VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Pomalý PC, hraje melodie

https://forum.viry.cz:443/viewtopic.php?t=122064

Stránka 1 z 2

Pomalý PC, hraje melodie

Napsal: 01 čer 2012 19:56
od Sejsel
Poslední dobou se počítač začíná chovat tak nějak podivně. Jede pomaleji, zvlášť Java, Flash, celkově pak celý systém je trochu zbrzděný. Často se chová podivně, vrčí když nemá, něco tahá po netu (Wireshark ukázal, ale nevyznám se v tom) a při tom vše vypadalo dobře. Docela mě však dorazilo, když jsem si šel pro něco k jídlu, vracel jsem se a najednou mi z 8bit reproduktoru v PC začala hrát krátká melodie, asi 8 tónů. Celkem mě to vyděsilo.
Jinak, SP3 jsem instalovat zkoušel, ale po instalaci mi nikdy systém nenaběhne, vyhazuje krásnou modrou obrazovku, když nabíhá. Potom jsem musel reinstalovat systém pomocí instalačního CD, vše zůstalo zachováno.
Předem děkuju za odpovědi.

RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Worker at 2012-06-01 20:49:18
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 45 GB (30%) free of 150 GB
Total RAM: 2046 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:49:27, on 1.6.2012
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\GM4IE\gm4ie.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Hamachi\hamachi.exe
C:\Program Files\OSCAR Editor X7\OscarEditor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Media Key\MagicKey.exe
C:\Documents and Settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Things & Stuff\Touchpad Server\TouchpadServer.exe
C:\Program Files\Media Key\OSD.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Worker\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Worker.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;127.0.0.1:9421;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {A6984C00-C6EB-11D4-B4A4-080000180323} - C:\PROGRA~1\Rapidown\rapi310.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [GM4IE] C:\Program Files\GM4IE\gm4ie.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1454471165-287218729-725345543-1012\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: Touchpad Server.lnk = C:\Program Files\Things & Stuff\Touchpad Server\TouchpadServer.exe
O4 - Global Startup: Media Key.lnk = C:\Program Files\Media Key\MagicKey.exe
O8 - Extra context menu item: Baixar com o Rapidown... - C:\Program Files\Rapidown\rapidownGet.htm
O8 - Extra context menu item: Baixar tudo com o Rapidown... - C:\Program Files\Rapidown\rapidownGetAll.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra 'Tools' menuitem: Rapidown - {57E91B47-F40A-11D1-B792-444553540011} - C:\Program Files\Rapidown\rapidown.exe (file missing)
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net ... plugin.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... oader5.cab
O16 - DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} (SeeTooControl Class) - http://www.seetoo.com/downloadAddon.php ... ersion=7.0
O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.cz/Genoogle/Compo ... eQuery.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4015458468
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} (P3DActiveX Control) - http://panda-plugin.disney.go.com/plugi ... ctivex.cab
O16 - DPF: {A3D93B25-4601-49D2-B3AF-F447C73D561F} (Sony SNC-RZ25 Control) - http://213.29.153.37:50000/program/SonySncRz25View.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://dist.globalgamecdn.com/dist/neff ... uncher.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C660AAAB-4E42-41D3-A3BA-B9A9756E7E09}: NameServer = 10.0.0.138,10.0.0.225
O17 - HKLM\System\CCS\Services\Tcpip\..\{DACF0F24-31C4-489D-BC12-8A57D74230C6}: NameServer = 10.0.0.138
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate1c98f7666d64ee2) (gupdate1c98f7666d64ee2) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hamachi Service (HamachiService) - LogMeIn Inc. - C:\Program Files\Hamachi\hamachi.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 11477 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{9738FE7F-7ACE-45C0-B9AA-1A9B2F763858}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "extensions.enabledItems" - "{76063e7f-3558-4b68-8287-54eb6512adc0}:2.8.0, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}:11.0.1, {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2, {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1, {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2, {e968fc70-8f95-4ab9-9e79-304de2a71ee1}:0.7.3, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.12, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91"

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
"wrc@avast.com"=C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@garmin.com/GpsControl]
"Description"=Garmin GPS Control for Firefox
"Path"=C:\Program Files\Garmin GPS Plugin\npGarmin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.3.1]
"Description"=
"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
NPOFFICE.DLL
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
npwachk.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
fcmdSrch.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
weemi117.xml
weemi121.xml
wikipedia-cz.xml

C:\Documents and Settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default\extensions\
cacaoweb@cacaoweb.org
{07b2a769-ed19-4483-87ce-c643914c81bb}
{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}

C:\Documents and Settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default\searchplugins\
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2005-09-24 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6984C00-C6EB-11D4-B4A4-080000180323}]
C:\PROGRA~1\Rapidown\rapi310.dll [2009-12-03 346624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll [2012-01-13 1003576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll [2012-01-10 59272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\PROGRA~1\AVASTS~1\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2011-03-07 89456]
"LWS"=C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-05-15 15504192]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2012-05-15 108352]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GM4IE"=C:\Program Files\GM4IE\gm4ie.exe [2006-07-23 61440]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"OscarEditor"=C:\Program Files\OSCAR Editor X7\OscarEditor.exe [2010-07-22 2636800]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-10-29 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
C:\Program Files\Clownfish\Clownfish.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashMute]
C:\Program Files\FlashMute\FlashMute.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gigaget]
C:\Program Files\Giganology\Gigaget\GigagetShell.exe /s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Quick Search Box]
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe /autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KPeerNexonEU]
C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2010-02-15 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
C:\Program Files\VibrateGameDeviceDriver\RFPIcon.exe [2003-01-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe /startoptions []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-19 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TortoiseHgOverlayIconServer]
C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
C:\Program Files\VMware\VMware Player\hqtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
C:\PROGRA~1\GAMERS~1\LIVE!\Live.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"HssWd"=2

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Media Key.lnk - C:\Program Files\Media Key\MagicKey.exe

C:\Documents and Settings\Worker\Nabídka Start\Programy\Po spuštění
Dropbox.lnk - C:\Documents and Settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe
Touchpad Server.lnk - C:\Program Files\Things & Stuff\Touchpad Server\TouchpadServer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-06 267304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
nwprovau

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\GameSpy Arcade\Aphex.exe"="C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\PFPortChecker\PFPortChecker.exe"="C:\Program Files\PFPortChecker\PFPortChecker.exe:*:Enabled:PFPortChecker"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"="C:\Program Files\World of Warcraft\WoW-x.x.x.x-4.0.0.12911-Downloader.exe:*:Enabled:Blizzard Downloader"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\AeriaGames\EdenEternal\launcher.exe"="C:\AeriaGames\EdenEternal\launcher.exe:*:Enabled:launcher.exe"
"C:\AeriaGames\EdenEternal\_Launcher.exe"="C:\AeriaGames\EdenEternal\_Launcher.exe:*:Enabled:_Launcher.exe"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Documents and Settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\GamersFirst\APB Reloaded\Binaries\APB.exe"="C:\Program Files\GamersFirst\APB Reloaded\Binaries\APB.exe:*:Enabled:APB: APB.exe"
"C:\Program Files\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe"="C:\Program Files\GamersFirst\APB Reloaded\Binaries\VivoxVoiceService.exe:*:Enabled:APB: VivoxVoiceService.exe"
"C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:*:Enabled:Render Manager"
"C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:*:Enabled:umi"
"C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe"="C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe:*:Enabled:Pinnacle VideoSpin"
"C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe"="C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe:*:Enabled:NEXON_EU_Downloader_Engine"
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"D:\Uziv\Jira\Program Files\LOTRO\lotroclient.exe"="D:\Uziv\Jira\Program Files\LOTRO\lotroclient.exe:*:Enabled:lotroclient"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Java\jre7\bin\java.exe"="C:\Program Files\Java\jre7\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\Worker\Local Settings\Data aplikací\Sun\Java\Deployment\cache\6.0\45\2acec7ad-630329c9-1.4.2--n\eigcc_main.exe"="C:\Documents and Settings\Worker\Local Settings\Data aplikací\Sun\Java\Deployment\cache\6.0\45\2acec7ad-630329c9-1.4.2--n\eigcc_main.exe:*:Enabled:Voice Chat"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Java\jre7\bin\javaw.exe"="C:\Program Files\Java\jre7\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\TmNationsForever\TmForever.exe"="C:\Program Files\TmNationsForever\TmForever.exe:*:Enabled:TmForever"
"C:\Program Files\Valve\Portal 2\portal2.exe"="C:\Program Files\Valve\Portal 2\portal2.exe:*:Enabled:portal2"
"c:\BrickForce\BfLauncher.exe"="c:\BrickForce\BfLauncher.exe:*:Enabled:BFLauncher"
"c:\BrickForce\BrickForce.exe"="c:\BrickForce\BrickForce.exe:*:Enabled:BrickForce"
"C:\Program Files\Things & Stuff\Touchpad Server\TouchpadServer.exe"="C:\Program Files\Things & Stuff\Touchpad Server\TouchpadServer.exe:*:Enabled:Touchpad Server"
"C:\Program Files\Savage2\savage2.exe"="C:\Program Files\Savage2\savage2.exe:*:Enabled:savage2"
"C:\Program Files\Valve\Half-Life 2\hl2.exe"="C:\Program Files\Valve\Half-Life 2\hl2.exe:*:Enabled:Half-Life_2"
"C:\Program Files\Maxthon3\Bin\Maxthon.exe"="C:\Program Files\Maxthon3\Bin\Maxthon.exe:*:Enabled:Maxthon"
"C:\Program Files\Maxthon3\Bin\MxUp.exe"="C:\Program Files\Maxthon3\Bin\MxUp.exe:*:Enabled:MxUp"
"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"vidc.iv41"=ir41_32.dll
"VIDC.IYUV"=iyuv_32.dll
"wavemapper"=msacm32.drv
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.MPG4"=MPG4C32.dll
"vidc.MP42"=MPG4C32.dll
"vidc.MP43"=MPG4C32.dll
"VIDC.ACDV"=ACDV.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"MSVideo8"=VfWWDM32.dll
"vidc.tscc"=C:\WINDOWS\system32\tsccvid.dll
"vidc.mjpx"=Pvmjpg21.dll
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.I420"=msh263.drv
"MSVideo"=vfwwdm32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"vidc.iv50"=ir50_32.dll

======List of files/folders created in the last 1 month======

2020-08-14 17:24:50 ----D---- C:\Documents and Settings\Worker\Data aplikací\Hamachi
2020-08-14 17:24:20 ----D---- C:\Program Files\Hamachi
2012-06-01 20:49:18 ----D---- C:\rsit
2012-06-01 20:43:01 ----D---- C:\WINDOWS\LastGood
2012-05-23 19:20:21 ----D---- C:\ubuntu
2012-05-23 18:59:23 ----D---- C:\WINDOWS\Prefetch
2012-05-23 18:50:59 ----A---- C:\AUTOEXEC.BAT
2012-05-23 18:50:50 ----A---- C:\WINDOWS\OEWABLog.txt
2012-05-23 18:21:32 ----A---- C:\WINDOWS\pnplog.txt
2012-05-23 18:09:48 ----A---- C:\WINDOWS\system32\spxcoins.dll
2012-05-23 18:09:48 ----A---- C:\WINDOWS\system32\irclass.dll
2012-05-23 18:09:33 ----RA---- C:\WINDOWS\SET13B.tmp
2012-05-23 18:09:24 ----RA---- C:\WINDOWS\SET108.tmp
2012-05-23 18:09:21 ----RA---- C:\WINDOWS\SETFC.tmp
2012-05-23 18:09:20 ----RA---- C:\WINDOWS\SETF9.tmp
2012-05-23 17:15:51 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2012-05-23 17:15:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$
2012-05-23 17:11:23 ----A---- C:\WINDOWS\setuplog.txt
2012-05-23 17:10:35 ----D---- C:\WINDOWS\l2schemas
2012-05-23 17:10:34 ----D---- C:\WINDOWS\system32\cs
2012-05-23 17:10:34 ----D---- C:\WINDOWS\system32\bits
2012-05-23 17:06:43 ----A---- C:\WINDOWS\imsins.BAK
2012-05-23 16:52:24 ----A---- C:\WINDOWS\ava105B.tmp
2012-05-23 16:52:23 ----A---- C:\WINDOWS\system32\asw105A.tmp
2012-05-23 16:52:12 ----D---- C:\Program Files\AVAST Software
2012-05-23 16:52:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-05-21 20:59:59 ----D---- C:\dex2jar
2012-05-21 19:23:03 ----D---- C:\Documents and Settings\Worker\Data aplikací\GitHub
2012-05-13 22:02:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\Ask
2012-05-13 16:55:02 ----D---- C:\Program Files\WhoCrashed
2012-05-08 18:47:27 ----D---- C:\Program Files\Savage2

