-08-18 97056]
S3 k750bus;Sony Ericsson 750 driver (WDM); C:\WINDOWS\system32\DRIVERS\k750bus.sys [2006-03-13 55216]
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\k750mdfl.sys [2006-03-13 6576]
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers; C:\WINDOWS\system32\DRIVERS\k750mdm.sys [2006-03-13 89872]
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers; C:\WINDOWS\system32\DRIVERS\k750mgmt.sys [2006-03-13 81728]
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers; C:\WINDOWS\system32\DRIVERS\k750obex.sys [2006-03-13 79488]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-03-26 47360]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 SASENUM;SASENUM; \??\D:\instalace\SASENUM.SYS []
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600]
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360]
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184]
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys [2006-11-10 88688]
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS); C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys [2006-11-10 18704]
S3 SE2Bobex;Sony Ericsson Device 043 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Bobex.sys [2006-11-10 86560]
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM); C:\WINDOWS\system32\DRIVERS\se2Bunic.sys [2006-11-10 90800]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 61600]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-11-10 9360]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-11-10 97184]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-11-10 88688]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS); C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-11-10 18704]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-11-10 86560]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM); C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-11-10 90800]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-11 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-11 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-11 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 w200bus;Sony Ericsson W200 driver (WDM); C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 61504]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 9328]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 97056]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 88560]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 86368]
S3 w810bus;Sony Ericsson W810 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w810bus.sys [2006-02-20 58288]
S3 w810mdfl;Sony Ericsson W810 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w810mdfl.sys [2006-02-20 8336]
S3 w810mdm;Sony Ericsson W810 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w810mdm.sys [2006-02-20 94064]
S3 w810mgmt;Sony Ericsson W810 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w810mgmt.sys [2006-02-20 85408]
S3 w810obex;Sony Ericsson W810 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w810obex.sys [2006-02-20 83344]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WpdUsb;WpdUsb; C:\WINDOWS\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-04-20 643072]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-05-10 42184]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-06-28 79136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2001-02-23 270336]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-12-19 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-10-03 214520]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 StarWindService;StarWind iSCSI Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe [2005-04-02 217600]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe []
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2007-06-29 520192]
S2 gupdate1ca8038948bb26c;Služba Google Update (gupdate1ca8038948bb26c); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-19 133104]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-19 133104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-28 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2007-02-10 29178224]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 TUWinStylerThemeSvc;TuneUp WinStyler Theme Service; C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe [2005-08-11 118272]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]

-----------------EOF-----------------

#10 Příspěvek od **vyosek** » 14 kvě 2011 19:49

Ja si sem vlozim ten ComboFix, kdyz jste jej uz pouzil a tam ty dva duplicitni thready hodim do pryc. A dejte mi chvili nez napisu skript na docisteni

ComboFix 11-05-13.02 - Kamiliuss 14.05.2011 11:18:49.8.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1355 [GMT 2:00]
Spuštěný z: d:\stahovani\ComboFix.exe
AV: ESET Smart Security 3.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Kamiliuss\Data aplikací\PriceGong\Data\z.xml
c:\documents and settings\Kamiliuss\WINDOWS
c:\windows\system32\detoured.dll
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-14 do 2011-05-14 )))))))))))))))))))))))))))))))
.
.
2011-05-14 08:06 . 2011-05-14 08:06 -------- d-----w- c:\program files\ActiveDBSoft
2011-05-14 07:54 . 2011-05-14 07:54 -------- d-----w- c:\documents and settings\Kamiliuss\Local Settings\Data aplikací\ConduitEngine
2011-05-14 07:54 . 2011-05-14 07:54 -------- d-----w- c:\program files\ConduitEngine
2011-05-14 07:54 . 2011-05-14 07:54 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-14 07:05 . 2011-05-14 07:26 -------- d-----w- c:\program files\Zrychleni Pocitace
2011-05-14 07:03 . 2011-05-14 07:03 -------- d-----w- c:\windows\system32\XPSViewer
2011-05-14 07:02 . 2011-05-14 07:02 -------- d-----w- c:\program files\Reference Assemblies
2011-05-14 06:53 . 2011-05-14 06:53 -------- d-----r- C:\AHCache
2011-05-14 06:42 . 2011-05-14 07:04 -------- d-----w- c:\windows\system32\cs-cz
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\system32\cs
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\system32\bits
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\l2schemas
2011-05-14 06:38 . 2008-04-13 22:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2011-05-14 06:37 . 2006-12-28 22:31 19569 ----a-w- c:\windows\005338_.tmp
2011-05-14 06:18 . 2011-05-14 08:41 -------- d-----w- c:\program files\Common Files\Real
2011-05-14 06:18 . 2011-05-14 06:18 -------- d-----w- c:\program files\Real
2011-05-13 12:15 . 2011-05-14 06:02 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-14 07:03 . 2008-10-26 08:45 1136288 ----a-w- c:\windows\system32\PerfStringBackup.TMP
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\prxtbXfi2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
2011-01-17 14:54 175912 ----a-w- c:\program files\XfireXO\prxtbXfi2.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
2010-02-11 07:58 185856 ----a-w- c:\program files\Get Styles\enlbrdr.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2008-10-08 11:22 1172792 ----a-w- c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"= "c:\program files\XfireXO\prxtbXfi2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792]
"{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3}"= "c:\program files\XfireXO\prxtbXfi2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.SWEETIE]
.
[HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ashampoo PopUpBlocker"="c:\progra~1\Ashampoo\ASHAMP~1\PopUpKiller.exe" [2004-02-03 1216000]
"TuneUp MemOptimizer"="c:\program files\TuneUp Utilities 2006\MemOptimizer.exe" [2005-09-21 294912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\instalace\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-06 09:57 548352 ----a-w- d:\instalace\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Kamiliuss^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83.lnk]
path=c:\documents and settings\Kamiliuss\Nabídka Start\Programy\Po spuštění\FreeRapid 0.83.lnk
backup=c:\windows\pss\FreeRapid 0.83.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2009-09-07 17:55 26624 ----a-w- c:\windows\OETRN.EXE
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
"OEXPRESS"=c:\windows\OETRN.EXE
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"Realtek HD Audio Control Panel"=c:\program files\Realtek\Audio\InstallShield\RTHDCPL.exe
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"QIP Internet Guardian"=c:\documents and settings\Kamiliuss\Data aplikací\QipGuard\QipGuard.exe
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
"Google Update"="c:\documents and settings\Kamiliuss\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
"Rthdcpl"=RTHDCPL.EXE
"SweetIM"=c:\program files\SweetIM\Messenger\SweetIM.exe
"VaCtrl"=c:\program files\VoiceAge\Common\VaCtrl.exe
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
"pdfFactory Dispatcher v3"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CanonMyPrinter"=c:\program files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenu"=c:\program files\Canon\SolutionMenu\CNSLMAIN.exe /logon
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Gamesky\\Lost via domus\\Yeti_Final_Win32.exe"=
"d:\\Gamesky\\Lost via domus\\gu.exe"=
"d:\\Gamesky\\Lost via domus\\detection\\Launcher.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2008 20:16 716272]
R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [6.8.2008 18:34 159616]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [6.8.2008 18:34 5248]
R1 SASDIFSV;SASDIFSV;d:\instalace\sasdifsv.sys [5.8.2009 16:06 9968]
R1 SASKUTIL;SASKUTIL;d:\instalace\SASKUTIL.SYS [5.8.2009 16:06 74480]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 9:21 468224]
S2 gupdate1ca8038948bb26c;Služba Google Update (gupdate1ca8038948bb26c);c:\program files\Google\Update\GoogleUpdate.exe [19.12.2009 1:19 133104]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [25.4.2010 11:46 90112]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2.1.2009 17:16 10976]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19.12.2009 1:19 133104]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [14.7.2009 15:31 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [14.7.2009 15:31 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [14.7.2009 15:31 97056]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10.2.2007 5:29 29178224]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [25.4.2010 11:28 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [25.4.2010 11:28 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [25.4.2010 11:28 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [25.4.2010 11:28 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [25.4.2010 11:28 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [25.4.2010 11:28 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [25.4.2010 11:28 109864]
S3 SASENUM;SASENUM;d:\instalace\SASENUM.SYS [5.8.2009 16:06 7408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-21 16:54]
.
2011-02-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]
.
2011-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 23:19]
.
2011-05-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-18 23:19]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.8&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: Get Styles: {6236BA26-C117-4007-928C-DE0716C7FA80} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA80}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-ICQ - c:\program files\ICQ7.0\ICQ.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-14 11:23
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-299502267-706699826-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:ac,76,01,e1,bf,53,5c,5c,2f,7e,eb,e6,2e,ff,fb,a9,85,fc,93,e7,41,
67,5f,61,69,0d,a7,b3,ff,cc,69,53,47,97,c8,9f,8d,75,51,09,41,76,19,17,09,7e,\
"rkeysecu"=hex:44,e5,27,a0,6b,99,d0,9b,d7,7c,f2,10,27,be,d2,c0
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1200)
d:\instalace\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1284)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
Celkový čas: 2011-05-14 11:24:56
ComboFix-quarantined-files.txt 2011-05-14 09:24
ComboFix2.txt 2009-09-07 18:41
ComboFix3.txt 2009-09-06 22:11
ComboFix4.txt 2009-09-06 17:35
ComboFix5.txt 2011-05-14 09:17
.
Před spuštěním: 4 462 149 632
Po spuštění: 4 601 225 216
.
Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - EF37B2A5F8D7EDCA8FADB989542BC0E8

