VIRY.CZ

Ahoj, chtěl bych v rychlosti podat zprávu s vazbou na na důsledek, který jsem několikrát nevěděl čemu přičíst.

Během posledních dní jsem instaloval několik aplikací z neověřených zdrojů a i přes zapnutý NOD 32 se vše obešlo bez nákazy.

Včera proběhla aktualizace.

Po restartu NOD 32 hlásí WIN32/ olmarik v operační paměti a nejde odstranit.

Hledal jsem tedy na viry.cz foru a našel řadu situací. Všude se zmiňovalo, že se nemá používat Combofix bez vyžádání moderátorů fóra.
Všiml jsem si, že moderátoři vždy logy zkontrolovali a ve většině případů použili Combofix.
Na viry.cz jsem našel topic/vlákno, které popisovalo řešení stejného problému. Pročistil jsem PC Malwarebytes anti-malware sw a poté nainstaloval Combofix.

Spustil jsem combofix a win 7 32bit professional spadl / crash s modrou obrazovkou. Nelze nastartovat. Pokus o obnovení z nouzového režimu neúspěšný. PC v průběhu obnovení na tvrdo vypnut a zapnut. Win 7 naběhlo. Hádám, že se něco přeci jen opravilo.

NOD 32 problém nehlásí a google chrome v pořádku funguje.

PROBLEM: problém jsem zjistil právě tak, že po nastartování google chrome se mi neobjevilo 8 miniatur stránek a nemohl jsem google chrome používat. Na liště byl křížek, jako kdyby se stránka načítala, ale žádná adresa zadána nebyla. To samé se dělo i při odpojeném síťovém připojení.
Evidentní vazbu na rootkit Olmarik jsem si tímto chováním potvrdil a zariskoval.

Zdravim a pekny den preji

Hlavne ze si prectete ze se nema CFko pouzivat a vzapeti jej tam pustite

Ono to neni hracka

Nebezpeci CFka

Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
Maze stopy po haveti, takze v logu z RSIT neni nic videt
Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

Utilitu spustte a prikazte ji, at skenuje - klik na Start Scan
Pokud utilita najde infikekci, bude ji chtit lecit (Cure), povolte leceni kliknutim na Continue
Pokud utilita najde podezrely soubor (suspicious), bude jej chtit preskocit (Skip), povolte preskoceni kliknutim na Continue
Po dokonceni skenu bude mozna nutny restart PC, povolte jej kliknutim na Reboot now
Po restartu na Vas vyskoci log, pokud se tak nestane, najdete jej primo na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt - jeho obsah sem vlozte
Pokud restart nebude vyzadovan, kliknete na Close a nasledne na Report - vytvori se log - jeho obsah sem vlozte

dobrý den, děkuji za radu.

Těchto rizik jsem si byl vědom. Byl jsem smířen s tím, že si dnes ráno udělat novou instalaci. Šlo mi o čas, potřebuji pracovat a nedokázal jsem zhodnotit jak rychle probíhat podpora od Vás. Ještě jednou děkuji.

Nicméně jsem hledal podle problémů. Všichni hlásili Olamrik.IDENTIFIKACE a jen jediný topic vykazoval ty samé příznaky jako já. S patřičným úklidem Malware jsem to risknul. Taky jsem myslel, že s modrou smrtí končí sranda a jde se na reinstall.

Spustím TDSSkiller.exe a ozvu se. Děkuji.