======List of files/folders modified in the last 1 month======

2012-06-01 20:49:29 ----HD---- C:\WINDOWS\inf
2012-06-01 20:49:27 ----D---- C:\Program Files\trend micro
2012-06-01 20:49:17 ----D---- C:\WINDOWS\system32\CatRoot2
2012-06-01 20:48:21 ----D---- C:\WINDOWS
2012-06-01 20:46:49 ----HD---- C:\WINDOWS\$hf_mig$
2012-06-01 20:41:43 ----D---- C:\Documents and Settings\Worker\Data aplikací\Dropbox
2012-06-01 20:41:42 ----D---- C:\WINDOWS\Temp
2012-06-01 20:41:15 ----DC---- C:\WINDOWS\system32\dllcache
2012-06-01 20:40:52 ----D---- C:\WINDOWS\system32\logishrd
2012-06-01 20:40:28 ----D---- C:\WINDOWS\system32
2012-05-29 17:48:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-29 17:42:49 ----RD---- C:\Program Files
2012-05-29 17:42:49 ----D---- C:\WINDOWS\system32\drivers
2012-05-29 17:39:00 ----D---- C:\Documents and Settings\Worker\Data aplikací\Skype
2012-05-29 17:06:15 ----D---- C:\Program Files\Mozilla Firefox
2012-05-28 18:02:00 ----A---- C:\WINDOWS\wincmd.ini
2012-05-28 17:54:40 ----A---- C:\WINDOWS\wcx_ftp.ini
2012-05-28 17:54:29 ----D---- C:\Documents and Settings\Worker\Data aplikací\SQLyog
2012-05-26 08:02:50 ----D---- C:\Documents and Settings\Worker\Data aplikací\.minecraft
2012-05-25 07:13:55 ----D---- C:\WINDOWS\system32\CatRoot
2012-05-25 07:12:22 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2012-05-24 15:59:00 ----D---- C:\WINDOWS\SoftwareDistribution
2012-05-24 15:58:58 ----D---- C:\WINDOWS\Help
2012-05-23 20:02:45 ----D---- C:\WINDOWS\system32\usmt
2012-05-23 20:02:34 ----D---- C:\WINDOWS\ehome
2012-05-23 20:02:32 ----D---- C:\WINDOWS\ime
2012-05-23 20:02:30 ----D---- C:\WINDOWS\Media
2012-05-23 20:02:17 ----D---- C:\WINDOWS\PeerNet
2012-05-23 20:02:02 ----D---- C:\WINDOWS\system32\npp
2012-05-23 20:01:54 ----D---- C:\WINDOWS\msagent
2012-05-23 19:58:50 ----D---- C:\WINDOWS\system32\1029
2012-05-23 19:58:25 ----D---- C:\WINDOWS\twain_32
2012-05-23 19:57:42 ----D---- C:\WINDOWS\system32\icsxml
2012-05-23 19:57:05 ----D---- C:\WINDOWS\system32\ias
2012-05-23 19:56:58 ----D---- C:\WINDOWS\system32\1033
2012-05-23 19:55:36 ----D---- C:\WINDOWS\WinSxS
2012-05-23 19:55:36 ----D---- C:\WINDOWS\Driver Cache
2012-05-23 19:39:34 ----D---- C:\WINDOWS\security
2012-05-23 19:35:54 ----RASH---- C:\boot.ini
2012-05-23 19:03:20 ----SHD---- C:\System Volume Information
2012-05-23 19:03:20 ----D---- C:\WINDOWS\system32\Restore
2012-05-23 19:02:29 ----D---- C:\WINDOWS\Registration
2012-05-23 19:00:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-05-23 18:58:49 ----D---- C:\WINDOWS\system32\config
2012-05-23 18:58:48 ----D---- C:\WINDOWS\system32\Setup
2012-05-23 18:58:48 ----D---- C:\WINDOWS\system32\inetsrv
2012-05-23 18:58:46 ----RSD---- C:\WINDOWS\Fonts
2012-05-23 18:58:46 ----D---- C:\WINDOWS\AppPatch
2012-05-23 18:50:44 ----A---- C:\WINDOWS\ODBCINST.INI
2012-05-23 18:50:27 ----ASH---- C:\WINDOWS\fonts\desktop.ini
2012-05-23 18:49:57 ----RD---- C:\WINDOWS\Web
2012-05-23 18:49:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2012-05-23 18:49:38 ----A---- C:\WINDOWS\win.ini
2012-05-23 18:49:34 ----D---- C:\WINDOWS\system32\oobe
2012-05-23 18:49:31 ----D---- C:\WINDOWS\srchasst
2012-05-23 18:49:28 ----D---- C:\Program Files\Windows Media Player
2012-05-23 18:49:24 ----D---- C:\Program Files\Movie Maker
2012-05-23 18:49:14 ----D---- C:\Program Files\NetMeeting
2012-05-23 18:49:11 ----D---- C:\Program Files\Outlook Express
2012-05-23 18:49:10 ----D---- C:\Program Files\Common Files\System
2012-05-23 18:49:00 ----D---- C:\Program Files\Internet Explorer
2012-05-23 18:48:19 ----D---- C:\WINDOWS\system32\Com
2012-05-23 18:47:51 ----D---- C:\WINDOWS\system32\wbem
2012-05-23 18:47:49 ----D---- C:\Program Files\Windows NT
2012-05-23 18:27:19 ----D---- C:\Program Files\Common Files\LogiShrd
2012-05-23 18:09:53 ----A---- C:\WINDOWS\system.ini
2012-05-23 18:09:48 ----D---- C:\WINDOWS\system
2012-05-23 18:09:38 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2012-05-23 18:08:10 ----D---- C:\Program Files\7-Zip
2012-05-23 18:08:10 ----D---- C:\Config.Msi
2012-05-23 17:14:22 ----D---- C:\Program Files\Messenger
2012-05-23 17:10:40 ----D---- C:\WINDOWS\network diagnostic
2012-05-23 17:10:35 ----D---- C:\WINDOWS\system32\cs-cz
2012-05-23 17:09:00 ----D---- C:\WINDOWS\ServicePackFiles
2012-05-23 17:06:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2012-05-23 16:53:10 ----SHD---- C:\WINDOWS\Installer
2012-05-23 16:43:01 ----D---- C:\Program Files\Adobe
2012-05-23 16:41:04 ----D---- C:\Program Files\Valve
2012-05-23 16:15:19 ----D---- C:\Program Files\Steam
2012-05-23 16:15:19 ----D---- C:\Documents and Settings\Worker\Data aplikací\Vso
2012-05-23 16:13:09 ----D---- C:\Program Files\CCleaner
2012-05-23 16:07:40 ----D---- C:\Program Files\Common Files\DVDVideoSoft
2012-05-23 16:05:40 ----D---- C:\Program Files\TrackMania Sunrise
2012-05-23 16:00:35 ----D---- C:\Stranded II
2012-05-23 15:59:14 ----RD---- C:\Program Files\Skype
2012-05-23 15:55:25 ----D---- C:\Program Files\Common Files\InstallShield
2012-05-23 15:55:09 ----HD---- C:\Program Files\InstallShield Installation Information
2012-05-23 15:55:08 ----D---- C:\Program Files\CyberLink
2012-05-23 15:51:19 ----D---- C:\Program Files\Ahead
2012-05-23 15:51:10 ----D---- C:\Program Files\Common Files\Ahead
2012-05-23 15:49:57 ----D---- C:\Program Files\Mozilla Thunderbird
2012-05-23 15:48:39 ----D---- C:\Program Files\Johanka z Arku
2012-05-23 15:45:36 ----D---- C:\Program Files\EA GAMES
2012-05-23 15:44:09 ----D---- C:\Program Files\Heroes of Annihilated Empires
2012-05-23 15:42:17 ----D---- C:\Program Files\FlatOut2
2012-05-23 15:42:09 ----D---- C:\Program Files\Electronic Arts
2012-05-23 15:41:26 ----D---- C:\Program Files\Elaborate Bytes
2012-05-23 15:40:18 ----A---- C:\WINDOWS\SIERRA.INI
2012-05-23 15:39:24 ----D---- C:\BrickForce
2012-05-23 15:34:58 ----D---- C:\Program Files\Common Files
2012-05-23 15:34:39 ----D---- C:\Program Files\Android
2012-05-23 15:30:31 ----D---- C:\Documents and Settings\Worker\Data aplikací\TS3Client
2012-05-23 15:29:55 ----D---- C:\WINDOWS\Logs
2012-05-23 15:29:55 ----D---- C:\WINDOWS\Debug
2012-05-23 15:21:57 ----D---- C:\Program Files\NVIDIA Corporation
2012-05-22 21:52:24 ----A---- C:\WINDOWS\NeroDigital.ini
2012-05-21 20:59:45 ----D---- C:\android
2012-05-21 20:45:01 ----D---- C:\Program Files\PowerArchiver
2012-05-15 17:37:16 ----D---- C:\WINDOWS\system32\DirectX
2012-05-15 17:26:31 ----D---- C:\Documents and Settings\Worker\Data aplikací\BitTorrent
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\OpenCL.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvgenco32.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvdispco32.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvcuvenc.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvcuda.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvcompiler.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nvapi.dll
2012-05-15 12:18:00 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2012-05-15 11:43:36 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2012-05-15 11:43:35 ----A---- C:\WINDOWS\system32\nvrszht.dll
2012-05-15 11:43:35 ----A---- C:\WINDOWS\system32\nvrsth.dll
2012-05-15 11:43:35 ----A---- C:\WINDOWS\system32\nvrssv.dll
2012-05-15 11:43:35 ----A---- C:\WINDOWS\system32\nvrsit.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrsnl.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrsko.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrsesm.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrseng.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrsel.dll
2012-05-15 11:43:34 ----A---- C:\WINDOWS\system32\nvrsar.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrssl.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrspt.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrsno.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrshe.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2012-05-15 11:43:33 ----A---- C:\WINDOWS\system32\nvrsfi.dll
2012-05-15 11:43:32 ----A---- C:\WINDOWS\system32\nvrses.dll
2012-05-15 11:43:31 ----A---- C:\WINDOWS\system32\nvrssk.dll
2012-05-15 11:43:31 ----A---- C:\WINDOWS\system32\nvrsru.dll
2012-05-15 11:43:30 ----A---- C:\WINDOWS\system32\nvrstr.dll
2012-05-15 11:43:30 ----A---- C:\WINDOWS\system32\nvrshu.dll
2012-05-15 11:43:30 ----A---- C:\WINDOWS\system32\nvrsda.dll
2012-05-15 11:43:29 ----A---- C:\WINDOWS\system32\nvrspl.dll
2012-05-15 11:43:29 ----A---- C:\WINDOWS\system32\nvrsja.dll
2012-05-15 11:43:28 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2012-05-15 11:43:28 ----A---- C:\WINDOWS\system32\nvrsde.dll
2012-05-15 11:43:28 ----A---- C:\WINDOWS\system32\nvrscs.dll
2012-05-15 11:40:26 ----A---- C:\WINDOWS\system32\nvwddi.dll
2012-05-15 11:40:02 ----A---- C:\WINDOWS\system32\nvcpl.dll
2012-05-15 11:40:02 ----A---- C:\WINDOWS\system32\nvcolor.exe
2012-05-15 11:40:01 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2012-05-15 11:40:01 ----A---- C:\WINDOWS\system32\nvmctray.dll
2012-05-14 22:03:09 ----D---- C:\Documents and Settings\Worker\Data aplikací\vlc
2012-05-13 22:03:15 ----D---- C:\Program Files\DsNET Corp
2012-05-12 08:49:59 ----D---- C:\Program Files\Microsoft Silverlight
2012-05-12 07:55:18 ----A---- C:\WINDOWS\system32\MRT.exe
2012-05-08 18:53:38 ----RSD---- C:\WINDOWS\assembly
2012-05-07 14:26:07 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2007-10-29 61056]
R0 prohlp02;StarForce Protection Helper Driver v2; C:\WINDOWS\System32\drivers\prohlp02.sys [2004-05-13 111808]
R0 prosync1;StarForce Protection Synchronization Driver v1; C:\WINDOWS\System32\drivers\prosync1.sys [2003-09-06 6944]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); C:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a); C:\WINDOWS\System32\drivers\sfdrv01a.sys [2006-07-05 63352]
R0 sfhlp01;StarForce Protection Helper Driver; C:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); C:\WINDOWS\System32\drivers\sfhlp02.sys [2006-06-14 13680]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); C:\WINDOWS\System32\drivers\sfsync02.sys [2006-07-10 27032]
R0 sfsync04;StarForce Protection Synchronization Driver (version 4.x); C:\WINDOWS\System32\drivers\sfsync04.sys [2006-03-24 50176]
R0 sfvfs02;StarForce Protection VFS Driver (version 2.x); C:\WINDOWS\System32\drivers\sfvfs02.sys [2007-01-12 82296]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2010-12-17 31088]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-10-29 39936]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2007-10-29 14848]
R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2002-07-11 12856]
R1 prodrv06;StarForce Protection Environment Driver v6; C:\WINDOWS\System32\drivers\prodrv06.sys [2004-05-13 79488]
R1 Tcpip6;Ovladač protokolu Microsoft IPv6; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2007-10-29 223616]
R1 UsbFltr;WayTechUSBFilterDriver; C:\WINDOWS\system32\drivers\UsbFltr.sys [2006-04-28 9291]
R1 vmm;Virtual Machine Monitor; \??\C:\WINDOWS\system32\Drivers\vmm.sys []
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2007-10-29 12032]
R2 athsgt;athsgt; C:\WINDOWS\system32\DRIVERS\athsgt.sys [2008-07-26 164992]
R2 limsgt;limsgt; C:\WINDOWS\system32\DRIVERS\limsgt.sys [2008-07-26 12544]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2007-10-29 88448]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2007-10-29 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2007-10-29 55936]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2007-10-29 60800]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2020-08-14 25280]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2007-10-29 9600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2010-05-07 25824]
R3 LVRS;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2010-11-10 283744]
R3 LVUVC;Logitech Webcam C210(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2010-11-10 4323040]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2007-10-29 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-05-15 14014656]
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2008-03-05 10368]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2007-08-07 98944]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2007-10-29 12416]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-10-29 31616]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-10-29 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-10-29 20480]
R3 VPCNetS2;Virtual Machine Network Services; C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys [2007-01-29 59280]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2007-03-08 8320]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver; C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
S3 MarvinBus;Pinnacle Marvin Bus; C:\WINDOWS\system32\DRIVERS\MarvinBus.sys [2005-09-24 171520]
S3 msloop;Microsoft Loopback Adapter Driver; C:\WINDOWS\system32\DRIVERS\loop.sys [2007-10-29 4992]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2007-10-29 10880]
S3 NPPTNT2;NPPTNT2; \??\C:\WINDOWS\system32\npptNT2.sys []
S3 nrtap;NeoRouter Virtual Network Interface; C:\WINDOWS\system32\DRIVERS\nrtap.sys [2009-09-01 24576]
S3 NWRDR;NetWare Rdr; C:\WINDOWS\system32\DRIVERS\nwrdr.sys [2007-10-29 163584]
S3 Pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\Pcouffin.sys [2009-12-18 47360]
S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]
S3 se58mdfl;Sony Ericsson Device 088 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\se58mdfl.sys [2006-09-05 9360]
S3 se58mdm;Sony Ericsson Device 088 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\se58mdm.sys [2006-09-05 97088]
S3 se58mgmt;Sony Ericsson Device 088 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\se58mgmt.sys [2006-09-05 88624]
S3 se58nd5;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (NDIS); C:\WINDOWS\system32\DRIVERS\se58nd5.sys [2006-09-05 18704]
S3 se58obex;Sony Ericsson Device 088 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\se58obex.sys [2006-09-05 86432]
S3 se58unic;Sony Ericsson Device 088 USB Ethernet Emulation SEMC58 (WDM); C:\WINDOWS\system32\DRIVERS\se58unic.sys [2006-09-05 90800]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2007-10-29 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2007-10-29 15360]
S3 tap0901;TAP-Win32 Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2009-12-12 25984]
S3 taphss;Anchorfree HSS Adapter; C:\WINDOWS\system32\DRIVERS\taphss.sys [2010-09-22 32768]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2004-08-03 12672]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2004-08-03 78464]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys []
S3 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2011-01-15 30208]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\WINDOWS\system32\DRIVERS\vcsvad.sys [2008-12-26 17792]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 vproiah;vproiah; C:\WINDOWS\system32\DRIVERS\vproiah.sys []
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2005-01-28 18944]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XDva394;XDva394; \??\C:\WINDOWS\system32\XDva394.sys []
S4 RsFx0102;RsFx0102 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;Pomocná služba protokolu IPv6; C:\WINDOWS\system32\svchost.exe [2007-10-29 14336]
R2 HamachiService;Hamachi Service; C:\Program Files\Hamachi\hamachi.exe [2020-08-14 624416]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2012-04-08 161664]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 162648]
R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-05-15 164160]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2007-10-29 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-08-10 75136]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2007-10-29 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1c98f7666d64ee2;Služba Google Update (gupdate1c98f7666d64ee2); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-11-02 194104]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2008-07-11 40999448]
S2 NWCWorkstation;Klient systému NetWare; C:\WINDOWS\system32\svchost.exe [2007-10-29 14336]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-03-05 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-07 257696]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-02-15 133104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2010-01-13 3477452]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-08-07 411432]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2007-10-29 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-07-10 258072]