#11 Příspěvek od **vyosek** » 14 kvě 2011 20:02

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
c:\program files\Zrychleni Pocitace
c:\program files\SweetIM
c:\program files\Get Styles

File::
c:\windows\005338_.tmp
c:\windows\system32\PerfStringBackup.TMP
c:\program files\XfireXO\prxtbXfi2.dll
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\Documents and Settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}"=-
"{EEE6C35D-6118-11DC-9C72-001320C79847}"=-
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
[-HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]
[-HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}]
[-HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook]
[-HKEY_CLASSES_ROOT\clsid\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"=-
"{5e5ab302-7f65-44cd-8211-c1d4caaccea3}"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"LightScribe Control Panel"=-
"OEXPRESS"=-
"CTFMON.EXE"=-
"Realtek HD Audio Control Panel"=-
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"QIP Internet Guardian"=-
"Sony Ericsson PC Suite"=-
"Google Update"=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Sony Ericsson PC Suite"=-
"Rthdcpl"=-
"SweetIM"=-
"VaCtrl"=-
"PWRISOVM.EXE"=-
"Adobe Reader Speed Launcher"=-
"NeroFilterCheck"=-
"pdfFactory Dispatcher v3"=-
"Adobe ARM"=-
"CanonMyPrinter"=-
"CanonSolutionMenu"=-
"QuickTime Task"=-
"GrooveMonitor"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3CF7606-E683-4375-A372-96B75DA0AEF7}]

Driver::
gupdate1ca8038948bb26
gupdatem¨
gusvc
NBService

DDS::
uStart Page = hxxp://start.icq.com/
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://search.qip.ru/ie

Firefox::
FF - ProfilePath - c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_result ... 2.0.0.8&q=
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - c:\program files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: SweetIM Toolbar for Firefox: {EEE6C361-6118-11DC-9C72-001320C79847} - %profile%\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
FF - Ext: XfireXO Community Toolbar: {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - %profile%\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: DVDVideoSoft Toolbar: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - %profile%\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
FF - Ext: QAssistant: {63414328-3ab4-2c84-6c41-5a473c4b2ff7} - %profile%\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