2011/05/26 08:56:31.0595 5028 TDSS rootkit removing tool 2.5.3.0 May 25 2011 07:09:24
2011/05/26 08:56:31.0734 5028 ================================================================================
2011/05/26 08:56:31.0734 5028 SystemInfo:
2011/05/26 08:56:31.0734 5028
2011/05/26 08:56:31.0734 5028 OS Version: 6.1.7601 ServicePack: 1.0
2011/05/26 08:56:31.0734 5028 Product type: Workstation
2011/05/26 08:56:31.0734 5028 ComputerName: MAREK-PC
2011/05/26 08:56:31.0734 5028 UserName: Marek
2011/05/26 08:56:31.0734 5028 Windows directory: C:\Windows
2011/05/26 08:56:31.0734 5028 System windows directory: C:\Windows
2011/05/26 08:56:31.0734 5028 Processor architecture: Intel x86
2011/05/26 08:56:31.0734 5028 Number of processors: 2
2011/05/26 08:56:31.0734 5028 Page size: 0x1000
2011/05/26 08:56:31.0734 5028 Boot type: Normal boot
2011/05/26 08:56:31.0734 5028 ================================================================================
2011/05/26 08:56:32.0120 5028 Initialize success
2011/05/26 08:56:33.0714 3824 ================================================================================
2011/05/26 08:56:33.0714 3824 Scan started
2011/05/26 08:56:33.0714 3824 Mode: Manual;
2011/05/26 08:56:33.0714 3824 ================================================================================
2011/05/26 08:56:34.0224 3824 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
2011/05/26 08:56:34.0315 3824 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
2011/05/26 08:56:34.0386 3824 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
2011/05/26 08:56:34.0447 3824 adatadrv (5ee8aaa16951e46d197392ba6f2402ea) C:\Windows\system32\DRIVERS\adatadrv.sys
2011/05/26 08:56:34.0605 3824 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
2011/05/26 08:56:34.0701 3824 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/26 08:56:34.0767 3824 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/26 08:56:34.0802 3824 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/26 08:56:34.0938 3824 AFD (1151fd4fb0216cfed887bfde29ebd516) C:\Windows\system32\drivers\afd.sys
2011/05/26 08:56:34.0973 3824 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
2011/05/26 08:56:35.0081 3824 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/05/26 08:56:35.0228 3824 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
2011/05/26 08:56:35.0332 3824 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
2011/05/26 08:56:35.0445 3824 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
2011/05/26 08:56:35.0489 3824 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/26 08:56:35.0529 3824 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/26 08:56:35.0669 3824 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
2011/05/26 08:56:35.0798 3824 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/26 08:56:35.0853 3824 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
2011/05/26 08:56:35.0948 3824 Andbus (3e59df4984fbd6800d6621480b38a34e) C:\Windows\system32\DRIVERS\lgandbus.sys
2011/05/26 08:56:36.0104 3824 AndDiag (8e0bf6f3b2c9c292bc7ce0de727cdd56) C:\Windows\system32\DRIVERS\lganddiag.sys
2011/05/26 08:56:36.0283 3824 AndGps (1d2c90e25483363d54b652898bbc8f2a) C:\Windows\system32\DRIVERS\lgandgps.sys
2011/05/26 08:56:36.0406 3824 ANDModem (b1b06a95da2cac7fa19832c60c348c85) C:\Windows\system32\DRIVERS\lgandmodem.sys
2011/05/26 08:56:36.0550 3824 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
2011/05/26 08:56:36.0719 3824 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/05/26 08:56:36.0873 3824 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/26 08:56:37.0115 3824 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/26 08:56:37.0281 3824 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
2011/05/26 08:56:37.0563 3824 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/26 08:56:37.0848 3824 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/05/26 08:56:37.0979 3824 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/26 08:56:38.0131 3824 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/05/26 08:56:38.0268 3824 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/26 08:56:38.0437 3824 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/26 08:56:38.0617 3824 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/26 08:56:38.0699 3824 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/26 08:56:38.0909 3824 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/05/26 08:56:39.0009 3824 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/26 08:56:39.0067 3824 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/26 08:56:39.0227 3824 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/26 08:56:39.0510 3824 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
2011/05/26 08:56:39.0554 3824 BtHidBus (da9e15e55c33392d7dfd7f21116214be) C:\Windows\system32\Drivers\BtHidBus.sys
2011/05/26 08:56:39.0589 3824 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/26 08:56:39.0640 3824 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/26 08:56:39.0701 3824 BTHPORT (195c41cc67e9e1cedd960ccb74925920) C:\Windows\System32\Drivers\BTHport.sys
2011/05/26 08:56:39.0757 3824 BTHUSB (43b3206dd654e783aa7e4ead340a43b8) C:\Windows\System32\Drivers\BTHUSB.sys
2011/05/26 08:56:39.0803 3824 btnetBUs (7bb8ac22bc9e6a1e7707daecada95cd9) C:\Windows\system32\Drivers\btnetBus.sys
2011/05/26 08:56:40.0027 3824 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/26 08:56:40.0144 3824 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
2011/05/26 08:56:40.0204 3824 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/26 08:56:40.0247 3824 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/05/26 08:56:40.0383 3824 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/26 08:56:40.0439 3824 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
2011/05/26 08:56:40.0499 3824 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/05/26 08:56:40.0536 3824 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/26 08:56:40.0646 3824 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
2011/05/26 08:56:40.0694 3824 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/26 08:56:40.0827 3824 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
2011/05/26 08:56:40.0900 3824 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
2011/05/26 08:56:40.0941 3824 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/05/26 08:56:40.0971 3824 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/05/26 08:56:41.0106 3824 DKbFltr (c701324c9e0c25dd9d60311bd87fbc84) C:\Windows\system32\DRIVERS\DKbFltr.sys
2011/05/26 08:56:41.0196 3824 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/26 08:56:41.0258 3824 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys
2011/05/26 08:56:41.0298 3824 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/26 08:56:41.0344 3824 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/05/26 08:56:41.0408 3824 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/26 08:56:41.0548 3824 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
2011/05/26 08:56:41.0652 3824 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/05/26 08:56:41.0874 3824 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
2011/05/26 08:56:42.0073 3824 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/26 08:56:42.0142 3824 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\Windows\system32\DRIVERS\epfw.sys
2011/05/26 08:56:42.0219 3824 Epfwndis (490329bf80f333e788df9596a752a915) C:\Windows\system32\DRIVERS\Epfwndis.sys
2011/05/26 08:56:42.0269 3824 epfwwfp (c62068dab6e2510fb231286d3da63dfa) C:\Windows\system32\DRIVERS\epfwwfp.sys
2011/05/26 08:56:42.0315 3824 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
2011/05/26 08:56:42.0374 3824 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/05/26 08:56:42.0411 3824 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/05/26 08:56:42.0442 3824 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/26 08:56:42.0471 3824 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/05/26 08:56:42.0500 3824 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/05/26 08:56:42.0536 3824 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/26 08:56:42.0584 3824 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/05/26 08:56:42.0622 3824 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/05/26 08:56:42.0646 3824 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/26 08:56:42.0702 3824 FTDIBUS (7d1a4851c3daa76b0b82af5f73479e8c) C:\Windows\system32\drivers\ftdibus.sys
2011/05/26 08:56:42.0742 3824 FTSER2K (90570ec16c55548e3565ac8599939063) C:\Windows\system32\drivers\ftser2k.sys
2011/05/26 08:56:42.0790 3824 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/26 08:56:42.0835 3824 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/26 08:56:42.0964 3824 giveio (77ebf3e9386daa51551af429052d88d0) C:\Windows\system32\giveio.sys
2011/05/26 08:56:43.0037 3824 GRemoteBus (69155fc3f92e8da5a7e1d8f5de4c534a) C:\Windows\system32\DRIVERS\GRemoteBus.sys
2011/05/26 08:56:43.0081 3824 GRemoteJoy (b5a29b6c44f78faa54e552f7e4aeebd3) C:\Windows\system32\DRIVERS\GRemoteJoy.sys
2011/05/26 08:56:43.0171 3824 Hardlock (d95554949082fd29a04d351b58396718) C:\Windows\system32\drivers\hardlock.sys
2011/05/26 08:56:43.0240 3824 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/26 08:56:43.0305 3824 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
2011/05/26 08:56:43.0361 3824 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
2011/05/26 08:56:43.0396 3824 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/26 08:56:43.0423 3824 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/26 08:56:43.0455 3824 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/26 08:56:43.0514 3824 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/26 08:56:43.0608 3824 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
2011/05/26 08:56:43.0687 3824 HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/05/26 08:56:43.0754 3824 HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/05/26 08:56:43.0808 3824 HTCAND32 (950cc1e6ae3a6cd23e0945cde089b02c) C:\Windows\system32\Drivers\ANDROIDUSB.sys
2011/05/26 08:56:43.0863 3824 htcnprot (339adefad60353f960e3ca67ce468c24) C:\Windows\system32\DRIVERS\htcnprot.sys
2011/05/26 08:56:43.0924 3824 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
2011/05/26 08:56:43.0976 3824 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/26 08:56:44.0026 3824 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
2011/05/26 08:56:44.0067 3824 iaStor (d483687eace0c065ee772481a96e05f5) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/26 08:56:44.0116 3824 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
2011/05/26 08:56:44.0159 3824 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/26 08:56:44.0210 3824 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
2011/05/26 08:56:44.0243 3824 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/26 08:56:44.0278 3824 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/26 08:56:44.0329 3824 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
2011/05/26 08:56:44.0360 3824 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/05/26 08:56:44.0399 3824 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/05/26 08:56:44.0426 3824 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
2011/05/26 08:56:44.0479 3824 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
2011/05/26 08:56:44.0538 3824 IvtBtBUs (132eb047e3f94dc9eab83c74e8c2e85a) C:\Windows\system32\Drivers\IvtBtBus.sys
2011/05/26 08:56:44.0600 3824 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/26 08:56:44.0650 3824 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/26 08:56:44.0694 3824 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/26 08:56:44.0731 3824 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/26 08:56:44.0867 3824 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/26 08:56:44.0921 3824 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/26 08:56:44.0944 3824 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/26 08:56:44.0965 3824 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/26 08:56:45.0021 3824 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/26 08:56:45.0058 3824 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/05/26 08:56:45.0104 3824 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/26 08:56:45.0126 3824 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/26 08:56:45.0166 3824 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/26 08:56:45.0200 3824 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/05/26 08:56:45.0228 3824 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/26 08:56:45.0279 3824 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/26 08:56:45.0322 3824 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/26 08:56:45.0361 3824 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
2011/05/26 08:56:45.0413 3824 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
2011/05/26 08:56:45.0448 3824 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/26 08:56:45.0501 3824 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
2011/05/26 08:56:45.0555 3824 mrxsmb (ed3d3419b064f28d812995ed8cadc541) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/26 08:56:45.0593 3824 mrxsmb10 (dc914446049169a964e27fd8888ffaee) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/26 08:56:45.0647 3824 mrxsmb20 (e7d90388d14fae057c166c1801e0bf94) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/26 08:56:45.0694 3824 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
2011/05/26 08:56:45.0736 3824 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
2011/05/26 08:56:45.0799 3824 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/05/26 08:56:45.0842 3824 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/26 08:56:45.0880 3824 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
2011/05/26 08:56:45.0953 3824 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/26 08:56:45.0990 3824 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/26 08:56:46.0029 3824 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/05/26 08:56:46.0071 3824 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/05/26 08:56:46.0117 3824 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
2011/05/26 08:56:46.0146 3824 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/05/26 08:56:46.0185 3824 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/26 08:56:46.0222 3824 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/05/26 08:56:46.0263 3824 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/26 08:56:46.0364 3824 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
2011/05/26 08:56:46.0387 3824 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/26 08:56:46.0430 3824 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/26 08:56:46.0471 3824 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/26 08:56:46.0506 3824 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/26 08:56:46.0569 3824 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
2011/05/26 08:56:46.0618 3824 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/26 08:56:46.0697 3824 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/26 08:56:46.0894 3824 NETw5s32 (ef51b405ad8acaae6f0231290d20f516) C:\Windows\system32\DRIVERS\NETw5s32.sys
2011/05/26 08:56:47.0131 3824 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
2011/05/26 08:56:47.0288 3824 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/26 08:56:47.0333 3824 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/05/26 08:56:47.0387 3824 NSHE (f8e396f5e703d7a8f37d90f59c776268) C:\Windows\system32\Drivers\NSHE.SYS
2011/05/26 08:56:47.0417 3824 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/26 08:56:47.0479 3824 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
2011/05/26 08:56:47.0507 3824 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/05/26 08:56:47.0544 3824 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
2011/05/26 08:56:47.0572 3824 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
2011/05/26 08:56:47.0604 3824 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
2011/05/26 08:56:47.0649 3824 O2MDRDR (634ff60f418792906887b3d6ceecb431) C:\Windows\system32\DRIVERS\o2media.sys
2011/05/26 08:56:47.0705 3824 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
2011/05/26 08:56:47.0772 3824 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/05/26 08:56:47.0817 3824 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
2011/05/26 08:56:47.0845 3824 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/05/26 08:56:47.0918 3824 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
2011/05/26 08:56:47.0966 3824 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
2011/05/26 08:56:48.0000 3824 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
2011/05/26 08:56:48.0046 3824 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/26 08:56:48.0063 3824 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/05/26 08:56:48.0097 3824 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/05/26 08:56:48.0219 3824 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/26 08:56:48.0248 3824 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/05/26 08:56:48.0307 3824 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/26 08:56:48.0369 3824 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
2011/05/26 08:56:48.0417 3824 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/26 08:56:48.0475 3824 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/26 08:56:48.0509 3824 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/26 08:56:48.0549 3824 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/26 08:56:48.0599 3824 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/26 08:56:48.0633 3824 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/26 08:56:48.0667 3824 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/26 08:56:48.0697 3824 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/26 08:56:48.0758 3824 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/26 08:56:48.0785 3824 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/26 08:56:48.0824 3824 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/26 08:56:48.0876 3824 RDPDISPM (a862a3a8d7d2d75bdc41b556325e9876) C:\Windows\system32\DRIVERS\rdpdispm.sys
2011/05/26 08:56:48.0922 3824 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
2011/05/26 08:56:48.0982 3824 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/26 08:56:49.0006 3824 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/26 08:56:49.0049 3824 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
2011/05/26 08:56:49.0110 3824 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
2011/05/26 08:56:49.0162 3824 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/26 08:56:49.0206 3824 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
2011/05/26 08:56:49.0260 3824 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/26 08:56:49.0311 3824 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
2011/05/26 08:56:49.0364 3824 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
2011/05/26 08:56:49.0409 3824 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/26 08:56:49.0476 3824 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
2011/05/26 08:56:49.0531 3824 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/26 08:56:49.0598 3824 Sentinel (a2cc81c30bef6ac9f27055490eef6de3) C:\Windows\System32\Drivers\SENTINEL.SYS
2011/05/26 08:56:49.0651 3824 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/26 08:56:49.0690 3824 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/05/26 08:56:49.0731 3824 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/26 08:56:49.0812 3824 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
2011/05/26 08:56:49.0843 3824 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/26 08:56:49.0857 3824 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/26 08:56:49.0899 3824 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/26 08:56:49.0948 3824 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
2011/05/26 08:56:49.0976 3824 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/26 08:56:50.0000 3824 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/26 08:56:50.0036 3824 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/05/26 08:56:50.0088 3824 SNTNLUSB (9de6e60ce7fd82b4985de5d9c22265ad) C:\Windows\system32\DRIVERS\SNTNLUSB.SYS
2011/05/26 08:56:50.0148 3824 speedfan (5d6401db90ec81b71f8e2c5c8f0fef23) C:\Windows\system32\speedfan.sys
2011/05/26 08:56:50.0179 3824 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/05/26 08:56:50.0252 3824 sptd (d15da1ba189770d93eea2d7e18f95af9) C:\Windows\system32\Drivers\sptd.sys
2011/05/26 08:56:50.0252 3824 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: d15da1ba189770d93eea2d7e18f95af9
2011/05/26 08:56:50.0257 3824 sptd - detected LockedFile.Multi.Generic (1)
2011/05/26 08:56:50.0305 3824 srv (4e636465a8653ba3bf29f929aa578e6f) C:\Windows\system32\DRIVERS\srv.sys
2011/05/26 08:56:50.0339 3824 srv2 (4e4e17a3865f650ee8c67726872d9431) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/26 08:56:50.0393 3824 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/05/26 08:56:50.0446 3824 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/05/26 08:56:50.0522 3824 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/05/26 08:56:50.0585 3824 srvnet (1346dff5be932939997d373d61a35626) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/26 08:56:50.0646 3824 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/26 08:56:50.0708 3824 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
2011/05/26 08:56:50.0733 3824 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
2011/05/26 08:56:50.0758 3824 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
2011/05/26 08:56:50.0808 3824 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\Windows\system32\DRIVERS\SynTP.sys
2011/05/26 08:56:50.0919 3824 Tcpip (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\drivers\tcpip.sys
2011/05/26 08:56:50.0986 3824 TCPIP6 (37e8fa3779668837ca9e2c36d2415949) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/26 08:56:51.0037 3824 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/26 08:56:51.0084 3824 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
2011/05/26 08:56:51.0106 3824 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
2011/05/26 08:56:51.0148 3824 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/26 08:56:51.0196 3824 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
2011/05/26 08:56:51.0288 3824 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/26 08:56:51.0339 3824 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
2011/05/26 08:56:51.0414 3824 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/26 08:56:51.0455 3824 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/26 08:56:51.0502 3824 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/26 08:56:51.0568 3824 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/26 08:56:51.0640 3824 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
2011/05/26 08:56:51.0682 3824 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/26 08:56:51.0746 3824 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/26 08:56:51.0780 3824 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
2011/05/26 08:56:51.0805 3824 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/26 08:56:51.0840 3824 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
2011/05/26 08:56:51.0869 3824 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/26 08:56:51.0897 3824 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/26 08:56:51.0941 3824 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/26 08:56:51.0971 3824 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\drivers\USBSTOR.SYS
2011/05/26 08:56:51.0998 3824 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/26 08:56:52.0065 3824 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
2011/05/26 08:56:52.0169 3824 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
2011/05/26 08:56:52.0204 3824 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/26 08:56:52.0219 3824 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/05/26 08:56:52.0247 3824 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
2011/05/26 08:56:52.0283 3824 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
2011/05/26 08:56:52.0309 3824 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/05/26 08:56:52.0338 3824 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
2011/05/26 08:56:52.0365 3824 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
2011/05/26 08:56:52.0391 3824 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
2011/05/26 08:56:52.0421 3824 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
2011/05/26 08:56:52.0448 3824 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/05/26 08:56:52.0478 3824 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
2011/05/26 08:56:52.0526 3824 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
2011/05/26 08:56:52.0574 3824 VPCNetS2 (2abe8281db609d8bb1bd1b2f93800d5f) C:\Windows\system32\DRIVERS\VMNetSrv.sys
2011/05/26 08:56:52.0619 3824 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
2011/05/26 08:56:52.0662 3824 vpcuxd (c35c2c888aff276e95ad3db3b7a8d003) C:\Windows\system32\drivers\vpcuxd.sys
2011/05/26 08:56:52.0733 3824 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
2011/05/26 08:56:52.0772 3824 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/26 08:56:52.0801 3824 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
2011/05/26 08:56:52.0826 3824 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/26 08:56:52.0860 3824 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/26 08:56:52.0930 3824 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/26 08:56:52.0941 3824 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/26 08:56:53.0031 3824 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/05/26 08:56:53.0061 3824 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/26 08:56:53.0128 3824 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/26 08:56:53.0150 3824 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/05/26 08:56:53.0220 3824 winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/05/26 08:56:53.0308 3824 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\drivers\WinUSB.SYS
2011/05/26 08:56:53.0362 3824 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/26 08:56:53.0422 3824 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/26 08:56:53.0488 3824 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
2011/05/26 08:56:53.0532 3824 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/26 08:56:53.0595 3824 XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/05/26 08:56:53.0662 3824 zebrbus (812a1e9b0dd3bf23606c32ce696d042b) C:\Windows\system32\DRIVERS\zebrbus.sys
2011/05/26 08:56:53.0725 3824 zebrceb (6e49cf9c48c551264c4af6de19447515) C:\Windows\system32\DRIVERS\zebrceb.sys
2011/05/26 08:56:53.0766 3824 zebrmdfl (9a42f9ccc5cb1ed3db2fe0e007eed8a5) C:\Windows\system32\DRIVERS\zebrmdfl.sys
2011/05/26 08:56:53.0803 3824 zebrmdm (5198070a595009871108091bc4b0e000) C:\Windows\system32\DRIVERS\zebrmdm.sys
2011/05/26 08:56:53.0849 3824 zebrmdmc (29df5831f0d1ce863f23c53585736f32) C:\Windows\system32\DRIVERS\zebrmdmc.sys
2011/05/26 08:56:53.0893 3824 zebrsce (fc749b387f322d3a5635d801c642cfa2) C:\Windows\system32\DRIVERS\zebrsce.sys
2011/05/26 08:56:53.0968 3824 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
2011/05/26 08:56:53.0985 3824 ================================================================================
2011/05/26 08:56:53.0986 3824 Scan finished
2011/05/26 08:56:53.0986 3824 ================================================================================
2011/05/26 08:56:53.0998 1748 Detected object count: 1
2011/05/26 08:56:53.0998 1748 Actual detected object count: 1
2011/05/26 08:57:04.0436 1748 LockedFile.Multi.Generic(sptd) - User select action: Skip