-----------------EOF-----------------

Re: Pomalý PC, hraje melodie

Napsal: 01 čer 2012 20:15
od Rudy
Poprosím o log ComboFix.
Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Re: Pomalý PC, hraje melodie

Napsal: 01 čer 2012 20:22
od Sejsel
Ještě bych chtěl doplnit, že jsem teď zjistil, že mi zřejmě nejede antivir (Avast). Nedávno jsem ho reinstaloval a je možné, že od té doby nejede. Bohužel nejsem v současné době v situaci, kdy bych si mohl dovolit placený antivir. Pokud mi doporučíte jiný zdarma, nepohrdnu :)

Log z Combofixu tu bude za chvilku.

Re: Pomalý PC, hraje melodie

Napsal: 01 čer 2012 20:23
od Rudy
AV nemusí fungovat proto, že ho něco blokuje. Uvidíme po vyčištění.

Re: Pomalý PC, hraje melodie

Napsal: 01 čer 2012 20:44
od Sejsel
No, Avast vyhazuje tuhle chybu: Failed to load language dll [1033\UILangRes.dll]

Tady je ComboFix:

ComboFix 12-06-01.03 - Worker 01.06.2012 21:25:05.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1314 [GMT 2:00]
Spuštěný z: c:\documents and settings\Worker\Plocha\ComboFix.exe
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\ava105B.tmp
c:\windows\COM+.log
c:\windows\msmqinst.log
c:\windows\regopt.log
c:\windows\system32\asw105A.tmp
c:\windows\system32\Oleaut32.1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-01 do 2012-06-01 )))))))))))))))))))))))))))))))
.
.
2020-08-14 15:24 . 2012-06-01 19:36 -------- d-----w- c:\documents and settings\Worker\Data aplikací\Hamachi
2020-08-14 15:24 . 2011-11-23 17:58 -------- d-----w- c:\program files\Hamachi
2012-06-01 18:50 . 2012-06-01 18:50 -------- d-----w- c:\windows\system32\CatRoot_bak
2012-06-01 18:49 . 2012-06-01 18:49 -------- d-----w- C:\rsit
2012-06-01 18:43 . 2012-06-01 18:43 -------- d-----w- c:\windows\LastGood
2012-05-23 17:20 . 2012-05-23 17:20 -------- d-----w- C:\ubuntu
2012-05-23 16:53 . 2007-10-29 12:00 6144 -c--a-w- c:\windows\system32\dllcache\snmpmib.dll
2012-05-23 16:52 . 2007-10-29 12:00 471102 -c--a-w- c:\windows\system32\dllcache\imskdic.dll
2012-05-23 16:51 . 2007-10-29 12:00 372736 -c--a-w- c:\windows\system32\dllcache\asp51.dll
2012-05-23 16:49 . 2007-10-29 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2012-05-23 16:49 . 2007-10-29 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2012-05-23 16:49 . 2007-10-29 12:00 118784 ----a-w- c:\windows\system32\msg723.acm
2012-05-23 16:49 . 2007-10-29 12:00 188416 ----a-w- c:\windows\system32\msh261.drv
2012-05-23 16:09 . 2007-10-29 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2012-05-23 16:09 . 2007-10-29 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2012-05-23 16:09 . 2007-10-29 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2012-05-23 16:09 . 2007-10-29 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2012-05-23 16:09 . 2007-10-29 12:00 14573 ----a-r- c:\windows\SET13B.tmp
2012-05-23 16:09 . 2007-10-29 12:00 14043 ----a-r- c:\windows\SET108.tmp
2012-05-23 16:09 . 2007-10-29 12:00 1086058 ----a-r- c:\windows\SETFC.tmp
2012-05-23 16:09 . 2007-10-29 12:00 1021278 ----a-r- c:\windows\SETF9.tmp
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\l2schemas
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\system32\cs
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\system32\bits
2012-05-23 14:52 . 2012-05-23 14:52 -------- d-----w- c:\program files\AVAST Software
2012-05-23 14:52 . 2012-05-23 14:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-05-21 18:59 . 2012-05-21 19:12 -------- d-----w- C:\dex2jar
2012-05-21 17:52 . 2012-05-21 17:53 -------- d-----w- c:\documents and settings\Worker\.ssh
2012-05-21 17:23 . 2012-05-21 17:23 -------- d-----w- c:\documents and settings\Worker\Data aplikací\GitHub
2012-05-21 17:22 . 2012-05-21 17:51 -------- d-----w- c:\documents and settings\Worker\Local Settings\Data aplikací\GitHub
2012-05-13 20:02 . 2012-05-13 20:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ask
2012-05-13 14:55 . 2012-05-23 14:08 -------- d-----w- c:\program files\WhoCrashed
2012-05-08 16:47 . 2012-05-23 13:57 -------- d-----w- c:\program files\Savage2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-08-14 15:24 . 2009-11-23 19:14 25280 ------w- c:\windows\system32\drivers\hamachi.sys
2012-05-23 13:42 . 2009-04-25 07:33 3022 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2012-05-15 10:18 . 2012-04-08 14:33 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-05-15 10:18 . 2012-04-08 14:33 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:18 . 2012-04-08 14:33 2530624 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:18 . 2012-04-08 14:33 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:18 . 2012-04-08 14:33 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
2012-05-15 10:18 . 2012-04-08 14:33 17543168 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:18 . 2007-12-04 17:41 6012928 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:18 . 2007-12-04 17:41 4373248 ----a-w- c:\windows\system32\nv4_disp.dll
2012-05-15 10:18 . 2007-12-04 17:41 2359808 ----a-w- c:\windows\system32\nvapi.dll
2012-05-15 10:18 . 2007-12-04 17:41 18771968 ----a-w- c:\windows\system32\nvoglnt.dll
2012-05-15 10:18 . 2007-12-04 17:41 14014656 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-05-15 09:43 . 2007-12-04 17:41 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-05-15 09:43 . 2007-12-04 17:41 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-05-15 09:43 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-05-15 09:43 . 2007-12-04 17:41 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-05-15 09:43 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-05-15 09:43 . 2007-12-04 17:41 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-05-15 09:43 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-05-15 09:43 . 2007-12-04 17:41 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-05-15 09:43 . 2007-12-04 17:41 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-05-15 09:43 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-05-15 09:40 . 2007-12-04 17:41 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-05-15 09:40 . 2007-12-04 17:41 15504192 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 09:40 . 2007-12-04 17:41 143680 ----a-w- c:\windows\system32\nvcolor.exe
2012-05-15 09:40 . 2007-12-04 17:41 164160 ----a-w- c:\windows\system32\nvsvc32.exe
2012-05-15 09:40 . 2007-12-04 17:41 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-07 12:26 . 2012-04-05 18:08 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-07 12:26 . 2011-06-03 04:35 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-10 13:27 . 2012-04-10 13:27 53248 ----a-r- c:\documents and settings\Worker\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-04-08 14:24 . 2012-04-08 14:24 141312 ----a-w- c:\windows\system32javacpl.cpl
2012-04-08 14:24 . 2012-04-08 14:24 0 ----a-w- c:\windows\system32\RENBFA.tmp
2012-04-08 14:24 . 2012-04-08 14:24 0 ----a-w- c:\windows\system32\RENBF9.tmp
2012-03-25 13:40 . 2012-03-25 13:40 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-03-25 12:26 . 2009-12-18 12:43 87608 ----a-w- c:\documents and settings\Worker\Data aplikací\inst.exe
2012-03-25 12:26 . 2009-12-18 12:43 47360 ----a-w- c:\documents and settings\Worker\Data aplikací\pcouffin.sys
2009-02-15 13:54 . 2009-02-15 13:54 1038968 ----a-w- c:\program files\Google_Updater.exe
2007-05-25 09:55 . 2008-06-30 16:24 1972895 ----a-w- c:\program files\Chalk.exe
2012-05-26 05:54 . 2011-04-06 15:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\es.dll
[7] 2007-10-29 11:00 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB901214$\$NtUninstallKB902400$\es.dll
[7] 2005-07-26 04:42 . 8B1B932554B6317E97AE3B9D05344470 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[7] 2005-07-26 04:30 . 7B9199B6809586DC2CF30D411CECBD33 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GM4IE"="c:\program files\GM4IE\gm4ie.exe" [2006-07-23 61440]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"OscarEditor"="c:\program files\OSCAR Editor X7\OscarEditor.exe" [2010-07-22 2636800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-29 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2007-10-29 44544]
.
c:\documents and settings\Worker\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
Touchpad Server.lnk - c:\program files\Things & Stuff\Touchpad Server\TouchpadServer.exe [2012-4-26 97280]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2012-3-4 159744]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-15 17:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
2003-01-16 10:32 49152 ----a-w- c:\program files\VibrateGameDeviceDriver\rfpicon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2008-09-19 17:40 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"HssWd"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Worker\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"d:\\Uziv\\Jira\\Program Files\\LOTRO\\lotroclient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Documents and Settings\\Worker\\Local Settings\\Data aplikací\\Sun\\Java\\Deployment\\cache\\6.0\\45\\2acec7ad-630329c9-1.4.2--n\\eigcc_main.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Valve\\Portal 2\\portal2.exe"=
"c:\\Program Files\\Things & Stuff\\Touchpad Server\\TouchpadServer.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57415:TCP"= 57415:TCP:Pando Media Booster
"57415:UDP"= 57415:UDP:Pando Media Booster
"56289:TCP"= 56289:TCP:Pando Media Booster
"56289:UDP"= 56289:UDP:Pando Media Booster
"57029:TCP"= 57029:TCP:Pando Media Booster
"57029:UDP"= 57029:UDP:Pando Media Booster
"56849:TCP"= 56849:TCP:Pando Media Booster
"56849:UDP"= 56849:UDP:Pando Media Booster
"57919:TCP"= 57919:TCP:Pando Media Booster
"57919:UDP"= 57919:UDP:Pando Media Booster
"26500:TCP"= 26500:TCP:Minecraft
"26500:UDP"= 26500:UDP:Minecraft
"12975:TCP"= 12975:TCP:Initiator
"32976:TCP"= 32976:TCP:Session
"17771:TCP"= 17771:TCP:Hamachi
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"56907:TCP"= 56907:TCP:Pando Media Booster
"56907:UDP"= 56907:UDP:Pando Media Booster
"59024:TCP"= 59024:TCP:Pando Media Booster
"59024:UDP"= 59024:UDP:Pando Media Booster
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [4.3.2012 12:03 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [4.3.2012 12:03 9291]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [26.7.2008 20:42 164992]
R2 HamachiService;Hamachi Service;c:\program files\Hamachi\hamachi.exe [14.8.2020 17:24 624416]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [26.7.2008 20:42 12544]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [8.4.2012 16:34 1262400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
S2 gupdate1c98f7666d64ee2;Služba Google Update (gupdate1c98f7666d64ee2);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 16:04 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 9:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5.4.2012 20:08 257696]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 16:04 133104]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14.1.2008 12:06 21632]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 nrtap;NeoRouter Virtual Network Interface;c:\windows\system32\drivers\nrtap.sys [1.9.2009 21:06 24576]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [18.12.2009 14:43 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18.1.2011 18:43 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [19.11.2011 11:22 17792]
S3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys --> c:\windows\system32\DRIVERS\vproiah.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
S3 XDva394;XDva394;\??\c:\windows\system32\XDva394.sys --> c:\windows\system32\XDva394.sys [?]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 2:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 3:49 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 2:28 369688]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-05-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:26]
.
2012-05-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-23 10:56]
.
2012-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 14:04]
.
2012-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-15 14:04]
.
2020-08-14 c:\windows\Tasks\User_Feed_Synchronization-{9738FE7F-7ACE-45C0-B9AA-1A9B2F763858}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local;127.0.0.1:9421;
IE: Baixar com o Rapidown... - c:\program files\Rapidown\rapidownGet.htm
IE: Baixar tudo com o Rapidown... - c:\program files\Rapidown\rapidownGetAll.htm
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{57E91B47-F40A-11D1-B792-444553540011} - c:\program files\Rapidown\rapidown.exe
TCP: Interfaces\{C660AAAB-4E42-41D3-A3BA-B9A9756E7E09}: NameServer = 10.0.0.138,10.0.0.225
TCP: Interfaces\{DACF0F24-31C4-489D-BC12-8A57D74230C6}: NameServer = 10.0.0.138
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} - hxxp://www.seetoo.com/downloadAddon.php?platfo ... ersion=7.0
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
FF - ProfilePath - c:\documents and settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-Clownfish - c:\program files\Clownfish\Clownfish.exe
MSConfigStartUp-FlashMute - c:\program files\FlashMute\FlashMute.exe
MSConfigStartUp-Gigaget - c:\program files\Giganology\Gigaget\GigagetShell.exe
MSConfigStartUp-Google Quick Search Box - c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
MSConfigStartUp-KPeerNexonEU - c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSConfigStartUp-PinnacleDriverCheck - c:\windows\system32\PSDrvCheck.exe
MSConfigStartUp-Sony Ericsson PC Suite - c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
MSConfigStartUp-TortoiseHgOverlayIconServer - c:\program files\TortoiseHg\TortoiseHgOverlayServer.exe
MSConfigStartUp-VMware hqtray - c:\program files\VMware\VMware Player\hqtray.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-01 21:36
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:0f,b2,b5,ec,93,eb,02,57,42,62,cb,3d,b7,28,e8,31,03,37,e0,71,b7,76,94,
5b,ce,37,a6,65,01,6a,dc,48,d8,2d,58,ed,7e,44,88,46,08,cc,06,9d,78,07,94,2c,\
"??"=hex:13,d3,f9,47,4b,e2,e6,71,39,18,84,1b,f1,0a,a0,2a
.
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:19,6b,15,e7,0b,45,2b,c4,cf,76,cd,f0,03,9a,33,1d,8e,df,29,28,ca,
1c,1a,60,66,0b,ef,c4,2d,73,fa,98,8e,d9,7b,df,f8,7e,70,65,c7,db,e2,27,e6,87,\
"rkeysecu"=hex:3e,80,9e,c4,40,b4,90,83,87,8e,33,49,64,ac,f8,d9
.
Celkový čas: 2012-06-01 21:39:37
ComboFix-quarantined-files.txt 2012-06-01 19:39
.
Před spuštěním: Volných bajtů: 47 157 907 456
Po spuštění: Volných bajtů: 47 114 268 672
.
- - End Of File - - E4F8843283D0E699CB4FD2B9962F4457