kamiliuss · #12 Příspěvek od **kamiliuss** » 14 kvě 2011 20:28

ComboFix 11-05-13.02 - Kamiliuss 14.05.2011 21:14:51.9.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1557 [GMT 2:00]
Spuštěný z: d:\stahovani\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Kamiliuss\Plocha\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\documents and settings\Kamiliuss\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll"
"c:\program files\XfireXO\prxtbXfi2.dll"
"c:\windows\005338_.tmp"
"c:\windows\system32\PerfStringBackup.TMP"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome.manifest
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome\content\assisttl.js
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome\content\assisttl.xul
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome\content\b1.dat
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome\content\b2.dat
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\chrome\content\box.xul
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\{63414328-3ab4-2c84-6c41-5a473c4b2ff7}\install.rdf
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru\chrome.manifest
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru\chrome\content\ajax.js
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru\chrome\content\main.js
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru\chrome\content\sample.xul
c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\extensions\QipCounter@qip.ru\install.rdf
c:\program files\Get Styles
c:\program files\Get Styles\ct.htm
c:\program files\Get Styles\enlbrdr.dll
c:\program files\Get Styles\hoticon.ico
c:\program files\Get Styles\tomapi.js
c:\program files\Get Styles\tommain.js
c:\program files\SweetIM
c:\program files\SweetIM\Messenger\default.xml
c:\program files\SweetIM\Messenger\mgAdaptersProxy.dll
c:\program files\SweetIM\Messenger\mgAIMAuto.dll
c:\program files\SweetIM\Messenger\mgAIMMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgArchive.dll
c:\program files\SweetIM\Messenger\mgcommon.dll
c:\program files\SweetIM\Messenger\mgcommunication.dll
c:\program files\SweetIM\Messenger\mgconfig.dll
c:\program files\SweetIM\Messenger\mgFlashPlayer.dll
c:\program files\SweetIM\Messenger\mghooking.dll
c:\program files\SweetIM\Messenger\mgICQAuto.dll
c:\program files\SweetIM\Messenger\mgICQMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgIEPlayer.dll
c:\program files\SweetIM\Messenger\mglogger.dll
c:\program files\SweetIM\Messenger\mgMediaPlayer.dll
c:\program files\SweetIM\Messenger\mgMsnAuto.dll
c:\program files\SweetIM\Messenger\mgMsnMessengerAdapter.dll
c:\program files\SweetIM\Messenger\mgsimcommon.dll
c:\program files\SweetIM\Messenger\mgSweetIM.dll
c:\program files\SweetIM\Messenger\mgUpdateSupport.dll
c:\program files\SweetIM\Messenger\mgxml_wrapper.dll
c:\program files\SweetIM\Messenger\mgYahooAuto.dll
c:\program files\SweetIM\Messenger\mgYahooMessengerAdapter.dll
c:\program files\SweetIM\Messenger\msvcp71.dll
c:\program files\SweetIM\Messenger\msvcr71.dll
c:\program files\SweetIM\Messenger\resources\images\AudibleButton.png
c:\program files\SweetIM\Messenger\resources\images\DisplayPicturesButton.png
c:\program files\SweetIM\Messenger\resources\images\EmoticonButton.png
c:\program files\SweetIM\Messenger\resources\images\NudgeButton.png
c:\program files\SweetIM\Messenger\resources\images\SoundFxButton.png
c:\program files\SweetIM\Messenger\resources\images\WinksButton.png
c:\program files\SweetIM\Messenger\SweetIM.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\ClearHist.exe
c:\program files\SweetIM\Toolbars\Internet Explorer\conf\logger.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\default.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgconfig.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mglogger.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\msvcp71.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\msvcr71.dll
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\affid.dat
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\basis.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Bookmarks_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Email_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Games_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Greetingcards_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Logo.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Mobile_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Music_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\News_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\Shoping_23x18.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileySmile.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\SmileyWink.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\sweetimicons.bmp
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\toolbar.xml
c:\program files\SweetIM\Toolbars\Internet Explorer\resources\version.txt
c:\program files\XfireXO\prxtbXfi2.dll
c:\windows\005338_.tmp
c:\windows\system32\PerfStringBackup.TMP
c:\windows\tasks\AppleSoftwareUpdate.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NBSERVICE
-------\Service_gusvc
-------\Service_NBService
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-14 do 2011-05-14 )))))))))))))))))))))))))))))))
.
.
2011-05-14 18:25 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-14 18:25 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-14 18:25 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-14 18:25 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-14 18:25 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-14 18:25 . 2011-05-10 12:02 102616 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-05-14 18:25 . 2011-05-10 12:02 96344 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-05-14 18:25 . 2011-05-10 11:59 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-05-14 18:25 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-05-14 18:25 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-14 18:22 . 2011-05-14 18:22 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-14 18:11 . 2011-05-14 18:11 0 ----a-w- c:\windows\ativpsrm.bin
2011-05-14 18:04 . 2011-05-14 18:04 -------- d-----w- c:\program files\AMD APP
2011-05-14 18:03 . 2011-04-20 02:29 57344 ----a-w- c:\windows\system32\aticalrt.dll
2011-05-14 18:03 . 2011-04-20 02:29 53248 ----a-w- c:\windows\system32\aticalcl.dll
2011-05-14 18:03 . 2011-04-20 02:24 5459968 ----a-w- c:\windows\system32\aticaldd.dll
2011-05-14 18:03 . 2011-04-20 02:14 17743872 ----a-w- c:\windows\system32\atioglxx.dll
2011-05-14 18:03 . 2011-04-20 01:55 1115008 ----a-w- c:\windows\system32\ativvamv.dll
2011-05-14 18:03 . 2011-04-20 01:40 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-05-14 18:03 . 2011-04-20 01:34 200704 ----a-w- c:\windows\system32\atiadlxx.dll
2011-05-14 18:03 . 2011-04-20 01:27 64512 ----a-w- c:\windows\system32\atimpc32.dll
2011-05-14 18:03 . 2011-04-20 01:27 64512 ----a-w- c:\windows\system32\amdpcom32.dll
2011-05-14 18:03 . 2009-05-11 21:35 118784 ----a-w- c:\windows\system32\atibtmon.exe