ještě jak přemýšlím, tak právě došlo k tomu co jste říkal. Combofix to bral všechno smahem a opravdu odstranil věci, které neměl. Tím jsem se dostal k modré smrti.

V nouzovém obnovení hledalo problémy a našlo nějaké ty opravilo. Později se seklo na jednom, který nešel. Zde jsem restartoval na tvrdo.

Nedavejte prosim logy do code - spatne se to lusti a boli z toho oci - ja jsem Vam to s dovolenim editnul

NOD hlasi Olmarika, ale je to chybne pojmenovani - byva tad TDL rootkit - toho se ovsem reinstalem nezbavite, jelikoz byva v MBR sektoru disku a na ten se formatem nesaha.

Podivejte se, jestli nemate na disku c:\ soubor combofix.txt, pokud ne, tak se podivejte ci mate slozky c:\qoobox a c:\combofix - obe mi zabalte a uploadnete sem http://vyosek.ic.cz/havet/uploader.php

Nase forum funguje na bazi dobrovolnosti - radci jsou zde ve svem volnem case a zadarmo - pokud jste potreboval urgentni pomoc, mel jste se obratit na specializovana fora - dopoledne tu byva mene radcu, jelikoz mame studijni ci pracovni povinnosti...

Dobrý den,soubory jsem nahrál zde:
http://vyosek.ic.cz/havet/files/combofix.zip
http://vyosek.ic.cz/havet/files/qoobox.zip

Chápu dobročinnou pomoc a děkuji.

Reinstall jako takový povětšinou nedělám, jedu rovnou hard format, při kterém se MBR zavaděče generují nové. Pokud nemám pravdu, určitě mě můžete opravit. Děkuji. Reinstall z mé zkušenosti právě často problém neodstraní.

Prvni a zasadni vec - dejte si ten nelegalni ESET do pryc a nahradte jej free resenim (Avast, Avira ci MSE) - podporu warezu tu opravu delat nebudem

I pri formatovani se mbr sektor disku neprepisuje - jeste se poptam kolegu ale myslim ze to takto je

Pokud uvidim v dalsim logu jeste nelegal ESET, tak bude zle

Prihlaste se do nouzoveho rezimu (restart PC, mackat F8, zvolit Stav nouze s praci v siti)

Prejmenujte ComboFix na Beruska.com

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS5ServiceManager"=-
"AdobeCS4ServiceManager"=-
"AdobeAAMUpdater-1.0"=-
"Adobe ARM"=-
"Adobe Acrobat Speed Launcher"=-
"Acrobat Assistant 8.0"=-
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Aktualizovat ESET licenci.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

File::
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001UA.job

DDS::
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie

Firefox::
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\
FF - prefs.js: browser.startup.homepage - hxxp://qip.ru
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - Ext: QipCounter: QipCounter@qip.ru - %profile%\extensions\QipCounter@qip.ru
FF - Ext: QipAuthorizer: {32a1fd71-835e-4b11-8e54-886fda0b4c89} - %profile%\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

MBR::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Dobrý den,
návod jsem absolvoval dle Vašich instrukcí. Zde uvádím log:

ComboFix 11-05-25.01 - Marek 26.05.2011 13:52:56.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3067.2441 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\CFScript.txt
AV: ESET Smart Security 4.2 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizovat ESET licenci.lnk"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.dll
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\components\qippipe.xpt
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\defaults\preferences\prefs.js
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome.manifest
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\ff-overlay.js
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\ff-overlay.xul
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\content\overlay.js
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US\overlay.dtd
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\locale\en-US\overlay.properties
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\chrome\skin\overlay.css
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\{32a1fd71-835e-4b11-8e54-886fda0b4c89}\install.rdf
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru\chrome.manifest
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru\chrome\content\ajax.js
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru\chrome\content\main.js
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru\chrome\content\sample.xul
c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\extensions\QipCounter@qip.ru\install.rdf
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2132545184-2519306576-2454883070-1001UA.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-26 do 2011-05-26 )))))))))))))))))))))))))))))))
.
.
2011-05-26 12:01 . 2011-05-26 12:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-26 06:53 . 2011-05-26 06:53 1431344 ----a-w- c:\temp\tdsskiller.exe
2011-05-25 21:01 . 2011-05-25 21:01 29524 ----a-w- C:\beruska.com
2011-05-25 13:49 . 2011-05-25 13:49 -------- d-----w- c:\users\Marek\AppData\Roaming\Malwarebytes
2011-05-25 13:48 . 2011-05-25 13:48 -------- d-----w- c:\programdata\Malwarebytes
2011-05-25 13:48 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-25 13:48 . 2011-05-25 21:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-25 13:48 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 09:11 . 2011-05-25 09:11 887072 ----a-w- c:\temp\chromeinstall-6u25 (1).exe
2011-05-25 09:08 . 2011-05-25 09:08 240288 ----a-w- c:\temp\uninstall_flash_player.exe
2011-05-24 20:21 . 2011-05-25 08:22 -------- d-----w- c:\users\Marek\AppData\Local\{06953E99-9DF4-456F-9C77-81332D8857D1}
2011-05-24 16:07 . 2011-05-24 16:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 12:52 . 2011-05-25 19:18 -------- d-----w- c:\users\Marek\AppData\Roaming\GBM Software
2011-05-24 12:11 . 2011-05-24 12:11 -------- d-----w- c:\program files\GBM
2011-05-24 07:55 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{965DEB4B-22B7-4E9B-9D92-D548C5E2040D}\mpengine.dll
2011-05-22 19:39 . 2011-05-22 19:39 -------- d-----w- c:\users\Marek\Nová složka
2011-05-18 20:39 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-18 06:28 . 2011-05-24 08:21 -------- d-----w- c:\users\Marek\AppData\Local\{06812D67-9244-4D25-B358-4EB79BC3B231}
2011-05-17 17:20 . 2011-05-17 17:21 40224713 ----a-w- c:\temp\install-ietester-v0.4.10.exe
2011-05-17 12:51 . 2011-05-17 12:51 -------- d-----w- c:\program files\7-Zip
2011-05-16 18:27 . 2011-05-17 18:28 -------- d-----w- c:\users\Marek\AppData\Local\{6BE877D0-98AC-43E3-A135-AD6679D364A0}
2011-05-13 16:37 . 2009-08-19 21:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-05-12 05:13 . 2011-05-12 05:13 -------- d-----w- c:\program files\Akeeba
2011-05-11 17:59 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 17:59 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 10:22 . 2011-05-12 09:01 -------- d-----w- C:\_WWW-remote_controle-backups
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Roaming\Apple Computer
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Local\Apple Computer
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\programdata\Titanium
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Roaming\Titanium
2011-05-11 10:19 . 2011-05-11 10:19 -------- d-----w- c:\program files\Remote Control
2011-05-07 09:53 . 2011-05-16 06:27 -------- d-----w- c:\users\Marek\AppData\Local\{659E3B50-F214-4472-B91F-D6F0FB746CE7}
2011-05-05 07:31 . 2011-05-05 07:31 380672 ----a-w- c:\temp\FlashUpgrade.exe
2011-05-05 07:21 . 2011-05-05 07:21 887072 ----a-w- c:\temp\chromeinstall-6u25.exe
2011-05-02 10:16 . 2009-08-19 21:50 46928 ----a-w- c:\windows\system32\AdobePDF.dll
2011-04-29 20:42 . 2011-05-06 20:45 -------- d-----w- c:\users\Marek\AppData\Local\{E678E063-51DD-49C9-90A0-F591ECDDA3D8}
2011-04-28 08:41 . 2011-04-29 08:42 -------- d-----w- c:\users\Marek\AppData\Local\{4A8E170A-BA0C-45B5-B174-6758D7F5419E}
2011-04-27 17:29 . 2011-05-11 07:32 -------- d-----w- c:\users\Marek\AppData\Local\GamePlayLabs Plugin
2011-04-27 17:28 . 2011-04-27 17:29 550240 ----a-w- c:\temp\MediaPluginSetup.exe
2011-04-27 11:47 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 11:46 . 2011-03-12 11:23 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 11:46 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2011-04-27 09:38 . 2011-04-27 09:39 72842492 ----a-w- c:\temp\setup_3.0.5511.exe
2011-04-26 19:23 . 2011-04-26 19:23 -------- d-----w- c:\users\Marek\AppData\Roaming\Software602
2011-04-26 19:06 . 2009-07-14 01:15 1386496 ----a-w- c:\windows\system32\msvbvm60001.dll
2011-04-26 19:06 . 2011-03-30 17:58 6536192 ----a-w- c:\windows\system32\cdintf450_x64.dll
2011-04-26 19:06 . 2011-03-30 17:54 4835328 ----a-w- c:\windows\system32\cdintf450.dll
2011-04-26 19:06 . 2010-09-20 14:55 2335880 ----a-w- c:\windows\system32\gdpdfplug.dll
2011-04-26 19:06 . 2010-09-20 14:55 1262216 ----a-w- c:\windows\system32\GdViewerpro4.ocx
2011-04-26 19:06 . 2011-04-26 19:06 -------- d-----w- c:\users\Marek\AppData\Roaming\InstallShield
2011-04-26 19:05 . 2011-04-26 19:05 -------- d-----w- c:\users\Marek\AppData\Roaming\602Installer
2011-04-26 19:01 . 2011-04-26 19:02 49612936 ----a-w- c:\temp\software602_form_filler.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 03:07 . 2010-09-19 08:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-13 08:50 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-13 08:37 . 2011-04-13 08:37 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-13 08:37 . 2011-04-13 08:37 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-13 08:37 . 2011-04-13 08:37 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-13 08:37 . 2011-04-13 08:37 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-13 08:37 . 2011-04-13 08:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-13 08:37 . 2011-04-13 08:37 367104 ----a-w- c:\windows\system32\html.iec
2011-04-13 08:37 . 2011-04-13 08:37 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-13 08:37 . 2011-04-13 08:37 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-13 08:37 . 2011-04-13 08:37 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-13 08:37 . 2011-04-13 08:37 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-13 08:37 . 2011-04-13 08:37 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-13 08:37 . 2011-04-13 08:37 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-13 08:37 . 2011-04-13 08:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-13 08:37 . 2011-04-13 08:37 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-13 08:37 . 2011-04-13 08:37 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-13 08:37 . 2011-04-13 08:37 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-13 08:37 . 2011-04-13 08:37 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-13 08:37 . 2011-04-13 08:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-13 08:37 . 2011-04-13 08:37 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-13 08:37 . 2011-04-13 08:37 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-13 08:37 . 2011-04-13 08:37 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-11 05:33 . 2011-04-13 07:57 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-13 07:57 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 04:48 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-08 05:28 . 2011-04-13 07:57 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:38 . 2011-04-13 07:57 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36 . 2011-04-13 07:57 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42 . 2011-04-13 07:57 2333184 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Suite for Sony Ericsson.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PC Suite for Sony Ericsson.lnk
backup=c:\windows\pss\PC Suite for Sony Ericsson.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2011-05-24 04:45 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GRemoteServer Pro]
2011-02-03 22:46 2647008 ----a-w- c:\program files\GBM\GRemote Pro\GRemoteServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2011-01-07 20:09 585728 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-08-11 14:30 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-11 14:30 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-08-28 11:16 1130504 ----a-w- c:\program files\Launch Manager\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
2006-03-02 10:54 290816 ----a-w- c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2010-06-16 07:17 753664 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
2007-12-25 13:53 548864 ----a-r- c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2011-04-12 08:58 222776 ----a-w- c:\program files\Software602\Print2PDF\Print2PDF.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-09-01 15:32 190928 ----a-w- c:\users\Marek\AppData\Roaming\QipGuard\QipGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-03 14:44 15028104 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-06 09:16 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 11:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-08-28 08:32 1557800 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vectir]
2010-09-02 19:51 1495552 ----a-w- c:\program files\Vectir\Vectir.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 08:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync]
2010-09-22 23:19 1448800 ----a-w- c:\program files\Windows Live\Mesh\WLSync.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-11-03 9040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\drivers\vpcuxd.sys [2010-11-20 12800]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1343400]
R4 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-11-14 34176]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-06 721904]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S3 adatadrv;Autodata Protection Service;c:\windows\system32\DRIVERS\adatadrv.sys [2009-07-01 762112]
S3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
S3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy.sys [2009-08-05 39112]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adobe Contribute Toolbar: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - c:\program files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Page Speed: {e3f6c2cc-d8db-498c-af6c-499fb211db97} - %profile%\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-egui - c:\program files\ESET\ESET Smart Security\egui.exe
.
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4076)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\WUDFHost.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe
c:\windows\system32\WUDFHost.exe
c:\users\Marek\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
d:\soukromé\programy\totalcmd\TOTALCMD.EXE
.
**************************************************************************
.
Celkový čas: 2011-05-26 14:09:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-26 12:09
.
Před spuštěním: Volných bajtů: 119 170 686 976
Po spuštění: Volných bajtů: 119 113 875 456
.
- - End Of File - - 6CB884E2DCBC582BA0D949B017356595

Mohla nákaza pocházet nebo mohl nákaze pomoci uplynule nainstalovaný ESET? Stejnou nákazu jsme totiž chytil i s free řešením, takže nevím, co si mám o schopnostech antivirů myslet. Děkuji.

Ja neco psal o tom ESETu - stale tam je

Dalsi pokracovani bude az tam bude free reseni - jeste jsme totiz neskoncili

Az si date free reseni, tak poprosim o novy log z RSIT...

TDL rootkit je peknej hajzlik, bohuzel antiviry jej zachytit neumi...Je to v soucasne dobe asi nejsilnejsi rootkit a mrcha tohoto druhu...

ESET jsem odinstaloval, nevidím důvod proč by měl být v log souborech.

Zde je RSIT log, doufám, že v něm uvidíte, že ESET už není:

info.txt logfile of random's system information tool 1.08 2011-05-26 17:01:23

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-278E-E616-2M48-9W29-9K78-UXUE-83CP"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\Setup.exe" -l0x9
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
7-Zip 9.20-->"C:\Program Files\7-Zip\Uninstall.exe"
ABBYY FineReader 8.0 Professional Edition-->MsiExec.exe /I{AAF80000-22B9-4CE9-98D6-2CCF359BAC07}
Acrobat.com-->msiexec /qb /x {C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Acrobat.com-->MsiExec.exe /I{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}
Adobe Acrobat 9 Pro - English, Français, Deutsch-->msiexec /I {AC76BA86-1033-F400-7760-000000000004}
Adobe After Effects CS4 Third Party Content-->MsiExec.exe /I{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
Adobe Anchor Service CS4-->MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
Adobe Asset Services CS4-->MsiExec.exe /I{B9F4561A-924D-4510-A85A-BB0960C338CB}
Adobe Bridge CS4-->MsiExec.exe /I{83877DB1-8B77-45BC-AB43-2BAC22E093E0}
Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}
Adobe Color - Photoshop Specific CS4-->MsiExec.exe /I{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Adobe Color EU Recommended Settings CS4-->MsiExec.exe /I{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}
Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}
Adobe Color NA Extra Settings CS4-->MsiExec.exe /I{098A2A49-7CF3-4F08-A38D-FB879117152A}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Creative Suite 4 Design Premium-->C:\Program Files\Common Files\Adobe\Installers\b421102ce31f2649ef3785f2a17166f\Setup.exe --uninstall=1
Adobe Creative Suite 4 Design Premium-->MsiExec.exe /I{83744391-B5A4-40E3-8A7D-E8BF39CB00ED}
Adobe Creative Suite 4 Master Collection-->C:\Program Files\Common Files\Adobe\Installers\b2d6abde968e6f277ddbfd501383e02\Setup.exe --uninstall=1
Adobe Creative Suite 4 Master Collection-->MsiExec.exe /I{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}
Adobe Creative Suite 5 Master Collection-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}"
Adobe CSI CS4-->MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}
Adobe Device Central CS4-->MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
Adobe Dreamweaver CS4-->MsiExec.exe /I{30C8AA56-4088-426F-91D1-0EDFD3A25678}
Adobe Drive CS4-->MsiExec.exe /I{16E16F01-2E2D-4248-A42F-76261C147B6C}
Adobe Dynamiclink Support-->MsiExec.exe /I{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}
Adobe Encore CS4 Codecs-->MsiExec.exe /I{FB2A5FCC-B81B-48C2-A009-7804694D83E9}
Adobe ExtendScript Toolkit CS4-->MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
Adobe Extension Manager CS4-->MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
Adobe Fireworks CS4-->MsiExec.exe /I{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}
Adobe Flash CS4 Extension - Flash Lite STI others-->MsiExec.exe /I{47C6F987-685A-41AE-B092-E75B277AEE39}
Adobe Flash CS4 STI-other-->MsiExec.exe /I{BD3374D3-C2E6-42B7-A80B-E850B6886246}
Adobe Flash CS4-->MsiExec.exe /I{F6E99614-F042-4459-82B7-8B38B2601356}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}
Adobe Illustrator CS4-->MsiExec.exe /I{87532CAB-7932-4F84-8937-823337622807}
Adobe InDesign CS4 Application Feature Set Files (Roman)-->MsiExec.exe /I{2BAF2B96-7560-48B4-87D4-10178DDBE217}
Adobe InDesign CS4 Common Base Files-->MsiExec.exe /I{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}
Adobe InDesign CS4 Icon Handler-->MsiExec.exe /I{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}
Adobe InDesign CS4-->MsiExec.exe /I{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}
Adobe Linguistics CS4-->MsiExec.exe /I{931AB7EA-3656-4BB7-864D-022B09E3DD67}
Adobe Media Encoder CS4 Additional Exporter-->MsiExec.exe /I{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}
Adobe Media Encoder CS4 Dolby-->MsiExec.exe /I{EE353798-E875-42E0-B58D-7E6696182EA8}
Adobe Media Encoder CS4 Exporter-->MsiExec.exe /I{561968FD-56A1-49FD-9ED0-F55482C7C5BC}
Adobe Media Encoder CS4 Importer-->MsiExec.exe /I{8186FF34-D389-4B7E-9A2F-C197585BCFBD}
Adobe Media Encoder CS4-->MsiExec.exe /I{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Output Module-->MsiExec.exe /I{BB4E33EC-8181-4685-96F7-8554293DEC6A}
Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}
Adobe Photoshop CS4 Support-->MsiExec.exe /I{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}
Adobe Photoshop CS4-->MsiExec.exe /I{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}
Adobe Premiere Pro CS4 Functional Content-->MsiExec.exe /I{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}
Adobe Premiere Pro CS4 Third Party Content-->MsiExec.exe /I{C938BE91-3BB5-4B84-9EF6-88F0505D0038}
Adobe Premiere Pro CS4-->MsiExec.exe /I{D499F8DE-3F31-4900-9157-61061613704B}
Adobe Search for Help-->MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
Adobe Service Manager Extension-->MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
Adobe Setup-->MsiExec.exe /I{425AD62D-5B16-494C-8AAB-6B3D0CF2527A}
Adobe Setup-->MsiExec.exe /I{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}
Adobe SGM CS4-->MsiExec.exe /I{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}
Adobe SING CS4-->MsiExec.exe /I{4A52555C-032A-4083-BDD9-6A85ABFB39A8}
Adobe Soundbooth CS4 Codecs-->MsiExec.exe /I{52232EF4-CC12-4C21-ABCF-ADB79618302D}
Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}
Adobe Update Manager CS4-->MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
Adobe Version Cue CS4 Server-->MsiExec.exe /I{1B7C06E1-4888-47A6-992A-0990B9683486}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}
Adobe XMP Panels CS4-->MsiExec.exe /I{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}
AdobeColorCommonSetCMYK-->MsiExec.exe /I{68243FF8-83CA-466B-B2B8-9F99DA5479C4}
Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
Akeeba eXtract Wizard 3.2-->"C:\Program Files\Akeeba\unins000.exe"
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
Android Manager WiFi-->MsiExec.exe /I{6A07F7DC-18DB-0200-0000-000000000000}
Auto Diagnostika-->"C:\Auto-diagnostika\unins000.exe"
Auto diagnostika-->"C:\Auto-diagnostika704\Uninstall.exe" "C:\Auto-diagnostika704\install.log"
Autopano Giga-->C:\Program Files\Kolor\Autopano Giga 2\Uninstall.exe
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 4.5)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_x86_neutral_4afe3236e50779fa\nokia_bluetooth.inf
Balíček ovladače systému Windows - Nokia Modem (06/09/2010 7.01.0.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_x86_neutral_fe4babbc84a3ec95\nokbtmdm.inf
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (05/19/2006 6.0.1.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\rt-usb.inf_x86_neutral_8ca04608b05e91a8\rt-usb.inf
Balíček ovladače systému Windows - Ross-Tech USB Driver Package (11/16/2007 6.0.2.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\rt-usb.inf_x86_neutral_4c7ffe8663fc5aa1\rt-usb.inf
BS.Player PRO-->"C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Carsoft SuperVAG-->"C:\Program Files\Carsoft\SuperVAG\unins000.exe"
Centrum zařízení Windows Mobile-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
Connect-->MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
Cool MP4 To WMV Converter 1.0-->"C:\Program Files\Cool MP4 To WMV Converter\unins000.exe"
CorelDRAW Graphics Suite X3-->MsiExec.exe /I{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
CZ-->MsiExec.exe /I{CCF7074B-BE72-44E1-9CAC-3FFAC582C692}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
DebugBar v5.4.1 for Internet Explorer (remove only)-->"C:\Program Files\Core Services\DebugBar\uninstall.exe"
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall /bundleGroupId divx.com
DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007-->MsiExec.exe /X{90120000-00B2-0405-0000-0000000FF1CE}
DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe"
ETKA 7.2 Final-->C:\Tecar Forum\ETKA 7.2\Uninstall.exe
FairUse Wizard 2-->"C:\Program Files\FairUse Wizard 2\FU-Setup_14333.exe"
ffdshow [rev 3026] [2009-07-05]-->"C:\Program Files\ffdshow\unins000.exe"
FileZilla Client 3.4.0-->C:\Program Files\FileZilla FTP Client\uninstall.exe
FontNav-->MsiExec.exe /I{4E98F23B-1328-4322-A6EC-2EDC8FC3A4FE}
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
FTDI USB Serial Converter Drivers-->C:\Windows\system32\ftdiunin.exe C:\Windows\system32\ftdiun2k.ini
GamePlayLabs Plugin-->"C:\Users\Marek\AppData\Local\GamePlayLabs Plugin\Uninstall.exe"
Google Earth-->MsiExec.exe /X{6DB7AD00-F781-11DF-9EEF-001279CD8240}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x5 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x5 -removeonly
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Great Barcode Generator-->"C:\Program Files\Great Barcode Generator\un_Setup_48994.exe"
GRemoteServer Pro(remove only)-->"C:\Program Files\GBM\GRemote Pro\uninst.exe"
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\HXFSETUP.EXE -U -IAcrZUn32z.inf
HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Deskjet All-In-One Driver Software 13.0 Rel. 1-->C:\Program Files\HP\Digital Imaging\{EB773820-0871-46A8-9B96-F2B04F8B34F0}\setup\hpzscr01.exe -datfile hposcr14.dat -onestop -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential 3.5-->C:\Program Files\HP\Digital Imaging\PhotosmartEssential\hpzscr01.exe -datfile hpqbud13.dat -forcereboot
HP Smart Web Printing 4.51-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
HTC BMP USB Driver-->MsiExec.exe /I{31A559C1-9E4D-423B-9DD3-34A6C5398752}
HTC Driver Installer-->MsiExec.exe /X{6D6664A9-3342-4948-9B7E-034EFE366F0F}
HTC Sync-->MsiExec.exe /I{5645FB61-898F-4F59-AF80-52FEF3D63A64}
IETester v0.4.10 (remove only)-->"C:\Program Files\Core Services\IETester\uninstall.exe"
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
Kolor Autopano Giga 2.5-->C:\Program Files\Kolor\Autopano Giga 2.5\Uninstall.exe
kuler-->MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI
LG Bluetooth Drivers-->MsiExec.exe /X{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}
LG SP USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E2AE8456-CCFE-46C0-8629-71CC507660FC}\setup.exe" -l0x5 -removeonly
LG United Mobile Drivers-->MsiExec.exe /X{461B11E8-BF34-4ACB-962A-1CBE905BD9EB}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microcat for Ford Europe 01.2008-->"C:\MICROCAT\uninst\unins000.exe"
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1029 /parameterfolder ClientLP
Microsoft .NET Framework 4 Client Profile CSY Language Pack-->MsiExec.exe /X{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2007-->MsiExec.exe /X{90120000-00BA-0405-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2007-->MsiExec.exe /X{90120000-0044-0405-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2007-->MsiExec.exe /X{90120000-00A1-0405-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable - KB2467175-->MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
Mozilla Firefox (3.6.16)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
Multi-Browser Viewer-->MsiExec.exe /I{651BE94F-124C-4289-8881-DAF618729E44}
Nero 9 Trial-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="8M01-209M-AH6P-5UW0-WHAW-C53X-473X-79MH"
Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
Nero Recode-->MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
Nero Rescue Agent-->MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
Nero WaveEditor-->MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
NeroBurningROM-->MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{1B9B5B3B-28E7-4E59-A80D-D670AA984514}
Nokia PC Suite-->C:\ProgramData\Installations\{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}\Nokia_PC_Suite_cze_web.exe
Nokia PC Suite-->MsiExec.exe /I{225DB4AA-3CFF-47E8-B3C8-6DAD713E986E}
OpenOffice.org 3.2-->MsiExec.exe /I{FAB43061-FEFB-46E8-A159-96710395DB5E}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení-->MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
PC Connectivity Solution-->MsiExec.exe /I{089DD780-DB3F-4CDB-A0C2-111360247298}
PC Suite for Sony Ericsson-->C:\Windows\Installer\{E1252473-6306-4d5d-904D-B06AA7F38161}\Setup.exe /uninstall
PC Suite for Sony Ericsson-->MsiExec.exe /I{0C3AE9EB-2F0A-451E-A5E4-2BF6AFF21FB9}
PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Photoshop Camera Raw-->MsiExec.exe /I{CC75AB5C-2110-4A7F-AF52-708680D22FE8}
Pixel Bender Toolkit-->MsiExec.exe /I{43509E18-076E-40FE-AF38-CA5ED400A5A9}
Prostředí Windows XP Mode-->MsiExec.exe /X{1374CC63-B520-4f3f-98E8-E9020BF01CFF}
PSPad editor-->"C:\Program Files\PSPad editor\Uninst\unins000.exe"
PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF}
RapidShare Manager-->C:\Program Files\RapidShareManager\uninstall.exe
Remote Control-->MsiExec.exe /X{6C66A576-3DAD-46CC-A55A-6F4491E068C5}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2466156)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CEF209AB-F96D-404F-B5CC-44057C057CA3}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2464583)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Sentinel Protection Installer 7.5.0-->MsiExec.exe /I{A5A63519-F5C2-4F4A-849A-F28A1AB3D522}
Share Search Tool-->"C:\Program Files\MP Software\Rapidshare Search Tool\unins000.exe"
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
SimpleOCR 3.1-->C:\PROGRA~1\SIMPLE~1\UNWISE.EXE C:\PROGRA~1\SIMPLE~1\INSTALL.LOG
SKODA 7.1-->"C:\Windows\ETSKUN.EXE"
Skype™ 5.1-->MsiExec.exe /X{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
Software Bluetooth WIDCOMM-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Software602 Form Filler-->MsiExec.exe /X{7C679F14-CF4A-46E1-BDE9-2571E61C5FEB}
Software602 Print2PDF-->C:\Program Files\InstallShield Installation Information\{32C74893-0243-4235-A6F3-201F0E5D2C03}\setup.exe -runfromtemp -l0x0005 REMOVE
Sony Ericsson Symbian 9 Drivers-->C:\Program Files\Sony Ericsson\Sony Ericsson Symbian 9 Drivers\ZEBRUninstall.exe
SoundTrax-->MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Studio 2010 Professional Edition-->"C:\Program Files\Easypano\Studio 2010 Professional Edition\unins000.exe"
Suite Shared Configuration CS4-->MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2509470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1365864D-4C58-489D-9982-844D75691CCC}
Update for Outlook 2007 Junk Email Filter (KB2536413)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {95DF5260-331D-4FFD-A2D5-C64164751945}
Update Manager-->MsiExec.exe /I{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}
VBA-->MsiExec.exe /I{C94E45B0-6AA6-4FB9-9AAE-22085F631880}
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
Vectir 2.3.1.1-->"C:\Program Files\Vectir\unins000.exe"
VLC media player 1.1.4-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-vistax86-brcm.inf_x86_neutral_a622a4701b0a8e59\bcbtums-vistax86-brcm.inf
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x86-brcm.inf_x86_neutral_3d39d8a589bd3368\bcbtums-win7x86-brcm.inf
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\7F01D4C0B2897E27\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid32.inf_x86_neutral_6c4f31312ffe9ed6\bcbthid32.inf
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{454F5782-A4C3-480E-A629-D435795DEFD8}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{0891B708-EF3F-4D7E-9724-265245F46276}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Worms Reloaded-->"C:\Program Files\Team17\Worms Reloaded\unins000.exe"
x264vfw - H.264/MPEG-4 AVC codec (remove only)-->C:\Program Files\x264vfw\x264vfw-uninstall.exe
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
Zoner Photo Studio 13-->"C:\Program Files\Zoner\Photo Studio 13\unins000.exe" /SILENT