Re: Pomalý PC, hraje melodie

Napsal: 01 čer 2012 21:44
od Rudy
Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:
KillAll::

Collect::
c:\windows\SET13B.tmp
c:\windows\SET108.tmp
c:\windows\SETFC.tmp
c:\windows\SETF9.tmp
c:\windows\system32\XDva394.sys
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
XDva394

Folder::
c:\program files\Google\GoogleToolbarNotifier

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
[-HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

Firefox::
FF - ProfilePath - c:\documents and settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=

Regnull::
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\SecuROM\License information*]

RegLock::
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 10:34
od Sejsel
ComboFix se chtěl při prvním pokusu aktualizovat, tak jsem ho nechal. Bohužel potom zamrzl a nic se nedělo. Restartoval jsem PC a zkusil to znova. LOG:

ComboFix 12-06-02.02 - Worker 02.06.2012 11:06:05.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.2046.1415 [GMT 2:00]
Spuštěný z: c:\documents and settings\Worker\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Worker\Plocha\CFScript.txt
.
file zipped: c:\windows\SET108.tmp
file zipped: c:\windows\SET13B.tmp
file zipped: c:\windows\SETF9.tmp
file zipped: c:\windows\SETFC.tmp
file zipped: c:\windows\Tasks\Google Software Updater.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
file zipped: c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\GoogleToolbarNotifier
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\gth.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\gtn.dll
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\Readme.url
c:\program files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
c:\program files\Google\GoogleToolbarNotifier\swg-5.3.4501.1418\SearchWithGoogleUpdate.exe
c:\program files\Google\GoogleToolbarNotifier\swg-5.4.4525.1752\SearchWithGoogleUpdate.exe
c:\program files\Google\GoogleToolbarNotifier\swg-5.6.5612.1312\SearchWithGoogleUpdate.exe
c:\windows\msmqinst.log
c:\windows\SET108.tmp
c:\windows\SET13B.tmp
c:\windows\SETF9.tmp
c:\windows\SETFC.tmp
c:\windows\Tasks\Google Software Updater.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA394
-------\Service_XDva394
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-02 do 2012-06-02 )))))))))))))))))))))))))))))))
.
.
2020-08-14 15:24 . 2012-06-02 09:19 -------- d-----w- c:\documents and settings\Worker\Data aplikací\Hamachi
2020-08-14 15:24 . 2011-11-23 17:58 -------- d-----w- c:\program files\Hamachi
2012-06-01 18:50 . 2012-06-01 18:50 -------- d-----w- c:\windows\system32\CatRoot_bak
2012-06-01 18:49 . 2012-06-01 18:49 -------- d-----w- C:\rsit
2012-06-01 18:49 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-06-01 18:48 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-06-01 18:48 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2012-06-01 18:48 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2012-06-01 18:48 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2012-06-01 18:48 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2012-05-23 17:20 . 2012-05-23 17:20 -------- d-----w- C:\ubuntu
2012-05-23 16:53 . 2007-10-29 12:00 6144 -c--a-w- c:\windows\system32\dllcache\snmpmib.dll
2012-05-23 16:52 . 2007-10-29 12:00 471102 -c--a-w- c:\windows\system32\dllcache\imskdic.dll
2012-05-23 16:51 . 2007-10-29 12:00 372736 -c--a-w- c:\windows\system32\dllcache\asp51.dll
2012-05-23 16:49 . 2007-10-29 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2012-05-23 16:49 . 2007-10-29 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2012-05-23 16:49 . 2007-10-29 12:00 118784 ----a-w- c:\windows\system32\msg723.acm
2012-05-23 16:49 . 2007-10-29 12:00 188416 ----a-w- c:\windows\system32\msh261.drv
2012-05-23 16:09 . 2007-10-29 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2012-05-23 16:09 . 2007-10-29 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2012-05-23 16:09 . 2007-10-29 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2012-05-23 16:09 . 2007-10-29 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\l2schemas
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\system32\cs
2012-05-23 15:10 . 2012-05-23 15:10 -------- d-----w- c:\windows\system32\bits
2012-05-23 14:52 . 2012-05-23 14:52 -------- d-----w- c:\program files\AVAST Software
2012-05-23 14:52 . 2012-05-23 14:52 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVAST Software
2012-05-21 18:59 . 2012-05-21 19:12 -------- d-----w- C:\dex2jar
2012-05-21 17:52 . 2012-05-21 17:53 -------- d-----w- c:\documents and settings\Worker\.ssh
2012-05-21 17:23 . 2012-05-21 17:23 -------- d-----w- c:\documents and settings\Worker\Data aplikací\GitHub
2012-05-21 17:22 . 2012-05-21 17:51 -------- d-----w- c:\documents and settings\Worker\Local Settings\Data aplikací\GitHub
2012-05-13 20:02 . 2012-05-13 20:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Ask
2012-05-13 14:55 . 2012-05-23 14:08 -------- d-----w- c:\program files\WhoCrashed
2012-05-08 16:47 . 2012-05-23 13:57 -------- d-----w- c:\program files\Savage2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2020-08-14 15:24 . 2009-11-23 19:14 25280 ------w- c:\windows\system32\drivers\hamachi.sys
2012-05-23 13:42 . 2009-04-25 07:33 3022 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2012-05-15 10:18 . 2012-04-08 14:33 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-05-15 10:18 . 2012-04-08 14:33 65536 ----a-w- c:\windows\system32\OpenCL.dll
2012-05-15 10:18 . 2012-04-08 14:33 2530624 ----a-w- c:\windows\system32\nvcuvid.dll
2012-05-15 10:18 . 2012-04-08 14:33 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-05-15 10:18 . 2012-04-08 14:33 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
2012-05-15 10:18 . 2012-04-08 14:33 17543168 ----a-w- c:\windows\system32\nvcompiler.dll
2012-05-15 10:18 . 2007-12-04 17:41 6012928 ----a-w- c:\windows\system32\nvcuda.dll
2012-05-15 10:18 . 2007-12-04 17:41 4373248 ----a-w- c:\windows\system32\nv4_disp.dll
2012-05-15 10:18 . 2007-12-04 17:41 2359808 ----a-w- c:\windows\system32\nvapi.dll
2012-05-15 10:18 . 2007-12-04 17:41 18771968 ----a-w- c:\windows\system32\nvoglnt.dll
2012-05-15 10:18 . 2007-12-04 17:41 14014656 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2012-05-15 09:43 . 2007-12-04 17:41 229376 ----a-w- c:\windows\system32\nvrszhc.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsit.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsth.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrssv.dll
2012-05-15 09:43 . 2007-12-04 17:41 126976 ----a-w- c:\windows\system32\nvrszht.dll
2012-05-15 09:43 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrsar.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrsel.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsnl.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsesm.dll
2012-05-15 09:43 . 2007-12-04 17:41 266240 ----a-w- c:\windows\system32\nvrsko.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrseng.dll
2012-05-15 09:43 . 2007-12-04 17:41 335872 ----a-w- c:\windows\system32\nvrshe.dll
2012-05-15 09:43 . 2007-12-04 17:41 286720 ----a-w- c:\windows\system32\nvrsfr.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrspt.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssl.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsno.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrsfi.dll
2012-05-15 09:43 . 2007-12-04 17:41 282624 ----a-w- c:\windows\system32\nvrses.dll
2012-05-15 09:43 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsru.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrssk.dll
2012-05-15 09:43 . 2007-12-04 17:41 262144 ----a-w- c:\windows\system32\nvrshu.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrstr.dll
2012-05-15 09:43 . 2007-12-04 17:41 253952 ----a-w- c:\windows\system32\nvrsda.dll
2012-05-15 09:43 . 2007-12-04 17:41 274432 ----a-w- c:\windows\system32\nvrsja.dll
2012-05-15 09:43 . 2007-12-04 17:41 258048 ----a-w- c:\windows\system32\nvrspl.dll
2012-05-15 09:43 . 2007-12-04 17:41 278528 ----a-w- c:\windows\system32\nvrsde.dll
2012-05-15 09:43 . 2007-12-04 17:41 270336 ----a-w- c:\windows\system32\nvrsptb.dll
2012-05-15 09:43 . 2007-12-04 17:41 249856 ----a-w- c:\windows\system32\nvrscs.dll
2012-05-15 09:40 . 2007-12-04 17:41 54272 ----a-w- c:\windows\system32\nvwddi.dll
2012-05-15 09:40 . 2007-12-04 17:41 15504192 ----a-w- c:\windows\system32\nvcpl.dll
2012-05-15 09:40 . 2007-12-04 17:41 143680 ----a-w- c:\windows\system32\nvcolor.exe
2012-05-15 09:40 . 2007-12-04 17:41 164160 ----a-w- c:\windows\system32\nvsvc32.exe
2012-05-15 09:40 . 2007-12-04 17:41 108352 ----a-w- c:\windows\system32\nvmctray.dll
2012-05-07 12:26 . 2012-04-05 18:08 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-07 12:26 . 2011-06-03 04:35 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-10 13:27 . 2012-04-10 13:27 53248 ----a-r- c:\documents and settings\Worker\Data aplikací\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-04-08 14:24 . 2012-04-08 14:24 141312 ----a-w- c:\windows\system32javacpl.cpl
2012-04-08 14:24 . 2012-04-08 14:24 0 ----a-w- c:\windows\system32\RENBFA.tmp
2012-04-08 14:24 . 2012-04-08 14:24 0 ----a-w- c:\windows\system32\RENBF9.tmp
2012-03-25 13:40 . 2012-03-25 13:40 1060864 ----a-w- c:\windows\system32\mfc71.dll
2012-03-25 12:26 . 2009-12-18 12:43 87608 ----a-w- c:\documents and settings\Worker\Data aplikací\inst.exe
2012-03-25 12:26 . 2009-12-18 12:43 47360 ----a-w- c:\documents and settings\Worker\Data aplikací\pcouffin.sys
2009-02-15 13:54 . 2009-02-15 13:54 1038968 ----a-w- c:\program files\Google_Updater.exe
2007-05-25 09:55 . 2008-06-30 16:24 1972895 ----a-w- c:\program files\Chalk.exe
2012-05-26 05:54 . 2011-04-06 15:52 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:19 . 3440C414044935B124B5821C0994B37F . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\1dab8d41b73a912c39f7d3fd77a4df39\es.dll
[-] 2008-04-14 03:21 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\44c8256673ca0542cb198384f8131b68\es.dll
[7] 2007-10-29 11:00 . 972378B907070F64932A87C90A035487 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB901214$\$NtUninstallKB902400$\es.dll
[7] 2005-07-26 04:42 . 8B1B932554B6317E97AE3B9D05344470 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll
[7] 2005-07-26 04:30 . 7B9199B6809586DC2CF30D411CECBD33 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
.
((((((((((((((((((((((((((((( SnapShot@2012-06-01_19.36.53 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-02 09:19 . 2012-06-02 09:19 16384 c:\windows\temp\Perflib_Perfdata_74c.dat
+ 2007-10-29 12:00 . 2009-06-25 08:48 59392 c:\windows\system32\wdigest.dll
+ 2007-10-29 12:00 . 2006-10-04 13:34 50176 c:\windows\system32\utilman.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 50176 c:\windows\system32\utilman.exe
+ 2007-10-29 12:00 . 2006-10-04 13:39 36352 c:\windows\system32\umandlg.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 36352 c:\windows\system32\umandlg.dll
+ 2007-10-29 12:00 . 2009-06-15 11:33 81408 c:\windows\system32\tlntsess.exe
+ 2007-10-29 12:00 . 2009-06-15 11:33 78336 c:\windows\system32\telnet.exe
+ 2007-10-29 12:00 . 2009-06-25 08:48 56320 c:\windows\system32\secur32.dll
+ 2007-10-29 12:00 . 2009-02-06 16:54 35328 c:\windows\system32\sc.exe
+ 2007-10-29 12:00 . 2009-10-12 13:54 69632 c:\windows\system32\raschap.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 69632 c:\windows\system32\raschap.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 39424 c:\windows\system32\pngfilt.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 39424 c:\windows\system32\pngfilt.dll
+ 2007-10-29 12:00 . 2006-10-04 13:34 54784 c:\windows\system32\narrator.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 54784 c:\windows\system32\narrator.exe
+ 2008-02-25 20:44 . 2008-06-12 14:19 91648 c:\windows\system32\mtxoci.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 66560 c:\windows\system32\mtxclu.dll
+ 2007-10-29 12:00 . 2008-06-12 14:19 66560 c:\windows\system32\mtxclu.dll
+ 2004-08-17 15:49 . 2009-11-27 17:35 17920 c:\windows\system32\msyuv.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 28672 c:\windows\system32\msvidc32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 11264 c:\windows\system32\msrle32.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 11264 c:\windows\system32\msrle32.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 58880 c:\windows\system32\msdtclog.dll
- 2008-02-25 20:44 . 2007-10-29 12:00 58880 c:\windows\system32\msdtclog.dll
+ 2007-10-29 12:00 . 2008-06-24 16:24 74240 c:\windows\system32\mscms.dll
+ 2007-10-29 12:00 . 2009-09-04 20:47 58880 c:\windows\system32\msasn1.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 48640 c:\windows\system32\mqupgrd.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 48640 c:\windows\system32\mqupgrd.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 95744 c:\windows\system32\mqsec.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 95744 c:\windows\system32\mqsec.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 16896 c:\windows\system32\mqise.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 16896 c:\windows\system32\mqise.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 47104 c:\windows\system32\mqdscli.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 47104 c:\windows\system32\mqdscli.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 19968 c:\windows\system32\mqbkup.exe
+ 2007-10-29 12:00 . 2009-06-22 11:49 19968 c:\windows\system32\mqbkup.exe