2011-05-14 18:03 . 2011-05-14 18:03 -------- d-----w- c:\program files\ATI
2011-05-14 18:01 . 2011-05-14 18:01 -------- d-----w- C:\ATI
2011-05-14 10:41 . 2011-05-14 18:25 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2011-05-14 10:41 . 2011-05-14 10:41 -------- d-----w- c:\program files\AVAST Software
2011-05-14 07:54 . 2011-05-14 07:54 -------- d-----w- c:\documents and settings\Kamiliuss\Local Settings\Data aplikací\ConduitEngine
2011-05-14 07:54 . 2011-05-14 07:54 -------- d-----w- c:\program files\ConduitEngine
2011-05-14 07:54 . 2011-05-14 07:54 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-05-14 07:03 . 2011-05-14 07:03 -------- d-----w- c:\windows\system32\XPSViewer
2011-05-14 07:02 . 2011-05-14 07:02 -------- d-----w- c:\program files\Reference Assemblies
2011-05-14 06:53 . 2011-05-14 06:53 -------- d-----r- C:\AHCache
2011-05-14 06:42 . 2011-05-14 07:04 -------- d-----w- c:\windows\system32\cs-cz
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\system32\cs
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\system32\bits
2011-05-14 06:42 . 2011-05-14 06:42 -------- d-----w- c:\windows\l2schemas
2011-05-14 06:38 . 2008-04-13 22:10 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys
2011-05-14 06:18 . 2011-05-14 08:41 -------- d-----w- c:\program files\Common Files\Real
2011-05-14 06:18 . 2011-05-14 06:18 -------- d-----w- c:\program files\Real
2011-04-19 20:10 . 2011-04-19 20:10 59904 ----a-w- c:\windows\system32\OVDecode.dll
2011-04-19 20:10 . 2011-04-19 20:10 51712 ----a-w- c:\windows\system32\OpenCL.dll
2011-04-19 20:10 . 2011-04-19 20:10 12385280 ----a-w- c:\windows\system32\amdocl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-20 02:41 . 2007-06-27 01:58 6537728 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2011-04-20 02:38 . 2008-02-03 16:52 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2011-04-20 02:04 . 2008-02-03 16:52 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-04-20 02:02 . 2007-06-27 01:58 302080 ----a-w- c:\windows\system32\ati2dvag.dll
2011-04-20 02:01 . 2007-06-27 01:41 4017408 ----a-w- c:\windows\system32\ati3duag.dll
2011-04-20 01:45 . 2007-06-27 01:31 3265920 ----a-w- c:\windows\system32\ativvaxx.dll
2011-04-20 01:44 . 2007-06-27 01:51 212992 ----a-w- c:\windows\system32\atipdlxx.dll
2011-04-20 01:44 . 2007-06-27 01:51 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2011-04-20 01:44 . 2007-06-27 01:51 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2011-04-20 01:44 . 2007-06-27 01:50 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-04-20 01:43 . 2007-06-27 01:50 188416 ----a-w- c:\windows\system32\ati2evxx.dll
2011-04-20 01:42 . 2007-06-27 01:49 643072 ----a-w- c:\windows\system32\ati2evxx.exe
2011-04-20 01:41 . 2007-06-27 01:48 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2011-04-20 01:36 . 2007-06-27 01:17 651264 ----a-w- c:\windows\system32\atikvmag.dll
2011-04-20 01:33 . 2007-06-27 01:16 17408 ----a-w- c:\windows\system32\atitvo32.dll
2011-04-20 01:30 . 2007-06-27 01:14 503808 ----a-w- c:\windows\system32\atiok3x2.dll
2011-04-20 01:28 . 2007-06-27 01:10 851968 ----a-w- c:\windows\system32\ati2cqag.dll
2011-04-20 01:26 . 2007-06-27 01:15 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-05-14_09.23.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-14 18:08 . 2001-11-09 15:01 24064 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ativcoxx.dll
+ 2011-05-14 18:08 . 2011-04-20 01:33 17408 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atitvo32.dll
+ 2011-05-14 18:08 . 2009-06-22 15:34 45056 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ATIODCLI.exe
+ 2011-05-14 18:08 . 2011-04-20 01:27 64512 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atimpc32.dll
+ 2011-05-14 18:08 . 2011-04-20 01:41 53248 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ATIDDC.DLL
+ 2011-05-14 18:08 . 2011-04-20 02:29 57344 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\aticalrt.dll
+ 2011-05-14 18:08 . 2011-04-20 02:29 53248 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\aticalcl.dll
+ 2011-05-14 18:08 . 2011-04-20 01:44 26112 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\Ati2mdxx.exe
+ 2011-05-14 18:08 . 2011-04-20 01:26 53248 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2erec.dll
+ 2011-05-14 18:08 . 2007-06-27 01:50 43520 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2edxx.dll
+ 2011-05-14 18:03 . 2011-04-20 01:44 81690 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\oemdspif.dll
+ 2011-05-14 18:03 . 2001-11-09 15:01 12614 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ativcoxx.dll
+ 2011-05-14 18:03 . 2010-08-27 18:32 81222 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiode.exe
+ 2011-05-14 18:03 . 2009-06-22 15:34 25130 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiodcli.exe
+ 2011-05-14 18:03 . 2011-04-20 01:27 41419 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atimpc32.dll
+ 2011-05-14 18:03 . 2011-04-20 01:41 28699 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiddc.dll
+ 2011-05-14 18:03 . 2011-04-20 02:29 29982 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\aticalrt.dll
+ 2011-05-14 18:03 . 2011-04-20 02:29 29022 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\aticalcl.dll
+ 2011-05-14 18:03 . 2009-05-11 21:35 71662 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atibtmon.exe
+ 2011-05-14 18:03 . 2011-04-20 01:40 57339 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiapfxx.exe
+ 2011-05-14 18:03 . 2011-04-20 01:44 16308 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2mdxx.exe
+ 2011-05-14 18:03 . 2011-04-20 01:26 13652 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2erec.dll
+ 2011-05-14 18:03 . 2011-04-20 01:44 28845 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2edxx.dll
+ 2009-03-05 14:54 . 2010-12-20 16:09 38224 c:\windows\system32\drivers\mbamswissarmy.sys
+ 2009-03-05 14:54 . 2010-12-20 16:08 20952 c:\windows\system32\drivers\mbam.sys
+ 2007-06-02 02:25 . 2009-06-22 15:34 45056 c:\windows\system32\ATIODCLI.exe
+ 2011-05-14 18:04 . 2011-05-14 18:04 10134 c:\windows\Installer\{F90D9C89-7918-7994-66CC-513C4A92D3A6}\ARPPRODUCTICON.exe
+ 2011-05-14 18:04 . 2011-05-14 18:04 10134 c:\windows\Installer\{D41DA7B0-DE4C-20A5-FC4C-F00327548F0D}\ARPPRODUCTICON.exe
+ 2011-05-14 18:04 . 2011-05-14 18:04 10134 c:\windows\Installer\{C85C8CE6-CA92-7CDC-75C3-AA9C22E7FD75}\ARPPRODUCTICON.exe
+ 2011-05-14 18:03 . 2011-05-14 18:08 77542 c:\windows\Installer\{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}\NewShortcut5_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-05-14 18:03 . 2011-05-14 18:08 77542 c:\windows\Installer\{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}\NewShortcut4_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-05-14 18:03 . 2011-05-14 18:08 77542 c:\windows\Installer\{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}\NewShortcut3_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-05-14 18:03 . 2011-05-14 18:08 77542 c:\windows\Installer\{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}\NewShortcut2_4DEA5338A7B840A3B51CDC742625BF49.exe