======System event log======

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Distributed Link Tracking Client byl změněn na: stopped
Record Number: 5
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Security Center byl změněn na: stopped
Record Number: 4
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Desktop Window Manager Session Manager byl změněn na: stopped
Record Number: 3
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Diagnostic Policy Service byl změněn na: stopped
Record Number: 2
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 7036
Message: Stav služby Microsoft Software Shadow Copy Provider byl změněn na: stopped
Record Number: 1
Source Name: Service Control Manager
Time Written: 20090714045645.074339-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: 37L4247D28-05
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x86
P2: PCI\VEN_1217&DEV_7130&SUBSYS_013C1025&REV_03
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI70DB.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x86_2646dc6dd67050361b9f723316b61da77a5a2370_cab_02317129

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 78c02978-b9bf-11df-b87c-b290428f1ca1
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100906140307.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100906140225.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100906140220.000000-000
Event Type: Informace
User:

Computer Name: 37L4247D28-05
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.

Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100906140216.760474-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247D28-05
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100906140216.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247D28-05
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100906140203.999651-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247D28-05$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100906140203.984051-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x25404
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100906140203.438050-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100906140201.675247-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247D28-05
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100906140201.675247-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Users\Marek\AppData\Local\Google\Chrome\Application;C:\Program Files\PC Connectivity Solution;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Intuwave\Shared\mRouterRuntime;C:\Program Files\WIDCOMM\Bluetooth Software;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"DEFAULT_CA_NR"=CA8

-----------------EOF-----------------

Poprosim i o log z rsit s nazvem log.txt, je ulozen v c:\rsit...
A jake zabezpeceni jste zvolil

Logfile of random's system information tool 1.08 (written by random/random)
Run by Marek at 2011-05-26 17:01:14
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 113 GB (49%) free of 233 GB
Total RAM: 3067 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:01:22, on 26.5.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Users\Marek\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Marek\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony Ericsson\Mobile4\Sync Manager\syncindicator.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
D:\soukromé\programy\totalcmd\TOTALCMD.EXE
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\temp\RSIT.exe
C:\Program Files\trend micro\Marek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: DebugBar - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll
O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files\QIP Infium\infium.exe (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9520 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}]
DebugBar BHO - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll [2010-03-15 1134080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2010-09-01 140752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-09-22 349640]
{3E1201F4-1707-409F-BB45-A5F192381DA0} - DebugBar - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll [2010-03-15 755200]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe_ID0ENQBO"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2008-08-15 378224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2011-05-24 404568]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GRemoteServer Pro]
C:\Program Files\GBM\GRemote Pro\GRemoteServer.exe [2011-02-04 2647008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-01-07 585728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
C:\Program Files\Launch Manager\LManager.exe [2009-08-28 1130504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
C:\Program Files\Nokia\Nokia PC Suite 7\PcSync2.exe [2010-06-16 753664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
C:\Program Files\Software602\Print2PDF\Print2PDF.exe [2011-04-12 222776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
C:\Users\Marek\AppData\Roaming\QipGuard\QipGuard.exe [2010-09-01 190928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2011-01-03 15028104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Steam\Steam.exe [2010-12-06 1242448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-08-28 1557800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vectir]
C:\Program Files\Vectir\Vectir.exe [2010-09-02 1495552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
C:\Windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync]
C:\Program Files\Windows Live\Mesh\WLSync.exe [2010-09-23 1448800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-10-02 795936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Suite for Sony Ericsson.lnk]
C:\Windows\Installer\{0C3AE9EB-2F0A-451E-A5E4-2BF6AFF21FB9}\NewShortcut9_42C2D075985B4573813C20907C82EE6B.exe [2011-01-01 26694]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-06-07 1195520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~1\Office12\ONENOTEM.EXE [2009-02-26 97680]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-04-13 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.reg - edit -
.reg - open - c:\Winnt\Regedit.exe %1
.txt - open - "C:\Program Files\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 months======

2011-05-26 17:01:14 ----D---- C:\rsit
2011-05-26 17:01:14 ----D---- C:\Program Files\trend micro
2011-05-26 14:09:31 ----A---- C:\ComboFix.txt
2011-05-26 14:04:22 ----SHD---- C:\$RECYCLE.BIN
2011-05-26 08:56:31 ----A---- C:\TDSSKiller.2.5.3.0_26.05.2011_08.56.31_log.txt
2011-05-25 23:01:17 ----A---- C:\beruska.com
2011-05-25 21:32:36 ----A---- C:\Windows\zip.exe
2011-05-25 21:32:36 ----A---- C:\Windows\SWSC.exe
2011-05-25 21:32:36 ----A---- C:\Windows\SWREG.exe
2011-05-25 21:32:36 ----A---- C:\Windows\sed.exe
2011-05-25 21:32:36 ----A---- C:\Windows\PEV.exe
2011-05-25 21:32:36 ----A---- C:\Windows\NIRCMD.exe
2011-05-25 21:32:36 ----A---- C:\Windows\MBR.exe
2011-05-25 21:32:36 ----A---- C:\Windows\grep.exe
2011-05-25 21:32:27 ----D---- C:\Windows\ERDNT
2011-05-25 21:32:21 ----D---- C:\Qoobox
2011-05-25 21:03:34 ----D---- C:\Config.Msi
2011-05-25 19:20:17 ----A---- C:\Windows\ntbtlog.txt
2011-05-25 15:49:10 ----D---- C:\Users\Marek\AppData\Roaming\Malwarebytes
2011-05-25 15:48:59 ----D---- C:\ProgramData\Malwarebytes
2011-05-25 15:48:59 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2011-05-25 15:48:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2011-05-25 15:48:56 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-05-24 14:52:31 ----D---- C:\Users\Marek\AppData\Roaming\GBM Software
2011-05-24 14:11:47 ----D---- C:\Program Files\GBM
2011-05-18 22:39:36 ----A---- C:\Windows\system32\poqexec.exe
2011-05-17 14:51:25 ----D---- C:\Program Files\7-Zip
2011-05-13 18:37:22 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2011-05-12 07:13:01 ----D---- C:\Program Files\Akeeba
2011-05-11 19:59:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-05-11 19:59:22 ----A---- C:\Windows\system32\ntkrnlpa.exe
2011-05-11 12:22:13 ----D---- C:\_WWW-remote_controle-backups
2011-05-11 12:20:37 ----D---- C:\Users\Marek\AppData\Roaming\Apple Computer
2011-05-11 12:20:26 ----D---- C:\ProgramData\Titanium
2011-05-11 12:20:14 ----D---- C:\Users\Marek\AppData\Roaming\Titanium
2011-05-11 12:19:42 ----D---- C:\Program Files\Remote Control
2011-05-02 12:16:38 ----A---- C:\Windows\system32\AdobePDF.dll
2011-04-27 13:47:00 ----A---- C:\Windows\system32\prevhost.exe
2011-04-27 13:46:51 ----A---- C:\Windows\system32\XpsPrint.dll
2011-04-27 13:46:49 ----A---- C:\Windows\explorer.exe

======List of files/folders modified in the last 1 months======

2011-05-26 17:01:15 ----D---- C:\Windows\Temp
2011-05-26 17:01:14 ----RD---- C:\Program Files
2011-05-26 17:01:02 ----D---- C:\temp
2011-05-26 14:16:24 ----A---- C:\Windows\WINCMD.INI
2011-05-26 14:15:57 ----A---- C:\Windows\wcx_ftp.ini
2011-05-26 14:09:33 ----D---- C:\Windows\system32\drivers
2011-05-26 14:04:23 ----D---- C:\Windows
2011-05-26 14:04:22 ----A---- C:\Windows\system.ini
2011-05-26 14:04:17 ----D---- C:\Windows\system32\drivers\etc
2011-05-26 14:00:50 ----D---- C:\Windows\Tasks
2011-05-26 13:58:46 ----D---- C:\Windows\System32
2011-05-26 13:58:46 ----D---- C:\Windows\AppPatch
2011-05-26 13:58:45 ----D---- C:\Program Files\Common Files
2011-05-26 13:55:24 ----D---- C:\Windows\system32\config
2011-05-26 13:49:00 ----D---- C:\Windows\system32\catroot2
2011-05-26 13:47:46 ----SHD---- C:\Windows\Installer
2011-05-26 13:47:35 ----D---- C:\ProgramData
2011-05-26 13:47:22 ----D---- C:\Windows\system32\DriverStore
2011-05-26 13:47:22 ----D---- C:\Windows\system32\catroot
2011-05-26 13:47:22 ----D---- C:\Windows\inf
2011-05-26 11:21:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-05-25 23:46:28 ----SHD---- C:\System Volume Information
2011-05-25 23:45:47 ----D---- C:\Program Files\PSPad editor
2011-05-25 23:45:46 ----D---- C:\Windows\winsxs
2011-05-25 23:45:46 ----D---- C:\Windows\system32\wfp
2011-05-25 23:45:46 ----D---- C:\Windows\system32\wbem
2011-05-25 23:45:46 ----D---- C:\Windows\system32\Tasks
2011-05-25 23:45:46 ----D---- C:\Windows\system32\cs-CZ
2011-05-25 23:45:46 ----D---- C:\Windows\system32\CodeIntegrity
2011-05-25 23:45:46 ----D---- C:\Windows\pss
2011-05-25 23:45:46 ----D---- C:\Windows\AppCompat
2011-05-25 23:45:46 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2011-05-25 23:45:46 ----D---- C:\Users\Marek\AppData\Roaming\PSpad
2011-05-25 22:55:20 ----D---- C:\Windows\Minidump
2011-05-25 22:53:11 ----D---- C:\Program Files\ESET
2011-05-25 21:32:25 ----D---- C:\Windows\Prefetch
2011-05-25 21:31:56 ----D---- C:\Program Files\Mozilla Firefox
2011-05-25 21:18:14 ----D---- C:\Program Files\IrfanView
2011-05-25 21:18:10 ----D---- C:\Windows\registration
2011-05-25 21:03:37 ----D---- C:\Windows\system32\appmgmt
2011-05-25 19:07:17 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2011-05-25 19:06:58 ----A---- C:\Windows\system32\lgAxconfig.ini
2011-05-25 19:06:46 ----D---- C:\Users\Marek\AppData\Roaming\skypePM
2011-05-25 19:05:30 ----D---- C:\Windows\Logs
2011-05-25 19:04:11 ----D---- C:\ADCDA2
2011-05-24 17:34:30 ----D---- C:\Users\Marek\AppData\Roaming\Outlook
2011-05-23 15:49:25 ----D---- C:\Users\Marek\AppData\Roaming\FileZilla
2011-05-22 21:39:22 ----D---- C:\_soukromé
2011-05-13 08:23:01 ----D---- C:\ProgramData\Microsoft Help
2011-05-13 08:19:52 ----A---- C:\Windows\system32\MRT.exe
2011-05-02 12:14:05 ----D---- C:\Program Files\Common Files\Adobe
2011-04-29 23:41:28 ----D---- C:\Windows\rescache
2011-04-29 22:09:57 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-27 11:44:33 ----D---- C:\Program Files\HTC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
R0 giveio;giveio; C:\Windows\system32\giveio.sys [1996-04-03 5248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2005-11-14 34176]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 speedfan;speedfan; C:\Windows\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-09-06 721904]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-08-14 74720]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-12-21 134000]
R2 Hardlock;Hardlock; C:\Windows\system32\drivers\hardlock.sys [2006-11-22 693760]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 adatadrv;Autodata Protection Service; C:\Windows\system32\DRIVERS\adatadrv.sys [2009-07-01 762112]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 4994560]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator; C:\Windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
R3 GRemoteJoy;GRemote virtual joystick Device Driver; C:\Windows\system32\DRIVERS\GRemoteJoy.sys [2009-08-05 39112]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit; C:\Windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 8192]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 84992]
R3 SNTNLUSB;SafeNet USB SuperPro/UltraPro/HardwareKey; C:\Windows\system32\DRIVERS\SNTNLUSB.SYS [2008-07-11 37088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-08-28 228784]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]
R3 VPCNetS2;Virtual Machine Network Services Driver; C:\Windows\system32\DRIVERS\VMNetSrv.sys [2008-02-05 59960]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
S1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys []
S2 ASInsHelp;ASInsHelp; \??\C:\Windows\system32\drivers\AsInsHelp32.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTCOM;Bluetooth Serial port driver; C:\Windows\system32\DRIVERS\btcomport.sys []
S3 BTCOMBUS;Bluetooth Serial Port Bus Service; C:\Windows\System32\Drivers\btcombus.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2010-11-20 393216]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2010-11-20 60416]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2010-04-06 25864]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 FTDIBUS;USB Serial Converter Driver; C:\Windows\system32\drivers\ftdibus.sys [2002-04-03 18102]
S3 FTSER2K;USB Serial Port Driver; C:\Windows\system32\drivers\ftser2k.sys [2002-04-03 49457]
S3 HTCAND32;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2010-04-06 23048]
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbus.sys []
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-11-03 9040]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\Windows\system32\drivers\vpcuxd.sys [2010-11-20 12800]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 176128]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-02 595232]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-06 655624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-15 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1343400]
S4 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe []

-----------------EOF-----------------

Aktuálně instaluji Avast 6 Free.

Nainstalujte Avast 6

Dalsi skript pro ComboFix - postup je stejny

Kód: Vybrat vše

KillAll::

Driver::
ekrn
gupdate
gupdatem

Folder::
C:\Program Files\ESET

SecCenter::
{77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: ESET Smart Security 4.2 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
{4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
{CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: ESET Smart Security 4.2 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]

File::
C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll

Reboot::

Děkuji, zde je log:

ComboFix 11-05-25.01 - Marek 26.05.2011 18:04:37.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.3067.1436 [GMT 2:00]
Spuštěný z: c:\users\Marek\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Marek\Desktop\cfscript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\ESET
c:\users\Marek\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_ekrn
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-04-26 do 2011-05-26 )))))))))))))))))))))))))))))))
.
.
2011-05-26 16:15 . 2011-05-26 16:15 0 ---ha-w- c:\users\Marek\AppData\Local\BITEB38.tmp
2011-05-26 16:13 . 2011-05-26 16:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-26 15:33 . 2011-05-10 12:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-26 15:33 . 2011-05-10 12:03 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-26 15:33 . 2011-05-10 12:02 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-26 15:33 . 2011-05-10 11:59 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-26 15:33 . 2011-05-10 11:59 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-26 15:33 . 2011-05-10 11:59 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-05-26 15:33 . 2011-05-10 12:10 40112 ----a-w- c:\windows\avastSS.scr
2011-05-26 15:33 . 2011-05-10 12:10 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-26 15:33 . 2011-05-26 15:33 -------- d-----w- c:\programdata\AVAST Software
2011-05-26 15:33 . 2011-05-26 15:33 -------- d-----w- c:\program files\AVAST Software
2011-05-26 15:31 . 2011-05-26 15:32 56923744 ----a-w- c:\temp\setup_av_free.exe
2011-05-26 15:01 . 2011-05-26 15:01 -------- d-----w- C:\rsit
2011-05-26 15:01 . 2011-05-26 15:01 -------- d-----w- c:\program files\trend micro
2011-05-26 15:00 . 2011-05-26 15:01 339991 ----a-w- c:\temp\RSIT.exe
2011-05-26 06:53 . 2011-05-26 06:53 1431344 ----a-w- c:\temp\tdsskiller.exe
2011-05-25 21:01 . 2011-05-25 21:01 29524 ----a-w- C:\beruska.com
2011-05-25 13:49 . 2011-05-25 13:49 -------- d-----w- c:\users\Marek\AppData\Roaming\Malwarebytes
2011-05-25 13:48 . 2011-05-25 13:48 -------- d-----w- c:\programdata\Malwarebytes
2011-05-25 13:48 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-25 13:48 . 2011-05-25 21:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-05-25 13:48 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-25 09:11 . 2011-05-25 09:11 887072 ----a-w- c:\temp\chromeinstall-6u25 (1).exe
2011-05-25 09:08 . 2011-05-25 09:08 240288 ----a-w- c:\temp\uninstall_flash_player.exe
2011-05-24 20:21 . 2011-05-25 08:22 -------- d-----w- c:\users\Marek\AppData\Local\{06953E99-9DF4-456F-9C77-81332D8857D1}
2011-05-24 16:07 . 2011-05-24 16:07 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-24 12:52 . 2011-05-25 19:18 -------- d-----w- c:\users\Marek\AppData\Roaming\GBM Software
2011-05-24 12:11 . 2011-05-24 12:11 -------- d-----w- c:\program files\GBM
2011-05-24 07:55 . 2011-05-09 20:46 6962000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{965DEB4B-22B7-4E9B-9D92-D548C5E2040D}\mpengine.dll
2011-05-22 19:39 . 2011-05-22 19:39 -------- d-----w- c:\users\Marek\Nová složka
2011-05-18 20:39 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-05-18 06:28 . 2011-05-24 08:21 -------- d-----w- c:\users\Marek\AppData\Local\{06812D67-9244-4D25-B358-4EB79BC3B231}
2011-05-17 17:20 . 2011-05-17 17:21 40224713 ----a-w- c:\temp\install-ietester-v0.4.10.exe
2011-05-17 12:51 . 2011-05-17 12:51 -------- d-----w- c:\program files\7-Zip
2011-05-16 18:27 . 2011-05-17 18:28 -------- d-----w- c:\users\Marek\AppData\Local\{6BE877D0-98AC-43E3-A135-AD6679D364A0}
2011-05-13 16:37 . 2009-08-19 21:50 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2011-05-12 05:13 . 2011-05-12 05:13 -------- d-----w- c:\program files\Akeeba
2011-05-11 17:59 . 2011-04-09 06:02 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-05-11 17:59 . 2011-04-09 06:02 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 10:22 . 2011-05-12 09:01 -------- d-----w- C:\_WWW-remote_controle-backups
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Roaming\Apple Computer
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Local\Apple Computer
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\programdata\Titanium
2011-05-11 10:20 . 2011-05-11 10:20 -------- d-----w- c:\users\Marek\AppData\Roaming\Titanium
2011-05-11 10:19 . 2011-05-11 10:19 -------- d-----w- c:\program files\Remote Control
2011-05-07 09:53 . 2011-05-16 06:27 -------- d-----w- c:\users\Marek\AppData\Local\{659E3B50-F214-4472-B91F-D6F0FB746CE7}
2011-05-05 07:31 . 2011-05-05 07:31 380672 ----a-w- c:\temp\FlashUpgrade.exe
2011-05-05 07:21 . 2011-05-05 07:21 887072 ----a-w- c:\temp\chromeinstall-6u25.exe
2011-05-02 10:16 . 2009-08-19 21:50 46928 ----a-w- c:\windows\system32\AdobePDF.dll
2011-04-29 20:42 . 2011-05-06 20:45 -------- d-----w- c:\users\Marek\AppData\Local\{E678E063-51DD-49C9-90A0-F591ECDDA3D8}
2011-04-28 08:41 . 2011-04-29 08:42 -------- d-----w- c:\users\Marek\AppData\Local\{4A8E170A-BA0C-45B5-B174-6758D7F5419E}
2011-04-27 17:29 . 2011-05-11 07:32 -------- d-----w- c:\users\Marek\AppData\Local\GamePlayLabs Plugin
2011-04-27 17:28 . 2011-04-27 17:29 550240 ----a-w- c:\temp\MediaPluginSetup.exe
2011-04-27 11:47 . 2011-02-18 05:39 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-04-27 11:46 . 2011-03-12 11:23 870912 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-27 11:46 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2011-04-27 09:38 . 2011-04-27 09:39 72842492 ----a-w- c:\temp\setup_3.0.5511.exe
2011-04-26 19:23 . 2011-04-26 19:23 -------- d-----w- c:\users\Marek\AppData\Roaming\Software602
2011-04-26 19:06 . 2009-07-14 01:15 1386496 ----a-w- c:\windows\system32\msvbvm60001.dll
2011-04-26 19:06 . 2011-03-30 17:58 6536192 ----a-w- c:\windows\system32\cdintf450_x64.dll
2011-04-26 19:06 . 2011-03-30 17:54 4835328 ----a-w- c:\windows\system32\cdintf450.dll
2011-04-26 19:06 . 2010-09-20 14:55 2335880 ----a-w- c:\windows\system32\gdpdfplug.dll
2011-04-26 19:06 . 2010-09-20 14:55 1262216 ----a-w- c:\windows\system32\GdViewerpro4.ocx
2011-04-26 19:06 . 2011-04-26 19:06 -------- d-----w- c:\users\Marek\AppData\Roaming\InstallShield
2011-04-26 19:05 . 2011-04-26 19:05 -------- d-----w- c:\users\Marek\AppData\Roaming\602Installer
2011-04-26 19:01 . 2011-04-26 19:02 49612936 ----a-w- c:\temp\software602_form_filler.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-14 03:07 . 2010-09-19 08:53 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-13 08:50 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-13 08:37 . 2011-04-13 08:37 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-13 08:37 . 2011-04-13 08:37 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-13 08:37 . 2011-04-13 08:37 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-13 08:37 . 2011-04-13 08:37 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-13 08:37 . 2011-04-13 08:37 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-13 08:37 . 2011-04-13 08:37 367104 ----a-w- c:\windows\system32\html.iec
2011-04-13 08:37 . 2011-04-13 08:37 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-13 08:37 . 2011-04-13 08:37 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-13 08:37 . 2011-04-13 08:37 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-13 08:37 . 2011-04-13 08:37 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-13 08:37 . 2011-04-13 08:37 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-13 08:37 . 2011-04-13 08:37 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-13 08:37 . 2011-04-13 08:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-13 08:37 . 2011-04-13 08:37 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-13 08:37 . 2011-04-13 08:37 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-13 08:37 . 2011-04-13 08:37 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-13 08:37 . 2011-04-13 08:37 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-13 08:37 . 2011-04-13 08:37 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-13 08:37 . 2011-04-13 08:37 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-13 08:37 . 2011-04-13 08:37 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-13 08:37 . 2011-04-13 08:37 101888 ----a-w- c:\windows\system32\admparse.dll
2011-03-11 05:33 . 2011-04-13 07:57 1137664 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 05:33 . 2011-04-13 07:57 1164288 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-10 04:48 . 2010-06-24 10:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-03-08 05:28 . 2011-04-13 07:57 741376 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-03 05:38 . 2011-04-13 07:57 132608 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 05:36 . 2011-04-13 07:57 28672 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 03:42 . 2011-04-13 07:57 2333184 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-05-10 3459712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PC Suite for Sony Ericsson.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PC Suite for Sony Ericsson.lnk
backup=c:\windows\pss\PC Suite for Sony Ericsson.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Marek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2011-05-24 04:45 404568 ----a-w- c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GRemoteServer Pro]
2011-02-03 22:46 2647008 ----a-w- c:\program files\GBM\GRemote Pro\GRemoteServer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]
2008-07-22 16:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2011-01-07 20:09 585728 ----a-w- c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-08-11 14:30 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-08-11 14:30 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]
2009-08-28 11:16 1130504 ----a-w- c:\program files\Launch Manager\LManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mRouterConfig]
2006-03-02 10:54 290816 ----a-w- c:\program files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
2010-06-16 07:17 753664 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PcSync2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite for Smartphones]
2007-12-25 13:53 548864 ----a-r- c:\program files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
2010-05-14 08:32 1479680 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Print2PDF Print Monitor]
2011-04-12 08:58 222776 ----a-w- c:\program files\Software602\Print2PDF\Print2PDF.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-09-01 15:32 190928 ----a-w- c:\users\Marek\AppData\Roaming\QipGuard\QipGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-01-03 14:44 15028104 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2010-12-06 09:16 1242448 ----a-w- c:\program files\Steam\Steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-08-28 08:32 1557800 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vectir]
2010-09-02 19:51 1495552 ----a-w- c:\program files\Vectir\Vectir.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 08:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WLSync]
2010-09-22 23:19 1448800 ----a-w- c:\program files\Windows Live\Mesh\WLSync.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [2010-12-07 14336]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [2010-12-07 20736]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [2010-12-07 20096]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [2010-12-07 25088]
R3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys [x]
R3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys [x]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\Drivers\btnetBus.sys [2010-04-06 25864]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-23 23040]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\Drivers\IvtBtBus.sys [2010-04-06 23048]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 RDPDISPM;RDPDISPM;c:\windows\system32\DRIVERS\rdpdispm.sys [2010-11-03 9040]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB;c:\windows\system32\drivers\vpcuxd.sys [2010-11-20 12800]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-08 1343400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\Drivers\BtHidBus.sys [2010-04-06 20104]
S0 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2005-11-14 34176]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-06 721904]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [2011-03-14 84520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S2 NSHE;Guardant Emulator Driver;c:\windows\system32\Drivers\NSHE.SYS [2008-11-23 97792]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [2010-09-16 80896]
S3 adatadrv;Autodata Protection Service;c:\windows\system32\DRIVERS\adatadrv.sys [2009-07-01 762112]
S3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus.sys [2009-08-05 23368]
S3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy.sys [2009-08-05 39112]
S3 NETw5s32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\2a154tkq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Adobe Contribute Toolbar: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9} - c:\program files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - Ext: Page Speed: {e3f6c2cc-d8db-498c-af6c-499fb211db97} - %profile%\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: Media Plugin: plugin3@gameplaylabs.com - %profile%\extensions\plugin3@gameplaylabs.com
.
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(1420)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\WUDFHost.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\windows\system32\rundll32.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
c:\users\Marek\AppData\Local\Google\Chrome\Application\chrome.exe
.
**************************************************************************
.
Celkový čas: 2011-05-26 18:20:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-05-26 16:20
ComboFix2.txt 2011-05-26 12:09
.
Před spuštěním: Volných bajtů: 119 058 354 176
Po spuštění: Volných bajtů: 119 103 004 672
.
- - End Of File - - FE26B38DBDB9C7C4AB598CFF39C9D607

Můžete mě naést na zdroj informací ohledně programování skriptů pro combofix. Chápu jej tak, že se jedná o program, který prohlíží sadů parametrů v sytému. Pokud se mu dá skript, navíc provede příkazy ve skriptu? Nebo předávaný skript je jedinou vykonávanou sadou příkazů?

VIRY.CZ

Google chrome doesnt work due problem with win32/olmarik

Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik

Re: Google chrome doesnt work due problem with win32/olmarik