+ 2007-10-29 12:00 . 2006-10-04 13:34 72704 c:\windows\system32\magnify.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 72704 c:\windows\system32\magnify.exe
+ 2007-10-29 12:00 . 2008-06-10 03:52 96768 c:\windows\system32\logagent.exe
- 2007-10-29 12:00 . 2005-01-28 12:44 96768 c:\windows\system32\logagent.exe
+ 2007-10-29 12:00 . 2010-04-16 15:38 16384 c:\windows\system32\jsproxy.dll
+ 2004-08-17 15:49 . 2009-11-27 16:40 48128 c:\windows\system32\iyuv_32.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 96768 c:\windows\system32\inseng.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 96768 c:\windows\system32\inseng.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 81920 c:\windows\system32\ieencode.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 81920 c:\windows\system32\ieencode.dll
+ 2007-10-29 12:00 . 2009-10-15 17:22 82432 c:\windows\system32\fontsub.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 55808 c:\windows\system32\extmgr.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 55808 c:\windows\system32\extmgr.dll
+ 2007-10-29 12:00 . 2009-06-22 11:48 91776 c:\windows\system32\drivers\mqac.sys
+ 2007-10-29 12:00 . 2009-06-22 11:34 92544 c:\windows\system32\drivers\ksecdd.sys
+ 2007-10-29 12:00 . 2009-06-25 08:48 59392 c:\windows\system32\dllcache\wdigest.dll
+ 2007-10-29 12:00 . 2006-10-04 13:34 50176 c:\windows\system32\dllcache\utilman.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 50176 c:\windows\system32\dllcache\utilman.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2007-10-29 12:00 . 2006-10-04 13:39 36352 c:\windows\system32\dllcache\umandlg.dll
+ 2007-10-29 12:00 . 2009-06-15 11:33 81408 c:\windows\system32\dllcache\tlntsess.exe
+ 2007-10-29 12:00 . 2009-06-15 11:33 78336 c:\windows\system32\dllcache\telnet.exe
+ 2007-10-29 12:00 . 2009-06-25 08:48 56320 c:\windows\system32\dllcache\secur32.dll
+ 2007-10-29 12:00 . 2009-02-06 16:54 35328 c:\windows\system32\dllcache\sc.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 69632 c:\windows\system32\dllcache\raschap.dll
+ 2007-10-29 12:00 . 2009-10-12 13:54 69632 c:\windows\system32\dllcache\raschap.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 39424 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 39424 c:\windows\system32\dllcache\pngfilt.dll
+ 2007-10-29 12:00 . 2006-10-04 13:34 54784 c:\windows\system32\dllcache\narrator.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 54784 c:\windows\system32\dllcache\narrator.exe
+ 2008-02-25 20:44 . 2008-06-12 14:19 91648 c:\windows\system32\dllcache\mtxoci.dll
+ 2007-10-29 12:00 . 2008-06-12 14:19 66560 c:\windows\system32\dllcache\mtxclu.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 66560 c:\windows\system32\dllcache\mtxclu.dll
+ 2009-11-27 17:35 . 2009-11-27 17:35 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 28672 c:\windows\system32\dllcache\msvidc32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 58880 c:\windows\system32\dllcache\msdtclog.dll
- 2008-02-25 20:44 . 2007-10-29 12:00 58880 c:\windows\system32\dllcache\msdtclog.dll
+ 2007-10-29 12:00 . 2008-06-24 16:24 74240 c:\windows\system32\dllcache\mscms.dll
+ 2007-10-29 12:00 . 2009-09-04 20:47 58880 c:\windows\system32\dllcache\msasn1.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 48640 c:\windows\system32\dllcache\mqupgrd.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 48640 c:\windows\system32\dllcache\mqupgrd.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 95744 c:\windows\system32\dllcache\mqsec.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 95744 c:\windows\system32\dllcache\mqsec.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 16896 c:\windows\system32\dllcache\mqise.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 16896 c:\windows\system32\dllcache\mqise.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 47104 c:\windows\system32\dllcache\mqdscli.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2007-10-29 12:00 . 2009-06-22 11:49 19968 c:\windows\system32\dllcache\mqbkup.exe
+ 2007-10-29 12:00 . 2009-06-22 11:48 91776 c:\windows\system32\dllcache\mqac.sys
+ 2007-10-29 12:00 . 2006-10-04 13:34 72704 c:\windows\system32\dllcache\magnify.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 72704 c:\windows\system32\dllcache\magnify.exe
+ 2007-10-29 12:00 . 2008-06-10 03:52 96768 c:\windows\system32\dllcache\logagent.exe
- 2007-10-29 12:00 . 2005-01-28 12:44 96768 c:\windows\system32\dllcache\logagent.exe
+ 2007-10-29 12:00 . 2009-06-22 11:34 92544 c:\windows\system32\dllcache\ksecdd.sys
+ 2007-10-29 12:00 . 2010-04-16 15:38 16384 c:\windows\system32\dllcache\jsproxy.dll
+ 2009-11-27 16:40 . 2009-11-27 16:40 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 96768 c:\windows\system32\dllcache\inseng.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 96768 c:\windows\system32\dllcache\inseng.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 81920 c:\windows\system32\dllcache\ieencode.dll
+ 2008-02-25 20:45 . 2010-04-16 13:36 18432 c:\windows\system32\dllcache\iedw.exe
- 2008-02-25 20:45 . 2007-10-29 12:00 18432 c:\windows\system32\dllcache\iedw.exe
+ 2007-10-29 12:00 . 2009-10-15 17:22 82432 c:\windows\system32\dllcache\fontsub.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 55808 c:\windows\system32\dllcache\extmgr.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 55808 c:\windows\system32\dllcache\extmgr.dll
+ 2007-10-29 12:00 . 2009-12-14 07:37 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2008-02-25 20:44 . 2005-07-26 04:42 60416 c:\windows\system32\dllcache\colbact.dll
+ 2007-10-29 12:00 . 2010-01-13 14:10 85504 c:\windows\system32\dllcache\cabview.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 84992 c:\windows\system32\dllcache\avifil32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2007-10-29 12:00 . 2009-07-17 18:57 58880 c:\windows\system32\dllcache\atl.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 58880 c:\windows\system32\dllcache\atl.dll
+ 2007-10-29 12:00 . 2010-03-05 14:57 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2007-10-29 12:00 . 2009-12-14 07:37 33280 c:\windows\system32\csrsrv.dll
+ 2008-02-25 20:44 . 2005-07-26 04:42 60416 c:\windows\system32\colbact.dll
+ 2007-10-29 12:00 . 2010-01-13 14:10 85504 c:\windows\system32\cabview.dll
+ 2007-10-29 12:00 . 2009-11-27 16:40 84992 c:\windows\system32\avifil32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 84992 c:\windows\system32\avifil32.dll
+ 2007-10-29 12:00 . 2009-07-17 18:57 58880 c:\windows\system32\atl.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 58880 c:\windows\system32\atl.dll
+ 2007-10-29 12:00 . 2010-03-05 14:57 65536 c:\windows\system32\asycfilt.dll
+ 2009-11-27 17:35 . 2009-11-27 17:35 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:40 . 2009-11-27 16:40 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2012-06-02 08:28 . 2007-03-06 01:07 15072 c:\windows\$NtUninstallKB971032$\spmsg.dll
+ 2012-06-02 08:28 . 2007-03-06 01:07 22752 c:\windows\$NtUninstallKB971032$\spcustom.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 48640 c:\windows\$NtUninstallKB971032$\mqupgrd.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 48640 c:\windows\$NtUninstallKB971032$\mqupgrd.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 95744 c:\windows\$NtUninstallKB971032$\mqsec.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 95744 c:\windows\$NtUninstallKB971032$\mqsec.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 16896 c:\windows\$NtUninstallKB971032$\mqise.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 16896 c:\windows\$NtUninstallKB971032$\mqise.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 47104 c:\windows\$NtUninstallKB971032$\mqdscli.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 47104 c:\windows\$NtUninstallKB971032$\mqdscli.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 19968 c:\windows\$NtUninstallKB971032$\mqbkup.exe
- 2009-08-15 07:12 . 2007-10-29 11:00 19968 c:\windows\$NtUninstallKB971032$\mqbkup.exe
+ 2009-08-15 07:12 . 2007-10-29 12:00 72960 c:\windows\$NtUninstallKB971032$\mqac.sys
- 2009-08-15 07:12 . 2007-07-06 10:05 72960 c:\windows\$NtUninstallKB971032$\mqac.sys
+ 2012-06-02 08:36 . 2006-12-14 08:53 15072 c:\windows\$NtUninstallKB935448$\spmsg.dll
+ 2012-06-02 08:36 . 2006-12-14 08:53 22752 c:\windows\$NtUninstallKB935448$\spcustom.dll
- 2009-05-22 05:00 . 2007-10-29 11:00 50176 c:\windows\$NtUninstallKB925720$\utilman.exe
+ 2009-05-22 05:00 . 2007-10-29 12:00 50176 c:\windows\$NtUninstallKB925720$\utilman.exe
+ 2009-05-22 05:00 . 2007-10-29 12:00 36352 c:\windows\$NtUninstallKB925720$\umandlg.dll
- 2009-05-22 05:00 . 2007-10-29 11:00 36352 c:\windows\$NtUninstallKB925720$\umandlg.dll
+ 2012-06-02 08:33 . 2005-10-12 23:13 15072 c:\windows\$NtUninstallKB925720$\spmsg.dll
+ 2012-06-02 08:33 . 2005-10-12 23:13 22752 c:\windows\$NtUninstallKB925720$\spcustom.dll
+ 2009-05-22 05:00 . 2007-10-29 12:00 54784 c:\windows\$NtUninstallKB925720$\narrator.exe
- 2009-05-22 05:00 . 2007-10-29 11:00 54784 c:\windows\$NtUninstallKB925720$\narrator.exe
- 2009-05-22 05:00 . 2007-10-29 11:00 72704 c:\windows\$NtUninstallKB925720$\magnify.exe
+ 2009-05-22 05:00 . 2007-10-29 12:00 72704 c:\windows\$NtUninstallKB925720$\magnify.exe
+ 2009-09-10 04:58 . 2007-03-06 01:07 22752 c:\windows\$hf_mig$\KB971961\update\spcustom.dll
+ 2009-09-10 04:58 . 2007-03-06 01:07 15072 c:\windows\$hf_mig$\KB971961\spmsg.dll
+ 2001-10-24 12:25 . 2009-11-27 16:40 8704 c:\windows\system32\tsbyuv.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 4608 c:\windows\system32\mqsvc.exe
+ 2007-10-29 12:00 . 2009-06-22 11:49 4608 c:\windows\system32\mqsvc.exe
+ 2009-11-27 16:40 . 2009-11-27 16:40 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2007-10-29 12:00 . 2009-06-22 11:49 4608 c:\windows\system32\dllcache\mqsvc.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 4608 c:\windows\system32\dllcache\mqsvc.exe
+ 2009-11-27 16:40 . 2009-11-27 16:40 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
- 2009-08-15 07:12 . 2007-10-29 11:00 4608 c:\windows\$NtUninstallKB971032$\mqsvc.exe
+ 2009-08-15 07:12 . 2007-10-29 12:00 4608 c:\windows\$NtUninstallKB971032$\mqsvc.exe
+ 2007-10-29 12:00 . 2010-04-16 13:47 360448 c:\windows\system32\xpsp3res.dll
+ 2007-10-29 12:00 . 2009-04-09 23:01 413032 c:\windows\system32\wmspdmod.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 233472 c:\windows\system32\wmpdxm.dll
+ 2007-10-29 12:00 . 2009-07-13 00:18 233472 c:\windows\system32\wmpdxm.dll
+ 2007-10-29 12:00 . 2007-10-20 04:01 227328 c:\windows\system32\wmasf.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 132096 c:\windows\system32\wkssvc.dll
+ 2007-10-29 12:00 . 2009-06-10 06:31 132096 c:\windows\system32\wkssvc.dll
+ 2007-10-29 12:00 . 2009-12-24 07:07 177664 c:\windows\system32\wintrust.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 663040 c:\windows\system32\wininet.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 351232 c:\windows\system32\winhttp.dll
+ 2007-10-29 12:00 . 2008-12-16 12:50 351232 c:\windows\system32\winhttp.dll
+ 2008-02-25 20:43 . 2009-02-06 16:39 227840 c:\windows\system32\wbem\wmiprvse.exe
+ 2008-02-25 20:43 . 2009-02-09 10:22 453120 c:\windows\system32\wbem\wmiprvsd.dll
+ 2008-02-25 20:43 . 2009-02-09 10:22 473088 c:\windows\system32\wbem\fastprox.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 417792 c:\windows\system32\vbscript.dll
+ 2007-10-29 12:00 . 2010-03-10 08:07 417792 c:\windows\system32\vbscript.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 625152 c:\windows\system32\urlmon.dll
+ 2007-10-29 12:00 . 2009-10-15 20:52 119808 c:\windows\system32\t2embed.dll
+ 2007-10-29 12:00 . 2009-08-26 08:16 247326 c:\windows\system32\strmdll.dll
+ 2007-10-29 12:00 . 2009-06-25 08:48 168448 c:\windows\system32\schannel.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 474112 c:\windows\system32\shlwapi.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 474112 c:\windows\system32\shlwapi.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 169472 c:\windows\system32\Setup\msmqocm.dll
+ 2007-10-29 12:00 . 2009-02-09 10:11 111104 c:\windows\system32\services.exe
+ 2007-10-29 12:00 . 2009-02-09 10:22 399360 c:\windows\system32\rpcss.dll
+ 2007-10-29 12:00 . 2009-04-15 15:18 584192 c:\windows\system32\rpcrt4.dll
+ 2007-10-29 12:00 . 2009-10-12 13:54 112640 c:\windows\system32\rastls.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 112640 c:\windows\system32\rastls.dll
+ 2007-10-29 12:00 . 2009-03-06 14:47 283648 c:\windows\system32\pdh.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 283648 c:\windows\system32\pdh.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 216064 c:\windows\system32\osk.exe
+ 2007-10-29 12:00 . 2006-10-04 13:34 216064 c:\windows\system32\osk.exe
+ 2007-10-29 12:00 . 2009-10-13 10:53 267776 c:\windows\system32\oakley.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 267776 c:\windows\system32\oakley.dll
+ 2007-10-29 12:00 . 2009-02-09 10:22 709632 c:\windows\system32\ntdll.dll
+ 2007-10-29 12:00 . 2008-10-15 17:00 332800 c:\windows\system32\netapi32.dll
+ 2007-10-29 12:00 . 2008-06-20 17:42 247296 c:\windows\system32\mswsock.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 247296 c:\windows\system32\mswsock.dll
+ 2007-10-29 12:00 . 2009-08-05 09:07 205312 c:\windows\system32\mswebdvd.dll
+ 2007-10-29 12:00 . 2009-09-11 14:35 133632 c:\windows\system32\msv1_0.dll