+ 2011-05-14 18:03 . 2011-05-14 18:08 77542 c:\windows\Installer\{BB85B4D1-FE48-9AC2-ACF3-5833D539C606}\ARPPRODUCTICON.exe
+ 2011-05-14 18:08 . 2011-05-14 18:08 10134 c:\windows\Installer\{AFBF90DF-9FBE-002F-E8F4-2EC713678BD7}\ARPPRODUCTICON.exe
+ 2011-05-14 18:04 . 2011-05-14 18:04 10134 c:\windows\Installer\{A25FF1C0-80B6-4B8B-A551-DC525697A408}\ARPPRODUCTICON.exe
+ 2011-05-14 18:04 . 2011-05-14 18:04 10134 c:\windows\Installer\{19A492A0-888F-44A0-9B21-D91700763F62}\ARPPRODUCTICON.exe
+ 2011-05-14 10:34 . 2011-05-14 10:34 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\b5a285233229bb4f9d9831ebf27fe9ac\System.Windows.Presentation.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\17e2a7113434da494a846a8f4e4ac5e9\System.Web.DynamicData.Design.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\a8e047504bdad9ec14efd483574b0dd5\System.ComponentModel.DataAnnotations.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f2b48eab657b4ef1d19dac11bdf0c913\System.AddIn.Contract.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 17408 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Tools.Ba#\e7162bbe3d427c9ce5abb7d53ce1808e\Syncfusion.Tools.Base.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 79872 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Shared.W#\43a895597a667515b62a9345f76598d0\Syncfusion.Shared.Windows.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 16384 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Grid.Base\3d0ceb9f18ecbb38b3ee0580ae332db3\Syncfusion.Grid.Base.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\28ea74096df47800fe2c78bb2b9a4f2a\Microsoft.Vsa.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\ea2ae783dc512b6a9e62bba0d4f71ecf\Microsoft.SqlServer.CustomControls.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\66359457e427c0d547750a79f754f9ba\Microsoft.Build.Framework.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\36dbc4689f7c51e393504230004c9dec\Microsoft.Build.Framework.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 44544 c:\windows\assembly\NativeImages_v2.0.50727_32\Interop\789c1c190fabc45b357b57c5c0b5420f\Interop.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a2865dcec9c5d3cc9c55f026cbad6fcc\dfsvc.ni.exe
+ 2011-05-14 10:32 . 2011-05-14 10:32 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\ControlLibrary\ae7a0f9cf3659099164fc92dfd2b65c9\ControlLibrary.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 53248 c:\windows\assembly\NativeImages_v2.0.50727_32\AjaVideoProperties\94fae2332d8e1de95fddd018940895b9\AjaVideoProperties.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\c2af7cfbb47c077029a2645930b4eeac\Accessibility.ni.dll
+ 2011-05-14 18:03 . 2011-04-20 01:33 8348 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atitvo32.dll
+ 2011-05-14 18:08 . 2011-04-20 01:44 155648 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\Oemdspif.dll
+ 2011-05-14 18:08 . 2011-04-20 01:41 887724 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ativva6x.dat
+ 2011-05-14 18:08 . 2007-06-27 01:51 143360 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atipdlxx.dll
+ 2011-05-14 18:08 . 2007-06-27 01:14 176128 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atiok3x2.dll
+ 2011-05-14 18:08 . 2010-08-27 18:32 294912 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ATIODE.exe
+ 2011-05-14 18:08 . 2007-06-27 01:17 266240 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atikvmag.dll
+ 2011-05-14 18:08 . 2011-04-20 02:38 311296 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atiiiexx.dll
+ 2011-05-14 18:08 . 2011-02-28 21:30 233012 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atiicdxx.dat
+ 2011-05-14 18:08 . 2011-04-20 02:04 462848 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ATIDEMGX.dll
+ 2011-05-14 18:08 . 2009-05-11 21:35 118784 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atibtmon.exe
+ 2011-05-14 18:08 . 2011-04-20 01:40 151552 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atiapfxx.exe
+ 2011-05-14 18:08 . 2011-04-20 01:34 200704 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atiadlxx.dll
+ 2011-05-14 18:08 . 2007-06-27 01:49 483328 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2evxx.exe
+ 2011-05-14 18:08 . 2007-06-27 01:50 118784 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2evxx.dll
+ 2011-05-14 18:08 . 2007-06-27 01:58 269312 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2dvag.dll
+ 2011-05-14 18:08 . 2007-06-27 01:10 376832 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2cqag.dll
+ 2011-05-14 18:03 . 2007-06-27 01:30 972072 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\ativva6x.dat
+ 2011-05-14 18:03 . 2007-06-27 01:56 307200 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\atiiiexx.dll
+ 2011-05-14 18:03 . 2007-06-05 17:40 149278 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\atiicdxx.dat
+ 2011-05-14 18:03 . 2007-06-27 01:59 344064 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\ATIDEMGX.dll
+ 2011-05-14 18:22 . 2011-05-14 18:22 239776 c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe
- 2011-05-14 06:02 . 2011-05-14 06:02 239776 c:\windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe
+ 2011-05-14 18:03 . 2011-04-20 01:55 563559 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ativvamv.dll
+ 2011-05-14 18:03 . 2011-04-20 01:41 887724 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ativva6x.dat
+ 2011-05-14 18:03 . 2011-04-20 01:44 110216 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atipdlxx.dll
+ 2011-05-14 18:03 . 2011-04-20 01:30 236171 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiok3x2.dll
+ 2011-05-14 18:03 . 2011-04-20 01:36 334450 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atikvmag.dll
+ 2011-05-14 18:03 . 2011-04-20 02:38 311296 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiiiexx.dll
+ 2011-05-14 18:03 . 2011-02-28 21:30 233012 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiicdxx.dat
+ 2011-05-14 18:03 . 2011-04-20 02:04 462848 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atidemgx.dll
+ 2011-05-14 18:03 . 2011-04-20 01:34 109332 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atiadlxx.dll
+ 2011-05-14 18:03 . 2011-04-20 01:42 344896 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2evxx.exe
+ 2011-05-14 18:03 . 2011-04-20 01:43 102783 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2evxx.dll
+ 2011-05-14 18:03 . 2011-04-20 02:02 189979 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2dvag.dll
+ 2011-05-14 18:03 . 2011-04-20 01:28 424652 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2cqag.dll
+ 2008-02-03 14:46 . 2011-04-20 01:41 887724 c:\windows\system32\ativva6x.dat
+ 2007-06-02 02:26 . 2010-08-27 18:32 294912 c:\windows\system32\ATIODE.exe
+ 2008-02-03 14:46 . 2011-02-28 21:30 233012 c:\windows\system32\atiicdxx.dat
+ 2011-05-14 18:08 . 2011-05-14 18:08 438272 c:\windows\Installer\b539d.msi
+ 2011-05-14 18:04 . 2011-05-14 18:04 843264 c:\windows\Installer\b5330.msi