+ 2008-02-25 20:44 . 2009-06-05 07:46 655872 c:\windows\system32\mstscax.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 532480 c:\windows\system32\mstime.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 146432 c:\windows\system32\msrating.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 146432 c:\windows\system32\msrating.dll
- 2008-02-25 20:44 . 2007-10-29 12:00 343552 c:\windows\system32\mspaint.exe
+ 2008-02-25 20:44 . 2009-12-17 08:00 343552 c:\windows\system32\mspaint.exe
+ 2007-10-29 12:00 . 2010-04-16 15:38 449024 c:\windows\system32\mshtmled.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 161792 c:\windows\system32\msdtcuiu.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 956928 c:\windows\system32\msdtctm.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 428032 c:\windows\system32\msdtcprx.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 489472 c:\windows\system32\mqutil.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 489472 c:\windows\system32\mqutil.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 186880 c:\windows\system32\mqtrig.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 186880 c:\windows\system32\mqtrig.dll
+ 2007-10-29 12:00 . 2009-06-22 11:49 117248 c:\windows\system32\mqtgsvc.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 117248 c:\windows\system32\mqtgsvc.exe
+ 2007-10-29 12:00 . 2009-06-25 18:37 517120 c:\windows\system32\mqsnap.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 123392 c:\windows\system32\mqrtdep.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 123392 c:\windows\system32\mqrtdep.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 177152 c:\windows\system32\mqrt.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 177152 c:\windows\system32\mqrt.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 661504 c:\windows\system32\mqqm.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 225280 c:\windows\system32\mqoa.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 225280 c:\windows\system32\mqoa.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 138240 c:\windows\system32\mqad.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 138240 c:\windows\system32\mqad.dll
+ 2007-10-29 12:00 . 2009-06-25 08:48 723456 c:\windows\system32\lsasrv.dll
+ 2007-10-29 12:00 . 2009-05-07 15:44 345088 c:\windows\system32\localspl.dll
+ 2007-10-29 12:00 . 2009-03-21 14:21 984576 c:\windows\system32\kernel32.dll
+ 2007-10-29 12:00 . 2009-06-25 08:48 298496 c:\windows\system32\kerberos.dll
+ 2007-10-29 12:00 . 2009-08-21 06:52 450560 c:\windows\system32\jscript.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 450560 c:\windows\system32\jscript.dll
+ 2008-02-25 20:45 . 2010-01-29 15:07 683520 c:\windows\system32\inetcomm.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 251392 c:\windows\system32\iepeers.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 251392 c:\windows\system32\iepeers.dll
+ 2007-10-29 12:00 . 2008-10-23 13:01 283648 c:\windows\system32\gdi32.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 205312 c:\windows\system32\dxtrans.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 357888 c:\windows\system32\dxtmsft.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 357888 c:\windows\system32\dxtmsft.dll
+ 2007-10-29 12:00 . 2010-02-11 12:01 226880 c:\windows\system32\drivers\tcpip6.sys
+ 2007-10-29 12:00 . 2008-06-20 10:45 360320 c:\windows\system32\drivers\tcpip.sys
+ 2007-10-29 12:00 . 2009-12-31 16:14 352640 c:\windows\system32\drivers\srv.sys
+ 2007-10-29 12:00 . 2008-05-08 12:28 202752 c:\windows\system32\drivers\rmcast.sys
+ 2007-10-29 12:00 . 2010-02-24 12:31 454016 c:\windows\system32\drivers\mrxsmb.sys
+ 2007-10-29 12:00 . 2008-06-14 18:00 272128 c:\windows\system32\drivers\bthport.sys
+ 2007-10-29 12:00 . 2008-08-14 09:51 138368 c:\windows\system32\drivers\afd.sys
+ 2007-10-29 12:00 . 2008-06-20 17:42 148992 c:\windows\system32\dnsapi.dll
+ 2008-02-25 20:44 . 2008-04-21 21:28 216576 c:\windows\system32\dllcache\wordpad.exe
+ 2007-10-29 12:00 . 2009-04-09 23:01 413032 c:\windows\system32\dllcache\wmspdmod.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2007-10-29 12:00 . 2009-07-13 00:18 233472 c:\windows\system32\dllcache\wmpdxm.dll
+ 2008-02-25 20:43 . 2009-02-06 16:39 227840 c:\windows\system32\dllcache\wmiprvse.exe
+ 2008-02-25 20:43 . 2009-02-09 10:22 453120 c:\windows\system32\dllcache\wmiprvsd.dll
+ 2007-10-29 12:00 . 2007-10-20 04:01 227328 c:\windows\system32\dllcache\wmasf.dll
+ 2007-10-29 12:00 . 2009-06-10 06:31 132096 c:\windows\system32\dllcache\wkssvc.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 132096 c:\windows\system32\dllcache\wkssvc.dll
+ 2007-10-29 12:00 . 2009-12-24 07:07 177664 c:\windows\system32\dllcache\wintrust.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 663040 c:\windows\system32\dllcache\wininet.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 351232 c:\windows\system32\dllcache\winhttp.dll
+ 2007-10-29 12:00 . 2008-12-16 12:50 351232 c:\windows\system32\dllcache\winhttp.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 417792 c:\windows\system32\dllcache\vbscript.dll
+ 2007-10-29 12:00 . 2010-03-10 08:07 417792 c:\windows\system32\dllcache\vbscript.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 625152 c:\windows\system32\dllcache\urlmon.dll
- 2008-02-25 20:45 . 2007-10-29 12:00 153088 c:\windows\system32\dllcache\triedit.dll
+ 2008-02-25 20:45 . 2009-06-21 22:07 153088 c:\windows\system32\dllcache\triedit.dll
+ 2007-10-29 12:00 . 2010-02-11 12:01 226880 c:\windows\system32\dllcache\tcpip6.sys
+ 2007-10-29 12:00 . 2008-06-20 10:45 360320 c:\windows\system32\dllcache\tcpip.sys
+ 2007-10-29 12:00 . 2009-10-15 20:52 119808 c:\windows\system32\dllcache\t2embed.dll
+ 2007-10-29 12:00 . 2009-08-26 08:16 247326 c:\windows\system32\dllcache\strmdll.dll
+ 2007-10-29 12:00 . 2009-12-31 16:14 352640 c:\windows\system32\dllcache\srv.sys
+ 2007-10-29 12:00 . 2009-06-25 08:48 168448 c:\windows\system32\dllcache\schannel.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 474112 c:\windows\system32\dllcache\shlwapi.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2007-10-29 12:00 . 2009-02-09 10:11 111104 c:\windows\system32\dllcache\services.exe
+ 2007-10-29 12:00 . 2009-02-09 10:22 399360 c:\windows\system32\dllcache\rpcss.dll
+ 2007-10-29 12:00 . 2009-04-15 15:18 584192 c:\windows\system32\dllcache\rpcrt4.dll
+ 2007-10-29 12:00 . 2008-05-08 12:28 202752 c:\windows\system32\dllcache\rmcast.sys
- 2007-10-29 12:00 . 2007-10-29 12:00 112640 c:\windows\system32\dllcache\rastls.dll
+ 2007-10-29 12:00 . 2009-10-12 13:54 112640 c:\windows\system32\dllcache\rastls.dll
+ 2007-10-29 12:00 . 2009-03-06 14:47 283648 c:\windows\system32\dllcache\pdh.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 283648 c:\windows\system32\dllcache\pdh.dll
+ 2007-10-29 12:00 . 2006-10-04 13:34 216064 c:\windows\system32\dllcache\osk.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 216064 c:\windows\system32\dllcache\osk.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 267776 c:\windows\system32\dllcache\oakley.dll
+ 2007-10-29 12:00 . 2009-10-13 10:53 267776 c:\windows\system32\dllcache\oakley.dll
+ 2007-10-29 12:00 . 2009-02-09 10:22 709632 c:\windows\system32\dllcache\ntdll.dll
+ 2007-10-29 12:00 . 2008-10-15 17:00 332800 c:\windows\system32\dllcache\netapi32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2007-10-29 12:00 . 2008-06-20 17:42 247296 c:\windows\system32\dllcache\mswsock.dll
+ 2007-10-29 12:00 . 2009-08-05 09:07 205312 c:\windows\system32\dllcache\mswebdvd.dll
+ 2007-10-29 12:00 . 2009-09-11 14:35 133632 c:\windows\system32\dllcache\msv1_0.dll
+ 2008-02-25 20:44 . 2009-06-05 07:46 655872 c:\windows\system32\dllcache\mstscax.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 532480 c:\windows\system32\dllcache\mstime.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 146432 c:\windows\system32\dllcache\msrating.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 146432 c:\windows\system32\dllcache\msrating.dll
- 2008-02-25 20:44 . 2007-10-29 12:00 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2008-02-25 20:44 . 2009-12-17 08:00 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2007-10-29 12:00 . 2009-06-25 18:37 169472 c:\windows\system32\dllcache\msmqocm.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 449024 c:\windows\system32\dllcache\mshtmled.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 161792 c:\windows\system32\dllcache\msdtcuiu.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 956928 c:\windows\system32\dllcache\msdtctm.dll
+ 2008-02-25 20:44 . 2008-06-12 14:19 428032 c:\windows\system32\dllcache\msdtcprx.dll
- 2008-02-25 20:45 . 2007-10-29 12:00 331776 c:\windows\system32\dllcache\msadce.dll
+ 2008-02-25 20:45 . 2008-05-01 14:33 331776 c:\windows\system32\dllcache\msadce.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 489472 c:\windows\system32\dllcache\mqutil.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 489472 c:\windows\system32\dllcache\mqutil.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 186880 c:\windows\system32\dllcache\mqtrig.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 186880 c:\windows\system32\dllcache\mqtrig.dll
+ 2007-10-29 12:00 . 2009-06-22 11:49 117248 c:\windows\system32\dllcache\mqtgsvc.exe
- 2007-10-29 12:00 . 2007-10-29 12:00 117248 c:\windows\system32\dllcache\mqtgsvc.exe
+ 2007-10-29 12:00 . 2009-06-25 18:37 517120 c:\windows\system32\dllcache\mqsnap.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 123392 c:\windows\system32\dllcache\mqrtdep.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 123392 c:\windows\system32\dllcache\mqrtdep.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 177152 c:\windows\system32\dllcache\mqrt.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 177152 c:\windows\system32\dllcache\mqrt.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 661504 c:\windows\system32\dllcache\mqqm.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 225280 c:\windows\system32\dllcache\mqoa.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 225280 c:\windows\system32\dllcache\mqoa.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 138240 c:\windows\system32\dllcache\mqad.dll
+ 2007-10-29 12:00 . 2009-06-25 18:37 138240 c:\windows\system32\dllcache\mqad.dll
+ 2007-10-29 12:00 . 2009-06-25 08:48 723456 c:\windows\system32\dllcache\lsasrv.dll
+ 2007-10-29 12:00 . 2009-05-07 15:44 345088 c:\windows\system32\dllcache\localspl.dll
+ 2007-10-29 12:00 . 2009-03-21 14:21 984576 c:\windows\system32\dllcache\kernel32.dll
+ 2007-10-29 12:00 . 2009-06-25 08:48 298496 c:\windows\system32\dllcache\kerberos.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 450560 c:\windows\system32\dllcache\jscript.dll
+ 2007-10-29 12:00 . 2009-08-21 06:52 450560 c:\windows\system32\dllcache\jscript.dll
+ 2008-02-25 20:45 . 2010-01-29 15:07 683520 c:\windows\system32\dllcache\inetcomm.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 251392 c:\windows\system32\dllcache\iepeers.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 251392 c:\windows\system32\dllcache\iepeers.dll
+ 2008-02-25 20:45 . 2010-06-14 14:30 743936 c:\windows\system32\dllcache\helpsvc.exe
- 2008-02-25 20:45 . 2007-10-29 12:00 743936 c:\windows\system32\dllcache\helpsvc.exe
+ 2007-10-29 12:00 . 2008-10-23 13:01 283648 c:\windows\system32\dllcache\gdi32.dll
+ 2008-02-25 20:43 . 2009-02-09 10:22 473088 c:\windows\system32\dllcache\fastprox.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 205312 c:\windows\system32\dllcache\dxtrans.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 357888 c:\windows\system32\dllcache\dxtmsft.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 357888 c:\windows\system32\dllcache\dxtmsft.dll
+ 2007-10-29 12:00 . 2008-06-20 17:42 148992 c:\windows\system32\dllcache\dnsapi.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 151552 c:\windows\system32\dllcache\cdfview.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2007-10-29 12:00 . 2010-04-20 05:48 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2007-10-29 12:00 . 2008-08-14 09:51 138368 c:\windows\system32\dllcache\afd.sys
+ 2007-10-29 12:00 . 2009-02-09 10:22 683520 c:\windows\system32\dllcache\advapi32.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 683520 c:\windows\system32\dllcache\advapi32.dll
+ 2007-10-29 12:00 . 2009-11-21 16:46 470528 c:\windows\system32\dllcache\aclayers.dll
+ 2007-10-29 12:00 . 2010-02-12 04:47 100864 c:\windows\system32\dllcache\6to4svc.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 151552 c:\windows\system32\cdfview.dll
+ 2007-10-29 12:00 . 2010-04-20 05:48 285696 c:\windows\system32\atmfd.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 285696 c:\windows\system32\atmfd.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 683520 c:\windows\system32\advapi32.dll
+ 2007-10-29 12:00 . 2009-02-09 10:22 683520 c:\windows\system32\advapi32.dll
+ 2007-10-29 12:00 . 2010-02-12 04:47 100864 c:\windows\system32\6to4svc.dll
- 2008-02-25 20:45 . 2007-10-29 12:00 743936 c:\windows\pchealth\helpctr\binaries\HelpSvc.exe
+ 2008-02-25 20:45 . 2010-06-14 14:30 743936 c:\windows\pchealth\helpctr\binaries\helpsvc.exe
+ 2012-06-01 18:48 . 2010-02-24 12:31 454016 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2012-06-01 18:49 . 2008-06-14 18:00 272128 c:\windows\Driver Cache\i386\bthport.sys
+ 2007-10-29 12:00 . 2009-11-21 16:46 470528 c:\windows\AppPatch\aclayers.dll
+ 2012-06-02 08:28 . 2007-03-06 01:08 379616 c:\windows\$NtUninstallKB971032$\updspapi.dll