+ 2011-05-14 18:04 . 2011-05-14 18:04 198656 c:\windows\Installer\b5325.msi
+ 2011-05-14 18:04 . 2011-05-14 18:04 252416 c:\windows\Installer\b531f.msi
+ 2011-05-14 18:04 . 2011-05-14 18:04 262656 c:\windows\Installer\b5318.msi
+ 2011-05-14 18:04 . 2011-05-14 18:04 323584 c:\windows\Installer\b530e.msi
+ 2011-05-14 10:32 . 2011-05-14 10:32 321024 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\7d2a3adbdcb675f872eb2dbf21f73596\WsatConfig.ni.exe
+ 2011-05-14 10:34 . 2011-05-14 10:34 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\8c0d96269480bdd3de8a825f0215308d\System.Xml.Linq.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\18e1acd6761195389db42bab83169fd2\System.Web.Routing.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\70764208219715962d310336b5959dfa\System.Web.RegularExpressions.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 858112 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\f288f2cb75465c0f45154079365af9e8\System.Web.Extensions.Design.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 328192 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\bbdc5cb2f2f92fd610de7331d748193a\System.Web.Entity.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ca1ce755bb49324c7d275c426188a28f\System.Web.Entity.Design.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 542720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\aff5e0fa23e49ee75e458408c1f66da2\System.Web.DynamicData.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\fbe60d84b9f1ab74e396fb1507f69615\System.Web.Abstractions.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\12903c3843fe923d1977801ffa3cf26c\System.Transactions.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a9e71dda6389403be4db7b567592e3b8\System.ServiceProcess.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 676352 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\0418eb6dbffe9b46aa4c989153d6a3b5\System.Security.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\01dc643b54310ebc5ab7e4696df426bc\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 620032 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\eabe1915c13467e1e66e2b073bcb842f\System.Net.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 997888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\894d87c08a9a5b5923e7104055a616d2\System.Management.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\1db9deebde7c96b2874b4ffccac2f48e\System.Management.Instrumentation.ni.dll
+ 2011-05-14 09:31 . 2011-05-14 09:31 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\bcfccfa22245d2223a764611c61a7cb9\System.IO.Log.ni.dll
+ 2011-05-14 09:31 . 2011-05-14 09:31 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\be8c7482f1e78a3b4984af9082d455a7\System.IdentityModel.Selectors.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.Wrapper.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5f9cd5bfebcb94175d440ebab3aa412f\System.EnterpriseServices.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 880640 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\c205bbbb88bfa4bd5e274f43ea0013cb\System.DirectoryServices.AccountManagement.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\44de75caba2b9711b3d9030a30767f8b\System.DirectoryServices.Protocols.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 939520 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\d3aed340a6562196ca40978556fb29d1\System.Data.Services.Client.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\3cb9c5203e50cb6af99b163522e9357c\System.Data.Services.Design.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 755200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\9867484f25281882e61f61066fa651a3\System.Data.Entity.Design.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\4f4ddae492a4a4ce4a2961f3d72d9399\System.Data.DataSetExtensions.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 970752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb4cb21d14767292e079366a5d3d76cd\System.Configuration.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 140800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\22a1629a4dcdd493bbd8be40cc122e94\System.Configuration.Install.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 632832 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\b01721205312c6c18df033cc47b60e5c\System.AddIn.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 366592 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Core\c44dc71b7f68a327f493322dc8ce5c3f\Syncfusion.Core.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 927232 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.Vegas\f38c5823d8820854667432a157847ec0\Sony.Vegas.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 222208 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.Vegas.NetRender\e46631e57280eb39aa8a71930b81972f\Sony.Vegas.NetRender.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 278528 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\34494442a4db27723541f07515cd4fe7\Sony.MediaSoftware.ExternalVideoDevice.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 646144 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.Capture\32b9865c285c1039cf59562507248085\Sony.Capture.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 365056 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\b9c1a29e684bc02e49226ff1e9eec253\SMSvcHost.ni.exe
+ 2011-05-14 10:32 . 2011-05-14 10:32 255488 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\2e19ccefc30d7b827bab3f7d8dcc0ab9\SMDiagnostics.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 319488 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\6781b87c8d3b55e6120b1e86bea6e040\ServiceModelReg.ni.exe
+ 2011-05-14 10:32 . 2011-05-14 10:32 184320 c:\windows\assembly\NativeImages_v2.0.50727_32\NullableTypes\9ee974a326aba36e461eb1b5ae81eb3b\NullableTypes.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\87c84ffaaad81d8d106a9aa9d68b5926\MSBuild.ni.exe
+ 2011-05-14 10:32 . 2011-05-14 10:32 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\539e297cc9bc67fbf2fbdc9dc5fcd0f1\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\51d74890d55a8b1f5375457b9e4b531b\Microsoft.SqlServer.Setup.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\334222245e81d48c73682a1c3dfa5c26\Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 530432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\16a42f39de574b65672a6f7b60d47b94\Microsoft.SqlServer.GridControl.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\f900abeac1a34b1ea03de11b1ef647b1\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\43dceeb2d0601d79af40752fb20283c2\Microsoft.Build.Utilities.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\28eede53267524df58362a75a668cf86\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 838656 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\daf5ff5e06c80eefa80c6fcc79aec963\Microsoft.Build.Engine.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c5c4db4f9bc7a454e9cfc2548a9d45a5\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 657408 c:\windows\assembly\NativeImages_v2.0.50727_32\log4net\165d2825b5fd6feb2c4cefaa3dd9bfd4\log4net.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\e148983beeb0f30918b0564849a16456\CustomMarshalers.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 324608 c:\windows\assembly\NativeImages_v2.0.50727_32\CoreUI\6225f7a9e216ecd93dbc79fada338823\CoreUI.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 818688 c:\windows\assembly\NativeImages_v2.0.50727_32\CoreUI.XmlSerialize#\a6f2173b6c49968b5386e9c7c81ebdb1\CoreUI.XmlSerializers.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 120320 c:\windows\assembly\NativeImages_v2.0.50727_32\CorePrimitives\3ac000396125aea1d0c32940adfc1165\CorePrimitives.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 409600 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\19b50dd470540911fc5cc65331a769e4\ComSvcConfig.ni.exe
+ 2011-05-14 10:32 . 2011-05-14 10:32 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\c7ffd8c23e8de4018a88185b3b60631e\AspNetMMCExt.ni.dll
+ 2011-05-14 18:08 . 2007-06-27 01:31 1519744 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ativvaxx.dll
+ 2011-05-14 18:08 . 2011-04-20 01:55 1115008 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ativvamv.dll
+ 2011-05-14 18:08 . 2011-04-20 02:24 5459968 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\aticaldd.dll
+ 2011-05-14 18:08 . 2007-06-27 01:41 2940992 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati3duag.dll
+ 2011-05-14 18:08 . 2011-04-20 02:41 6537728 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\ati2mtag.sys
+ 2011-05-14 18:03 . 2007-06-27 01:30 3107788 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\ativvaxx.dat
+ 2011-05-14 18:03 . 2007-06-27 01:30 3107788 c:\windows\system32\ReinstallBackups\0004\DriverFiles\B_49782\ativva5x.dat
- 2011-05-14 06:02 . 2011-05-14 06:02 6271136 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-05-14 18:22 . 2011-05-14 18:22 6271136 c:\windows\system32\Macromed\Flash\NPSWF32.dll
+ 2011-05-14 18:03 . 2011-04-20 01:45 1587992 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ativvaxx.dll
+ 2011-05-14 18:03 . 2011-04-20 02:14 7769026 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\atioglxx.dll
+ 2011-05-14 18:03 . 2011-04-20 02:24 2522592 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\aticaldd.dll
+ 2011-05-14 18:03 . 2011-04-20 02:01 2132414 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati3duag.dll
+ 2011-05-14 18:03 . 2011-04-20 02:41 4323474 c:\windows\system32\DRVSTORE\CX118226_B2687266FBEE02D8E149031FC6F5CF8A01741CCF\B117547\ati2mtag.sys
+ 2007-06-27 01:58 . 2011-04-20 02:41 6537728 c:\windows\system32\dllcache\ati2mtag.sys
+ 2011-05-14 18:08 . 2011-05-14 18:08 1597440 c:\windows\Installer\b53a4.msi
+ 2011-05-14 10:32 . 2011-05-14 10:32 1374720 c:\windows\assembly\NativeImages_v2.0.50727_32\WidgetLibrary\cf2ab6c2b4d4cd219acd4cda1475bbc9\WidgetLibrary.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1355264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\43911ac4e29949c57560eee5cb7b76c2\System.WorkflowServices.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1904128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\6d0966370023925610756f368140b947\System.Workflow.Runtime.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 4510720 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\9de33f5786cd15e220f47b916c5a15e9\System.Workflow.ComponentModel.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 2989568 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\d6cc33db5d526553ffbbfd1d372a8493\System.Workflow.Activities.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1840128 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1dad08772eb89d48a8a0cfe9b0467eb0\System.Web.Services.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 2209280 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e5995a34d44ad5af7d9f335075bded4d\System.Web.Mobile.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 2400256 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6a20b64ad8e2aaa2f40d67ff01fcc708\System.Web.Extensions.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1705984 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\a3adabee8e63dc76f65710a9c32175fc\System.ServiceModel.Web.ni.dll
+ 2011-05-14 09:31 . 2011-05-14 09:31 2338304 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bb748f8ef8c98eb5c7f79b8faee95397\System.Runtime.Serialization.ni.dll
+ 2011-05-14 09:31 . 2011-05-14 09:31 1056768 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\94b2ca600c860c76e387f8bd317bd4c3\System.IdentityModel.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1116672 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6bcc481030a56c24d5990d199812c594\System.DirectoryServices.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1800704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\df1efcbac5973454c608890f72eb994d\System.Deployment.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 2508800 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\0ec1b690c5ee057fa92ecff78de1457c\System.Data.SqlXml.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 1326080 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\6f298259c87cc6c7318d931f52f053c5\System.Data.Services.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 9903104 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\8c050147d7031f912f6ca2b15550173f\System.Data.Entity.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 6546944 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Tools.Wi#\05de1ceab7708344528658aa051ebac7\Syncfusion.Tools.Windows.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 3540480 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Shared.B#\bdc1b902a5ced5d18ee4758af1158649\Syncfusion.Shared.Base.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 4227072 c:\windows\assembly\NativeImages_v2.0.50727_32\Syncfusion.Grid.Win#\b376708112248327f886fcaffcc26e2f\Syncfusion.Grid.Windows.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 3804672 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\4ad27899e36b8110170900cfeb9e0357\Sony.MediaSoftware.MediaMgr.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 1008128 c:\windows\assembly\NativeImages_v2.0.50727_32\Sony.MediaSoftware.#\30aad4b15fc73955df31dc7dcf7fedb0\Sony.MediaSoftware.clrshared.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 1711104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\5b3d048d8c003d743ea5e72caf07773a\Microsoft.VisualBasic.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 1092608 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\21bb6244c91b6207fbcb038884a641ef\Microsoft.Transactions.Bridge.ni.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 2332160 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\7d61e63dea85f4f77ea4c13df7651ec7\Microsoft.JScript.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 1965568 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\cd6eeb3d7ea1f65c28a43e665db38644\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 1620480 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\152cf75db013f0523933ac45177b4217\Microsoft.Build.Tasks.ni.dll