+ 2012-06-02 08:28 . 2007-03-06 01:07 720096 c:\windows\$NtUninstallKB971032$\update.exe
+ 2012-06-02 08:28 . 2007-03-06 01:07 215776 c:\windows\$NtUninstallKB971032$\spuninst.exe
- 2009-08-15 07:12 . 2007-10-29 11:00 169984 c:\windows\$NtUninstallKB971032$\msmqocm.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 169984 c:\windows\$NtUninstallKB971032$\msmqocm.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 489472 c:\windows\$NtUninstallKB971032$\mqutil.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 489472 c:\windows\$NtUninstallKB971032$\mqutil.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 186880 c:\windows\$NtUninstallKB971032$\mqtrig.dll
- 2009-08-15 07:12 . 2007-10-29 11:00 186880 c:\windows\$NtUninstallKB971032$\mqtrig.dll
- 2009-08-15 07:12 . 2007-10-29 11:00 117248 c:\windows\$NtUninstallKB971032$\mqtgsvc.exe
+ 2009-08-15 07:12 . 2007-10-29 12:00 117248 c:\windows\$NtUninstallKB971032$\mqtgsvc.exe
- 2009-08-15 07:12 . 2007-10-29 11:00 517632 c:\windows\$NtUninstallKB971032$\mqsnap.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 517632 c:\windows\$NtUninstallKB971032$\mqsnap.dll
- 2009-08-15 07:12 . 2007-10-29 11:00 123392 c:\windows\$NtUninstallKB971032$\mqrtdep.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 123392 c:\windows\$NtUninstallKB971032$\mqrtdep.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 177152 c:\windows\$NtUninstallKB971032$\mqrt.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 177152 c:\windows\$NtUninstallKB971032$\mqrt.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 660992 c:\windows\$NtUninstallKB971032$\mqqm.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 660992 c:\windows\$NtUninstallKB971032$\mqqm.dll
- 2009-08-15 07:12 . 2007-10-29 11:00 225280 c:\windows\$NtUninstallKB971032$\mqoa.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 225280 c:\windows\$NtUninstallKB971032$\mqoa.dll
- 2009-08-15 07:12 . 2007-07-06 12:51 138240 c:\windows\$NtUninstallKB971032$\mqad.dll
+ 2009-08-15 07:12 . 2007-10-29 12:00 138240 c:\windows\$NtUninstallKB971032$\mqad.dll
+ 2012-06-02 08:36 . 2006-12-14 08:53 379616 c:\windows\$NtUninstallKB935448$\updspapi.dll
+ 2012-06-02 08:36 . 2006-12-14 08:53 720096 c:\windows\$NtUninstallKB935448$\update.exe
+ 2012-06-02 08:36 . 2006-12-14 08:53 215776 c:\windows\$NtUninstallKB935448$\spuninst.exe
+ 2012-06-02 08:33 . 2005-10-12 23:13 379616 c:\windows\$NtUninstallKB925720$\updspapi.dll
+ 2012-06-02 08:33 . 2005-10-12 23:13 720096 c:\windows\$NtUninstallKB925720$\update.exe
+ 2012-06-02 08:33 . 2005-10-12 23:13 215776 c:\windows\$NtUninstallKB925720$\spuninst.exe
+ 2009-05-22 05:00 . 2007-10-29 12:00 216064 c:\windows\$NtUninstallKB925720$\osk.exe
- 2009-05-22 05:00 . 2007-10-29 11:00 216064 c:\windows\$NtUninstallKB925720$\osk.exe
- 2010-03-16 06:10 . 2009-05-26 16:10 391032 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2010-03-16 06:10 . 2009-05-26 15:10 391032 c:\windows\$hf_mig$\KB975561\update\updspapi.dll
+ 2009-09-10 04:58 . 2007-03-06 01:08 379616 c:\windows\$hf_mig$\KB971961\update\updspapi.dll
+ 2009-09-10 04:58 . 2007-03-06 01:07 720096 c:\windows\$hf_mig$\KB971961\update\update.exe
+ 2009-09-10 04:58 . 2007-03-06 01:07 215776 c:\windows\$hf_mig$\KB971961\spuninst.exe
+ 2012-06-01 18:45 . 2009-08-21 06:46 450560 c:\windows\$hf_mig$\KB971961\SP2QFE\jscript.dll
+ 2010-01-14 13:15 . 2009-05-26 15:10 391032 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
- 2010-01-14 13:15 . 2009-05-26 16:10 391032 c:\windows\$hf_mig$\KB955759\update\updspapi.dll
- 2008-11-13 06:07 . 2008-07-09 12:06 391032 c:\windows\$hf_mig$\KB955069\update\updspapi.dll
+ 2008-11-13 06:07 . 2008-07-09 11:06 391032 c:\windows\$hf_mig$\KB955069\update\updspapi.dll
- 2009-10-14 13:54 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2012-06-01 18:48 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
+ 2009-10-14 13:54 . 2009-08-13 13:56 1748992 c:\windows\WinSxS\InstallTemp\11644049\GdiPlus.dll
+ 2007-10-29 12:00 . 2010-04-03 04:39 2377576 c:\windows\system32\WMVCore.dll
+ 2007-10-29 12:00 . 2010-02-16 05:27 4734976 c:\windows\system32\wmp.dll
+ 2007-10-29 12:00 . 2008-06-10 04:28 1028096 c:\windows\system32\WMNetmgr.dll
+ 2007-10-29 12:00 . 2010-05-02 08:27 1850880 c:\windows\system32\win32k.sys
+ 2007-10-29 12:00 . 2008-07-03 13:15 8458752 c:\windows\system32\shell32.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 1506816 c:\windows\system32\shdocvw.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 1437696 c:\windows\system32\query.dll
+ 2007-10-29 12:00 . 2009-07-17 16:27 1437696 c:\windows\system32\query.dll
+ 2007-10-29 12:00 . 2010-02-05 18:40 1293824 c:\windows\system32\quartz.dll
+ 2007-10-29 12:00 . 2010-02-16 19:34 2139136 c:\windows\system32\ntoskrnl.exe
+ 2004-08-17 15:45 . 2010-02-16 19:34 2018816 c:\windows\system32\ntkrnlpa.exe
+ 2007-10-29 12:00 . 2009-07-31 04:59 1172480 c:\windows\system32\msxml3.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 3086336 c:\windows\system32\mshtml.dll
+ 2008-02-25 21:38 . 2012-06-02 09:00 3602424 c:\windows\system32\FNTCACHE.DAT
+ 2007-10-29 12:00 . 2010-04-03 04:39 2377576 c:\windows\system32\dllcache\WMVCore.dll
+ 2007-10-29 12:00 . 2010-02-16 05:27 4734976 c:\windows\system32\dllcache\wmp.dll
+ 2007-10-29 12:00 . 2008-06-10 04:28 1028096 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2007-10-29 12:00 . 2010-05-02 08:27 1850880 c:\windows\system32\dllcache\win32k.sys
+ 2007-10-29 12:00 . 2008-07-03 13:15 8458752 c:\windows\system32\dllcache\shell32.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 1506816 c:\windows\system32\dllcache\shdocvw.dll
- 2007-10-29 12:00 . 2007-10-29 12:00 1437696 c:\windows\system32\dllcache\query.dll
+ 2007-10-29 12:00 . 2009-07-17 16:27 1437696 c:\windows\system32\dllcache\query.dll
+ 2007-10-29 12:00 . 2010-02-05 18:40 1293824 c:\windows\system32\dllcache\quartz.dll
+ 2007-10-29 12:00 . 2009-07-31 04:59 1172480 c:\windows\system32\dllcache\msxml3.dll
+ 2008-02-25 20:45 . 2010-01-29 15:07 1315840 c:\windows\system32\dllcache\msoe.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 3086336 c:\windows\system32\dllcache\mshtml.dll
- 2008-02-25 20:45 . 2007-10-29 12:00 3555328 c:\windows\system32\dllcache\moviemk.exe
+ 2008-02-25 20:45 . 2009-10-23 14:27 3555328 c:\windows\system32\dllcache\moviemk.exe
+ 2007-10-29 12:00 . 2010-04-16 15:38 1055232 c:\windows\system32\dllcache\danim.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 1023488 c:\windows\system32\dllcache\browseui.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 1055232 c:\windows\system32\danim.dll
+ 2007-10-29 12:00 . 2010-04-16 15:38 1023488 c:\windows\system32\browseui.dll
+ 2012-06-01 18:48 . 2010-02-16 19:34 2183552 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2012-06-01 18:48 . 2010-02-16 19:34 2018816 c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2012-06-01 18:48 . 2010-02-16 19:34 2060544 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2012-06-01 18:48 . 2010-02-16 19:34 2139136 c:\windows\Driver Cache\i386\ntkrnlmp.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GM4IE"="c:\program files\GM4IE\gm4ie.exe" [2006-07-23 61440]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"OscarEditor"="c:\program files\OSCAR Editor X7\OscarEditor.exe" [2010-07-22 2636800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2010-05-07 165208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2012-05-15 108352]
"RTHDCPL"="RTHDCPL.EXE" [2007-07-05 16380416]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2007-10-29 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2007-10-29 44544]
.
c:\documents and settings\Worker\Nabídka Start\Programy\Po spuštění\
Dropbox.lnk - c:\documents and settings\Worker\Data aplikací\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
Touchpad Server.lnk - c:\program files\Things & Stuff\Touchpad Server\TouchpadServer.exe [2012-4-26 97280]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Media Key.lnk - c:\program files\Media Key\MagicKey.exe [2012-3-4 159744]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamersFirst LIVE!.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamersFirst LIVE!.lnk
backup=c:\windows\pss\GamersFirst LIVE!.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-15 17:50 417792 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTBatteryMeter]
2003-01-16 10:32 49152 ----a-w- c:\program files\VibrateGameDeviceDriver\rfpicon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"HssWd"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Hamachi\\hamachi.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\World of Warcraft\\WoW-x.x.x.x-4.0.0.12911-Downloader.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Documents and Settings\\Worker\\Data aplikací\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"d:\\Uziv\\Jira\\Program Files\\LOTRO\\lotroclient.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Java\\jre7\\bin\\java.exe"=
"c:\\Documents and Settings\\Worker\\Local Settings\\Data aplikací\\Sun\\Java\\Deployment\\cache\\6.0\\45\\2acec7ad-630329c9-1.4.2--n\\eigcc_main.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\Program Files\\Valve\\Portal 2\\portal2.exe"=
"c:\\Program Files\\Things & Stuff\\Touchpad Server\\TouchpadServer.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NVIDIA Update Core\\daemonu.exe"=
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 14:46 63352]
R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [4.3.2012 12:03 12856]
R1 UsbFltr;WayTechUSBFilterDriver;c:\windows\system32\drivers\UsbFltr.sys [4.3.2012 12:03 9291]
R2 athsgt;athsgt;c:\windows\system32\drivers\athsgt.sys [26.7.2008 20:42 164992]
R2 HamachiService;Hamachi Service;c:\program files\Hamachi\hamachi.exe [14.8.2020 17:24 624416]
R2 limsgt;limsgt;c:\windows\system32\drivers\limsgt.sys [26.7.2008 20:42 12544]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [8.4.2012 16:34 1262400]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 14:16 130384]
S2 gupdate1c98f7666d64ee2;Služba Google Update (gupdate1c98f7666d64ee2);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 16:04 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [29.2.2012 9:50 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5.4.2012 20:08 257696]
S3 CFcatchme;CFcatchme;\??\c:\docume~1\Worker\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Worker\LOCALS~1\Temp\CFcatchme.sys [?]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
S3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [15.2.2009 16:04 133104]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14.1.2008 12:06 21632]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 nrtap;NeoRouter Virtual Network Interface;c:\windows\system32\drivers\nrtap.sys [1.9.2009 21:06 24576]
S3 Pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [18.12.2009 14:43 47360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [18.1.2011 18:43 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys --> c:\windows\system32\DRIVERS\VBoxNetFlt.sys [?]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\drivers\vcsvad.sys [19.11.2011 11:22 17792]
S3 vproiah;vproiah;c:\windows\system32\DRIVERS\vproiah.sys --> c:\windows\system32\DRIVERS\vproiah.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 14:16 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [11.7.2008 2:28 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10.7.2008 3:49 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [11.7.2008 2:28 369688]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:26]
.
2020-08-14 c:\windows\Tasks\User_Feed_Synchronization-{9738FE7F-7ACE-45C0-B9AA-1A9B2F763858}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 17:36]
.
.
------- Doplňkový sken -------
.
uStart Page =
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = local;127.0.0.1:9421;
IE: Baixar com o Rapidown... - c:\program files\Rapidown\rapidownGet.htm
IE: Baixar tudo com o Rapidown... - c:\program files\Rapidown\rapidownGetAll.htm
IE: Sothink SWF Catcher - c:\program files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
IE: {{57E91B47-F40A-11D1-B792-444553540011} - c:\program files\Rapidown\rapidown.exe
TCP: Interfaces\{C660AAAB-4E42-41D3-A3BA-B9A9756E7E09}: NameServer = 10.0.0.138,10.0.0.225
TCP: Interfaces\{DACF0F24-31C4-489D-BC12-8A57D74230C6}: NameServer = 10.0.0.138
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {3188FB46-456D-4C07-8A11-F5F3BBBA8AF2} - hxxp://www.seetoo.com/downloadAddon.php?platfo ... ersion=7.0
DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} - hxxp://www.myheritage.cz/Genoogle/Components/A ... eQuery.dll
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
FF - ProfilePath - c:\documents and settings\Worker\Data aplikací\Mozilla\Firefox\Profiles\zqmkaahb.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-02 11:20
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1454471165-287218729-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(6376)
c:\windows\system32\logishrd\LVPrcInj01.dll
c:\documents and settings\Worker\Data aplikací\Dropbox\bin\DropboxExt.14.dll
c:\program files\OSCAR Editor X7\DLL\DLL_Wheel4D.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Media Key\OSD.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Celkový čas: 2012-06-02 11:25:56 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-06-02 09:25
ComboFix2.txt 2012-06-01 19:39
.
Před spuštěním: Volných bajtů: 46 602 301 440
Po spuštění: Volných bajtů: 46 490 484 736
.
- - End Of File - - 58ABD6427A6AEF8B9A06BD429B6CB7BC
Nahr nˇ probŘhlo ŁspŘçnŘ