+ 2011-05-14 10:33 . 2011-05-14 10:33 1886208 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\ce984d7bbd9a6d5d3cca28c4e5038020\Microsoft.Build.Engine.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 1532928 c:\windows\assembly\NativeImages_v2.0.50727_32\CoreGraphics\4b5e2db4d1fca34ef9fed7fadeb419b1\CoreGraphics.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 1180672 c:\windows\assembly\NativeImages_v2.0.50727_32\CoreGraphics.XmlSer#\38417597d9c9683d43b5c9b93f205de4\CoreGraphics.XmlSerializers.ni.dll
+ 2011-05-14 18:08 . 2011-04-20 02:14 17743872 c:\windows\system32\ReinstallBackups\0008\DriverFiles\B117547\atioglxx.dll
+ 2011-05-14 10:34 . 2011-05-14 10:34 11791360 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\50ea744ffc3cb7f09b027fd6c5c93b2b\System.Web.ni.dll
+ 2011-05-14 10:32 . 2011-05-14 10:32 17313792 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\d85d9535e91da842fded56869d57790a\System.ServiceModel.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\instalace\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-06 09:57 548352 ----a-w- d:\instalace\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Kamiliuss^Nabídka Start^Programy^Po spuštění^FreeRapid 0.83.lnk]
path=c:\documents and settings\Kamiliuss\Nabídka Start\Programy\Po spuštění\FreeRapid 0.83.lnk
backup=c:\windows\pss\FreeRapid 0.83.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OEXPRESS]
2009-09-07 17:55 26624 ----a-w- c:\windows\OETRN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Gamesky\\Lost via domus\\Yeti_Final_Win32.exe"=
"d:\\Gamesky\\Lost via domus\\gu.exe"=
"d:\\Gamesky\\Lost via domus\\detection\\Launcher.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FarCry2.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FC2Launcher.exe"=
"d:\\Gamesky\\Far Cry 2\\bin\\FC2Editor.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.2.2008 20:16 716272]
R0 vax347b;vax347b;c:\windows\system32\drivers\vax347b.sys [6.8.2008 18:34 159616]
R0 vax347s;vax347s;c:\windows\system32\drivers\vax347s.sys [6.8.2008 18:34 5248]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.5.2011 20:25 441176]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.5.2011 20:25 307928]
R1 SASDIFSV;SASDIFSV;d:\instalace\sasdifsv.sys [5.8.2009 16:06 9968]
R1 SASKUTIL;SASKUTIL;d:\instalace\SASKUTIL.SYS [5.8.2009 16:06 74480]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.5.2011 20:25 19544]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [25.4.2010 11:46 90112]
S2 gupdate1ca8038948bb26c;Služba Google Update (gupdate1ca8038948bb26c);c:\program files\Google\Update\GoogleUpdate.exe [19.12.2009 1:19 133104]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2.1.2009 17:16 10976]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19.12.2009 1:19 133104]
S3 K320bus;Sony Ericsson K320 driver (WDM);c:\windows\system32\drivers\K320bus.sys [14.7.2009 15:31 61504]
S3 K320mdfl;Sony Ericsson K320 USB WMC Modem Filter;c:\windows\system32\drivers\K320mdfl.sys [14.7.2009 15:31 9328]
S3 K320mdm;Sony Ericsson K320 USB WMC Modem Driver;c:\windows\system32\drivers\K320mdm.sys [14.7.2009 15:31 97056]
S3 MSSQL$SONY_MEDIAMGR2;SQL Server (SONY_MEDIAMGR2);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [10.2.2007 5:29 29178224]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [25.4.2010 11:28 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [25.4.2010 11:28 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [25.4.2010 11:28 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [25.4.2010 11:28 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [25.4.2010 11:28 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [25.4.2010 11:28 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [25.4.2010 11:28 109864]
S3 SASENUM;SASENUM;d:\instalace\SASENUM.SYS [5.8.2009 16:06 7408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2007-06-20 11:47 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2011-05-13 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2006\SystemOptimizer.exe [2005-09-21 16:54]
.
.
------- Doplňkový sken -------
.
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Kamiliuss\Data aplikací\Mozilla\Firefox\Profiles\92wq096u.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - Ext: Usage Stat: {6236BA26-C117-4007-928C-DE0716C7FA96} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA96}
FF - Ext: FBFan: {6236BA26-C117-4007-928C-DE0716C7FA99} - %profile%\extensions\{6236BA26-C117-4007-928C-DE0716C7FA99}
FF - Ext: KFD Flv: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: {8675f4b3-2f19-11ed-2d6b-0800600c0a16}: {8675f4b3-2f19-11ed-2d6b-0800600c0a16} - %profile%\extensions\{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: content.max.tokenizing.time - 200000
FF - user.js: content.notify.interval - 100000
FF - user.js: content.switch.threshold - 650000
FF - user.js: nglayout.initialpaint.delay - 300
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-14 21:22
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-299502267-706699826-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:ac,76,01,e1,bf,53,5c,5c,2f,7e,eb,e6,2e,ff,fb,a9,85,fc,93,e7,41,
67,5f,61,69,0d,a7,b3,ff,cc,69,53,47,97,c8,9f,8d,75,51,09,41,76,19,17,09,7e,\
"rkeysecu"=hex:44,e5,27,a0,6b,99,d0,9b,d7,7c,f2,10,27,be,d2,c0
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(972)
d:\instalace\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'lsass.exe'(1028)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
.
- - - - - - - > 'explorer.exe'(3344)
c:\windows\system32\vorbis.dll
c:\windows\system32\ogg.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2011-05-14 21:26:40 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-14 19:26
ComboFix2.txt 2011-05-14 09:24
ComboFix3.txt 2009-09-07 18:41
ComboFix4.txt 2009-09-06 22:11
ComboFix5.txt 2011-05-14 19:12
.
Před spuštěním: 5 196 681 216
Po spuštění: 5 204 299 776
.
Current=4 Default=4 Failed=3 LastKnownGood=5 Sets=1,2,3,4,5
- - End Of File - - 79FA36EF0DC991BDD98CC34C1C409742

#13 Příspěvek od **vyosek** » 14 kvě 2011 20:41

Log vypada jiz cisty, jak se chova PC

kamiliuss · #14 Příspěvek od **kamiliuss** » 15 kvě 2011 09:19

PC jde dobře a rychleji, videa na netu neb televiza taky dal mi tam včera kolega jinou verzi abdobe flash playeru, odinstaloval ESET NOD, nainstaloval AVAST, neb na to jsem si netroufal sám ,neb jsem nevěděl postup. Děkuji moc za rady a trpělivost. Přeji pěkný zbytek víkendu.dík

#15 Příspěvek od **vyosek** » 15 kvě 2011 09:28

Tak jeste uklidime

Odinstalujte Combofix

Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
Napiste ComboFix /Uninstall
Stisknete Enter
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

A pokud nejsou problemy ci dotazy, je to z me strany vse

Jinak pekny zbytek vikendu i Vam

VIRY.CZ

prosím o kontrolu PC - dík

prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík

Re: prosím o kontrolu PC - dík