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 12:13
od Rudy
Log již vypadá OK. Nastala nějaká změna?

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 12:23
od Sejsel
Počítač už jede rychleji, pořád mi ale přijde takový.. pomalejší. Avast stále nejede, jinak je vše v pořádku.

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 12:49
od Rudy
Avast zkuste reinstalovat a udělejte defragmentaci disku.

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 12:57
od Sejsel
Avast mi bohužel nejde ani odinstalovat (ani přes CCleaner).
Fragmentaci mám 27%, už defragmentuji přes Defraggler (Největší podíl na tom má disk.root z Ubuntu). Pořád lepší než 54% minule.

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 13:39
od Rudy
Zkuste originální odinstalační utilitu: http://www.avast.com/uninstall-utility .

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 14:11
od Sejsel
Avast vypadá plně funkční. Defragmentace ještě chvilku poběží, potom napíšu jestli se to zlepšilo.

Re: Pomalý PC, hraje melodie

Napsal: 02 čer 2012 14:18
od Rudy
OK.

Re: Pomalý PC, hraje melodie

Napsal: 03 čer 2012 06:31
od Sejsel
Vše už je mnohem rychlejší, antivir funguje jak má a havěť je snad už pryč. Jediná věc, co mě trápí je ta BSoD, když aktualizuju na SP3. Co se s tím dá dělat? Zkoušel jsem hledat na internetu, ale každý má úplně jinou chybu a jiný způsob jak to řešit.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz