Seknutie PC pri nacitavani

[matej7]

Zdravim. mam nove PC cca 2 mesiace a sa mi uz 3x v blizkej minulosti stalo ze ked sa mi nacitava Windows myslim ked beha ta ciarka ze mi to sekne a musim pc RR. Neviem preco to robi.. prikladam log z RSITU-u


Logfile of random's system information tool 1.06 (written by random/random)
Run by PC at 2010-01-10 16:37:58
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 84 GB (84%) free of 100 GB
Total RAM: 2047 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38:00, on 10.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
E:\Programy\Avast 4.8 home\aswUpdSv.exe
E:\Programy\Avast 4.8 home\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
E:\Programy\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
E:\Programy\AVAST4~1.8HO\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
E:\hry\cs 1.6\steam.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
E:\Programy\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\SearchIndexer.exe
E:\Programy\Avast 4.8 home\ashMaiSv.exe
E:\Programy\Avast 4.8 home\ashWebSv.exe
e:\hry\cs 1.6\steamapps\camejko\counter-strike\hl.exe
E:\hry\cs 1.6\GameOverlayUI.exe
E:\Programy\ICQ6.5\ICQ.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\DOWNLOADS\RSIT.exe
C:\Program Files\trend micro\PC.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpywareTerminator] "E:\Programy\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] E:\Programy\AVAST4~1.8HO\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "e:\hry\cs 1.6\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programy\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - E:\Programy\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0897011765
O17 - HKLM\System\CCS\Services\Tcpip\..\{092475B1-4D09-4DA2-AA69-BEE9A6F0E11E}: NameServer = 92.245.2.245,92.245.2.162
O17 - HKLM\System\CS1\Services\Tcpip\..\{092475B1-4D09-4DA2-AA69-BEE9A6F0E11E}: NameServer = 92.245.2.245,92.245.2.162
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - E:\Programy\Avast 4.8 home\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - E:\Programy\Avast 4.8 home\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - E:\Programy\Avast 4.8 home\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - E:\Programy\Avast 4.8 home\ashWebSv.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - E:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - E:\Programy\Spyware Terminator\sp_rsser.exe

--
End of file - 6453 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{7D1B8E99-6DA7-43F6-A148-711D0F18BF11}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-10-11 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [2009-10-09 33677312]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-11-24 98304]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"SpywareTerminator"=E:\Programy\Spyware Terminator\SpywareTerminatorShield.exe [2010-01-03 2166784]
"avast!"=E:\Programy\AVAST4~1.8HO\ashDisp.exe [2009-11-25 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"Steam"=e:\hry\cs 1.6\steam.exe [2009-12-15 1217808]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2009-10-09 25623336]
"DAEMON Tools Lite"=E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
E:\Programy\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
E:\Programy\Winamp\winampa.exe [2009-07-01 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
C:\PROGRA~1\WINDOW~4\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-11-25 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\freecell.exe"="C:\WINDOWS\system32\freecell.exe:*:Enabled:FreeCell"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"E:\Programy\ICQ6.5\ICQ.exe"="E:\Programy\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\Hry\CS 1.6\SteamApps\camejko\counter-strike\hl.exe"="E:\Hry\CS 1.6\SteamApps\camejko\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"E:\Programy\BitLord\BitLord.exe"="E:\Programy\BitLord\BitLord.exe:*:Enabled:BitLord"
"E:\Programy\Azureus\Azureus.exe"="E:\Programy\Azureus\Azureus.exe:*:Enabled:Azureus"
"E:\Hry\Dragon Age\bin_ship\daorigins.exe"="E:\Hry\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Prameny Hra"
"E:\Hry\Dragon Age\DAOriginsLauncher.exe"="E:\Hry\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Prameny Spustit"
"E:\Hry\Dragon Age\bin_ship\daupdatersvc.service.exe"="E:\Hry\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Prameny Aktualizovat"
"E:\Programy\Garena\Garena.exe"="E:\Programy\Garena\Garena.exe:*:Enabled:Garena"
"E:\Programy\Spyware Terminator\SpywareTerminatorUpdate.exe"="E:\Programy\Spyware Terminator\SpywareTerminatorUpdate.exe:*:Enabled:Crawler Spyware Terminator"
"E:\Hry\Call of Duty 2\CoD2MP_s.exe"="E:\Hry\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s"
"E:\Hry\CS 1.6\SteamApps\camejko\dedicated server\hltv.exe"="E:\Hry\CS 1.6\SteamApps\camejko\dedicated server\hltv.exe:*:Enabled:HLTV Launcher"
"C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe"="C:\Documents and Settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"E:\Hry\Stronghold Crusader\Stronghold Crusader.exe"="E:\Hry\Stronghold Crusader\Stronghold Crusader.exe:*:Enabled:Stronghold Crusader"
"C:\Program Files\LogMeIn Hamachi\hamachi-2.exe"="C:\Program Files\LogMeIn Hamachi\hamachi-2.exe:*:Enabled:hamachi-2"
"C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe"="C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe:*:Enabled:LogMeIn Hamachi"
"E:\Hry\CS 1.6\Steam.exe"="E:\Hry\CS 1.6\Steam.exe:*:Enabled:Steam 732897"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-01-07 14:25:45 ----D---- C:\Program Files\LogMeIn Hamachi
2010-01-07 14:20:33 ----D---- C:\Documents and Settings\PC\Application Data\Hamachi
2010-01-06 21:02:15 ----D---- C:\Documents and Settings\PC\Application Data\Octoshape
2010-01-06 18:10:09 ----A---- C:\ashampoo-acdw-log.txt
2010-01-06 16:57:56 ----A---- C:\WINDOWS\system32\MFC71.dll
2010-01-06 16:57:56 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-01-05 09:54:46 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2010-01-04 16:29:03 ----A---- C:\WINDOWS\game.ini
2010-01-03 17:03:49 ----D---- C:\Documents and Settings\PC\Application Data\Xfire
2010-01-03 16:59:30 ----D---- C:\Documents and Settings\PC\Application Data\InstallShield
2010-01-03 16:42:03 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2010-01-03 16:35:02 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2010-01-03 15:39:35 ----SHD---- C:\WINDOWS\ftpcache
2010-01-03 14:11:56 ----D---- C:\Documents and Settings\PC\Application Data\Spyware Terminator
2010-01-03 14:11:52 ----D---- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2010-01-01 13:40:27 ----D---- C:\WINDOWS\ie8updates
2010-01-01 13:40:00 ----D---- C:\WINDOWS\WBEM
2010-01-01 13:39:05 ----HDC---- C:\WINDOWS\ie8
2010-01-01 13:39:05 ----D---- C:\WINDOWS\system32\sk-SK
2010-01-01 13:37:04 ----N---- C:\WINDOWS\system32\WinFXDocObj.exe
2010-01-01 13:37:04 ----A---- C:\WINDOWS\system32\normaliz.dll
2010-01-01 13:37:04 ----A---- C:\WINDOWS\system32\nlsdl.dll
2010-01-01 13:37:04 ----A---- C:\WINDOWS\system32\msdbg2.dll
2010-01-01 13:37:04 ----A---- C:\WINDOWS\system32\ieudinit.exe
2010-01-01 13:37:04 ----A---- C:\WINDOWS\system32\idndl.dll
2010-01-01 13:37:03 ----N---- C:\WINDOWS\system32\msrating.dll.mui
2010-01-01 13:37:03 ----N---- C:\WINDOWS\system32\mshta.exe.mui
2010-01-01 13:37:03 ----N---- C:\WINDOWS\system32\msfeedssync.exe
2010-01-01 13:37:03 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2010-01-01 13:37:03 ----A---- C:\WINDOWS\system32\msfeeds.dll
2010-01-01 13:37:02 ----N---- C:\WINDOWS\system32\ieui.dll
2010-01-01 13:37:02 ----N---- C:\WINDOWS\system32\ieframe.dll.mui
2010-01-01 13:37:02 ----A---- C:\WINDOWS\system32\iertutil.dll
2010-01-01 13:37:01 ----N---- C:\WINDOWS\system32\iedkcs32.dll.mui
2010-01-01 13:37:01 ----N---- C:\WINDOWS\system32\ieapfltr.dll
2010-01-01 13:37:01 ----N---- C:\WINDOWS\system32\ie4uinit.exe.mui
2010-01-01 13:37:01 ----N---- C:\WINDOWS\system32\icardie.dll
2010-01-01 13:37:01 ----N---- C:\WINDOWS\system32\advpack.dll.mui
2010-01-01 13:37:01 ----A---- C:\WINDOWS\system32\ieframe.dll
2009-12-31 21:36:51 ----A---- C:\WINDOWS\War3Unin.exe
2009-12-31 16:34:04 ----D---- C:\Documents and Settings\All Users\Application Data\BioWare
2009-12-31 16:33:16 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2009-12-31 16:33:15 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2009-12-31 16:33:15 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2009-12-31 16:33:14 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2009-12-31 16:33:14 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2009-12-31 16:33:14 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2009-12-31 16:33:13 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2009-12-31 16:33:13 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2009-12-31 16:33:13 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2009-12-31 16:33:12 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2009-12-31 16:33:12 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2009-12-31 16:33:12 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2009-12-31 16:33:12 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2009-12-31 16:33:12 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2009-12-31 16:33:11 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-12-31 16:33:11 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-12-31 16:33:11 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-12-31 16:33:10 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-12-31 16:33:10 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-12-31 16:33:10 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2009-12-31 16:33:10 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-12-31 16:33:10 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-12-31 16:33:09 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2009-12-31 16:33:09 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2009-12-31 16:33:09 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2009-12-31 16:33:09 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2009-12-31 16:33:09 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2009-12-31 16:33:08 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2009-12-31 16:33:08 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2009-12-31 16:33:08 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2009-12-31 16:33:08 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2009-12-31 16:33:07 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2009-12-31 16:33:07 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2009-12-31 16:33:07 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2009-12-31 16:33:07 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2009-12-31 16:33:07 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2009-12-31 16:33:06 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2009-12-31 16:33:05 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2009-12-31 16:33:05 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2009-12-31 16:33:05 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2009-12-31 16:33:05 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2009-12-31 16:33:04 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2009-12-31 16:33:04 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2009-12-31 16:33:04 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2009-12-31 16:33:03 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2009-12-31 16:33:03 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2009-12-31 16:33:03 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2009-12-31 16:33:02 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2009-12-31 16:33:02 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2009-12-31 16:33:02 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2009-12-31 16:33:02 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2009-12-31 16:33:02 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2009-12-31 16:33:01 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2009-12-31 16:33:01 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2009-12-31 16:33:00 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2009-12-31 16:32:59 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2009-12-31 16:32:59 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2009-12-31 16:32:57 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2009-12-31 16:32:56 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2009-12-31 16:32:56 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2009-12-31 16:32:56 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2009-12-31 16:32:55 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2009-12-31 16:32:55 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2009-12-31 16:32:55 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2009-12-31 16:32:55 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2009-12-31 16:32:55 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2009-12-31 16:32:54 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2009-12-31 16:32:54 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2009-12-31 16:32:54 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2009-12-31 16:32:49 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2009-12-31 16:32:49 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2009-12-31 16:32:49 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2009-12-31 16:32:49 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2009-12-31 16:32:48 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2009-12-31 16:32:47 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2009-12-31 16:32:47 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2009-12-31 16:32:47 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2009-12-31 16:32:46 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2009-12-31 16:32:46 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2009-12-31 16:32:35 ----D---- C:\WINDOWS\Logs
2009-12-31 16:23:47 ----D---- C:\WINDOWS\system32\AGEIA
2009-12-31 16:23:47 ----D---- C:\Program Files\AGEIA Technologies
2009-12-31 16:10:37 ----D---- C:\Program Files\Common Files\BioWare
2009-12-30 11:25:18 ----D---- C:\Program Files\Common Files\eSellerate
2009-12-30 11:22:29 ----A---- C:\WINDOWS\unvise32.exe
2009-12-30 10:17:02 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-12-29 19:28:01 ----AD---- C:\WINDOWS\VDLL.DLL
2009-12-29 19:28:01 ----AD---- C:\WINDOWS\system32\runouce.exe
2009-12-29 19:28:01 ----AD---- C:\WINDOWS\RUNDL132.EXE
2009-12-29 19:28:01 ----AD---- C:\WINDOWS\logo_1.exe
2009-12-29 19:26:42 ----A---- C:\WINDOWS\system32\msvcr80.dll
2009-12-29 19:26:41 ----A---- C:\WINDOWS\system32\msvcp80.dll
2009-12-29 19:26:40 ----A---- C:\WINDOWS\system32\eEmpty.exe
2009-12-29 19:26:38 ----A---- C:\WINDOWS\system32\TASKMGR.COM
2009-12-29 19:26:38 ----A---- C:\WINDOWS\system32\T.COM
2009-12-29 19:26:38 ----A---- C:\WINDOWS\REGEDIT.COM
2009-12-29 19:26:38 ----A---- C:\WINDOWS\R.COM
2009-12-29 19:26:31 ----D---- C:\Program Files\Common Files\MicroWorld
2009-12-29 19:26:22 ----D---- C:\Documents and Settings\All Users\Application Data\MicroWorld
2009-12-29 12:41:47 ----D---- C:\Documents and Settings\PC\Application Data\Publish Providers
2009-12-29 12:38:11 ----D---- C:\Documents and Settings\PC\Application Data\Sony
2009-12-29 12:37:26 ----D---- C:\Documents and Settings\All Users\Application Data\Sony
2009-12-27 22:33:13 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2009-12-24 15:23:10 ----A---- C:\WINDOWS\system32\atiiiexx.dll
2009-12-24 15:23:10 ----A---- C:\WINDOWS\system32\ATIDEMGX.dll
2009-12-24 15:14:39 ----D---- C:\Program Files\ATI
2009-12-24 15:13:37 ----D---- C:\Documents and Settings\All Users\Application Data\ATI
2009-12-24 14:57:27 ----A---- C:\WINDOWS\system32\psisdecd.dll
2009-12-24 14:57:24 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2009-12-24 14:38:05 ----A---- C:\WINDOWS\WININIT.INI
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\Oemdspif.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ativcoxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atitvo32.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atipdlxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atiok3x2.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atioglxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ATIODE.exe
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ATIODCLI.exe
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atimpc32.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atikvmag.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ATIDDC.DLL
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\aticalrt.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\aticaldd.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\aticalcl.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atibtmon.exe
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\Ati2mdxx.exe
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ati2evxx.exe
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ati2evxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\ati2edxx.dll
2009-12-24 14:22:27 ----A---- C:\WINDOWS\system32\amdpcom32.dll
2009-12-24 14:22:26 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-23 13:46:30 ----D---- C:\Documents and Settings\PC\Application Data\Azureus
2009-12-23 10:00:52 ----D---- C:\Documents and Settings\PC\Application Data\dvdcss
2009-12-23 10:00:51 ----D---- C:\Documents and Settings\PC\Application Data\vlc
2009-12-23 09:17:58 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-20 20:11:36 ----D---- C:\Documents and Settings\PC\Application Data\OpenOffice.org
2009-12-20 17:34:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2009-12-20 17:33:58 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2009-12-20 17:33:49 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2009-12-20 14:17:46 ----D---- C:\Documents and Settings\PC\Application Data\Ashampoo
2009-12-20 14:17:34 ----D---- C:\Documents and Settings\All Users\Application Data\ashampoo
2009-12-20 14:08:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-20 14:08:15 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2009-12-20 14:08:06 ----D---- C:\Program Files\Windows Media Connect 2
2009-12-20 14:07:58 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2009-12-20 14:07:33 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2009-12-20 14:07:21 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-20 14:07:15 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2009-12-20 09:31:22 ----D---- C:\Program Files\trend micro
2009-12-20 09:31:20 ----D---- C:\rsit
2009-12-19 14:45:23 ----D---- C:\Documents and Settings\PC\Application Data\AVS4YOU
2009-12-19 14:45:21 ----D---- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2009-12-19 14:43:21 ----D---- C:\Program Files\Common Files\AVSMedia
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\msxml3a.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\msvcp70.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\mfc70.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\mcdvd_32.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2009-12-19 14:42:57 ----A---- C:\WINDOWS\system32\divx.dll
2009-12-19 14:42:56 ----A---- C:\WINDOWS\system32\msvcr70.dll
2009-12-17 21:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB963093$
2009-12-17 21:48:04 ----D---- C:\Documents and Settings\PC\Application Data\Windows Search
2009-12-17 21:47:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971513$
2009-12-17 21:47:11 ----HDC---- C:\WINDOWS\$NtUninstallbasecsp$
2009-12-17 21:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB902344$
2009-12-17 21:46:05 ----D---- C:\Documents and Settings\PC\Application Data\Windows Desktop Search
2009-12-17 21:45:49 ----D---- C:\WINDOWS\system32\GroupPolicy
2009-12-17 21:45:49 ----D---- C:\Program Files\Windows Desktop Search
2009-12-17 21:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2009-12-17 21:45:38 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2009-12-17 21:44:57 ----D---- C:\WINDOWS\system32\URTTEMP
2009-12-17 20:51:32 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-12-17 20:51:09 ----D---- C:\Documents and Settings\PC\Application Data\SUPERAntiSpyware.com
2009-12-17 20:22:16 ----D---- C:\WINDOWS\Sun
2009-12-17 13:55:35 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-12-16 21:57:40 ----D---- C:\Documents and Settings\PC\Application Data\skypePM
2009-12-16 21:56:30 ----D---- C:\Documents and Settings\PC\Application Data\Skype
2009-12-16 21:56:15 ----D---- C:\Program Files\Common Files\Skype
2009-12-16 21:56:12 ----RD---- C:\Program Files\Skype
2009-12-16 21:56:08 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2009-12-16 21:33:54 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2009-12-16 18:26:47 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-16 18:26:23 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-16 18:26:23 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-16 18:26:23 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-16 18:26:23 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-16 18:26:23 ----N---- C:\WINDOWS\system32\pxafs.dll
2009-12-16 18:26:22 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-16 18:26:22 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-16 18:26:22 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-16 18:26:22 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-16 18:26:22 ----N---- C:\WINDOWS\system32\px.dll
2009-12-16 18:26:20 ----D---- C:\Documents and Settings\PC\Application Data\Winamp
2009-12-16 17:36:48 ----D---- C:\Documents and Settings\PC\Application Data\Ventrilo
2009-12-16 17:35:46 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-15 21:04:06 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-15 21:04:06 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-15 21:04:06 ----A---- C:\WINDOWS\system32\java.exe
2009-12-15 20:44:49 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-15 20:44:41 ----D---- C:\Program Files\Java
2009-12-15 20:44:13 ----D---- C:\Documents and Settings\PC\Application Data\Sun
2009-12-15 19:53:53 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2009-12-15 19:53:03 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-12-15 19:53:03 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-12-15 19:44:07 ----D---- C:\WINDOWS\pss
2009-12-15 19:41:55 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-12-15 19:41:51 ----D---- C:\Program Files\Common Files\Adobe
2009-12-15 19:41:51 ----D---- C:\Program Files\Adobe
2009-12-15 19:32:25 ----A---- C:\WINDOWS\ODBC.INI
2009-12-15 19:32:23 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-12-15 19:27:01 ----D---- C:\Documents and Settings\PC\Application Data\DAEMON Tools Lite
2009-12-15 19:26:59 ----D---- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
2009-12-15 18:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2009-12-15 18:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2009-12-15 18:33:55 ----D---- C:\Documents and Settings\PC\Application Data\GHISLER
2009-12-15 18:27:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2009-12-15 18:27:55 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2009-12-15 18:27:53 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$
2009-12-15 18:27:51 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2009-12-15 18:27:49 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2009-12-15 18:27:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2009-12-15 18:27:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2009-12-15 18:27:39 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2009-12-15 18:27:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2009-12-15 18:19:45 ----D---- C:\Documents and Settings\PC\Application Data\WinRAR
2009-12-15 18:15:04 ----D---- C:\WINDOWS\system32\XPSViewer
2009-12-15 18:15:02 ----D---- C:\Program Files\MSBuild
2009-12-15 18:14:59 ----D---- C:\Program Files\Reference Assemblies
2009-12-15 18:14:47 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-12-15 18:14:47 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-12-15 18:14:46 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-12-15 18:06:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2009-12-15 18:06:29 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2009-12-15 18:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2009-12-15 18:06:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2009-12-15 18:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2009-12-15 18:06:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2009-12-15 18:06:18 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2009-12-15 18:06:16 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$
2009-12-15 18:06:14 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2009-12-15 18:06:11 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2009-12-15 18:06:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$
2009-12-15 18:06:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2009-12-15 18:06:04 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2009-12-15 18:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$
2009-12-15 18:05:59 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2009-12-15 18:05:57 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2009-12-15 18:05:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2009-12-15 18:05:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2009-12-15 18:05:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2009-12-15 18:05:45 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2009-12-15 18:05:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2009-12-15 18:05:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2009-12-15 18:05:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2009-12-15 18:05:34 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2009-12-15 18:05:30 ----HDC---- C:\WINDOWS\$NtUninstallKB976325$
2009-12-15 18:05:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2009-12-15 18:05:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2009-12-15 18:05:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2009-12-15 18:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2009-12-15 18:05:17 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-12-15 18:05:15 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2009-12-15 18:05:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$
2009-12-15 18:05:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2009-12-15 18:05:06 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2009-12-15 18:05:04 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2009-12-15 18:05:01 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2009-12-15 18:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-12-15 18:04:56 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2009-12-15 18:04:52 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$
2009-12-15 18:04:50 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2009-12-15 18:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2009-12-15 18:04:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973525$
2009-12-15 18:04:24 ----A---- C:\WINDOWS\system32\MRT.exe
2009-12-15 18:04:20 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2009-12-15 18:04:17 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2009-12-15 18:04:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2009-12-15 18:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2009-12-15 18:04:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2009-12-15 18:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2009-12-15 18:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$
2009-12-15 17:58:41 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2009-12-15 17:56:54 ----D---- C:\WINDOWS\Prefetch
2009-12-15 17:54:06 ----D---- C:\WINDOWS\system32\scripting
2009-12-15 17:54:06 ----D---- C:\WINDOWS\system32\en-us
2009-12-15 17:54:05 ----D---- C:\WINDOWS\system32\en
2009-12-15 17:54:05 ----D---- C:\WINDOWS\system32\bits
2009-12-15 17:54:05 ----D---- C:\WINDOWS\l2schemas
2009-12-15 17:53:31 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-15 17:52:33 ----D---- C:\WINDOWS\network diagnostic
2009-12-15 17:51:01 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-15 17:51:00 ----D---- C:\WINDOWS\EHome
2009-12-15 17:42:34 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2009-12-15 17:40:59 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-15 17:40:58 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-15 17:36:45 ----D---- C:\Documents and Settings\PC\Application Data\ICQ
2009-12-15 17:34:36 ----D---- C:\Documents and Settings\PC\Application Data\Macromedia
2009-12-15 17:34:36 ----D---- C:\Documents and Settings\PC\Application Data\Adobe
2009-12-15 16:31:24 ----D---- C:\Documents and Settings\PC\Application Data\Mozilla
2009-12-15 16:31:22 ----D---- C:\Program Files\Mozilla Firefox
2009-12-15 14:59:34 ----SHD---- C:\RECYCLER
2009-12-11 16:27:23 ----A---- C:\WINDOWS\system32\wpa.bak
2009-12-11 16:27:22 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-11 16:16:51 ----D---- C:\WINDOWS\system32\1051
2009-12-11 16:16:34 ----D---- C:\temp
2009-12-11 16:15:29 ----D---- C:\Documents and Settings\PC\Application Data\ATI
2009-12-11 15:53:04 ----RSD---- C:\WINDOWS\assembly
2009-12-11 15:52:52 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-11 15:51:51 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-11 15:41:32 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-11 15:17:32 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-11 15:15:54 ----N---- C:\WINDOWS\system32\difxapi.dll
2009-12-11 15:15:54 ----D---- C:\Program Files\VIA
2009-12-11 15:05:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-11 15:04:41 ----D---- C:\Program Files\ATI Technologies
2009-12-11 15:03:20 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-11 15:02:32 ----D---- C:\WINDOWS\system32\Atheros_L1e
2009-12-11 15:02:31 ----SHD---- C:\WINDOWS\Installer
2009-12-11 15:02:31 ----D---- C:\Program Files\Common Files\ODBC
2009-12-11 15:02:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-11 15:02:31 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-11 15:02:28 ----RD---- C:\Program Files
2009-12-11 15:02:28 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-11 15:02:28 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-11 15:02:28 ----D---- C:\Program Files\Common Files
2009-12-11 15:02:27 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-11 15:02:26 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-11 15:02:26 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-11 15:02:26 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-11 15:02:24 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-11 15:02:23 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-11 15:02:22 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-11 15:02:21 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-11 15:02:21 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-11 15:02:21 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-11 15:02:21 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-11 15:02:21 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-11 15:02:20 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-11 15:02:20 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2009-12-11 15:02:20 ----RA---- C:\WINDOWS\system32\kbdro.dll
2009-12-11 15:02:20 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-11 15:02:20 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2009-12-11 15:02:19 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-11 15:02:18 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-11 15:02:18 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-11 15:02:18 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-11 15:02:17 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-11 15:02:17 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-11 15:02:16 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-12-11 15:02:16 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-11 15:02:15 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-11 15:02:15 ----A---- C:\WINDOWS\notepad.exe
2009-12-11 15:02:14 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-11 15:02:09 ----RA---- C:\WINDOWS\SET25.tmp
2009-12-11 15:02:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2009-12-11 15:02:07 ----RA---- C:\WINDOWS\SET8.tmp
2009-12-11 15:02:05 ----RA---- C:\WINDOWS\SET4.tmp
2009-12-11 15:02:03 ----RA---- C:\WINDOWS\SET3.tmp
2009-12-11 15:02:01 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-11 15:02:01 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-11 15:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2009-12-11 15:01:59 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-11 15:01:59 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-11 15:01:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-12-11 15:01:35 ----D---- C:\Documents and Settings
2009-12-11 15:01:34 ----SHD---- C:\System Volume Information
2009-12-11 15:00:58 ----SH---- C:\boot.ini
2009-12-11 14:59:14 ----D---- C:\Documents and Settings\PC\Application Data\Identities
2009-12-11 14:59:13 ----HD---- C:\Program Files\Uninstall Information
2009-12-11 14:59:09 ----SD---- C:\Documents and Settings\PC\Application Data\Microsoft
2009-12-11 14:59:09 ----ASH---- C:\Documents and Settings\PC\Application Data\desktop.ini
2009-12-11 14:55:38 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-11 14:55:38 ----RSD---- C:\WINDOWS\Fonts
2009-12-11 14:55:38 ----RD---- C:\WINDOWS\Web

[matej7]

2009-12-11 14:55:38 ----HD---- C:\WINDOWS\inf
2009-12-11 14:55:38 ----D---- C:\WINDOWS\WinSxS
2009-12-11 14:55:38 ----D---- C:\WINDOWS\twain_32
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Temp
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\wins
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\wbem
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\usmt
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\spool
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\Setup
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\ras
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\oobe
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\npp
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\mui
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\IME
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\icsxml
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\ias
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\export
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\drivers
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\dhcp
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\config
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\3076
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\2052
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1054
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1042
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1041
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1037
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1033
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1031
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1028
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32\1025
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system32
2009-12-11 14:55:38 ----D---- C:\WINDOWS\system
2009-12-11 14:55:38 ----D---- C:\WINDOWS\security
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Resources
2009-12-11 14:55:38 ----D---- C:\WINDOWS\repair
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Provisioning
2009-12-11 14:55:38 ----D---- C:\WINDOWS\pchealth
2009-12-11 14:55:38 ----D---- C:\WINDOWS\PeerNet
2009-12-11 14:55:38 ----D---- C:\WINDOWS\mui
2009-12-11 14:55:38 ----D---- C:\WINDOWS\msapps
2009-12-11 14:55:38 ----D---- C:\WINDOWS\msagent
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Media
2009-12-11 14:55:38 ----D---- C:\WINDOWS\java
2009-12-11 14:55:38 ----D---- C:\WINDOWS\ime
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Help
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Driver Cache
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Debug
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Cursors
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Connection Wizard
2009-12-11 14:55:38 ----D---- C:\WINDOWS\Config
2009-12-11 14:55:38 ----D---- C:\WINDOWS\AppPatch
2009-12-11 14:55:38 ----D---- C:\WINDOWS\addins
2009-12-11 14:55:38 ----D---- C:\WINDOWS
2009-12-11 14:54:14 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-11 14:54:13 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-11 14:54:13 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-11 14:45:53 ----D---- C:\WINDOWS\system32\xircom
2009-12-11 14:45:53 ----D---- C:\Program Files\xerox
2009-12-11 14:45:53 ----D---- C:\Program Files\microsoft frontpage
2009-12-11 14:45:49 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2009-12-11 14:45:49 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-11 14:45:40 ----A---- C:\WINDOWS\control.ini
2009-12-11 14:45:40 ----A---- C:\AUTOEXEC.BAT
2009-12-11 14:45:31 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-11 14:45:01 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-11 14:45:01 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-11 14:45:01 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-11 14:44:57 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-11 14:44:55 ----HD---- C:\Program Files\WindowsUpdate
2009-12-11 14:44:39 ----D---- C:\WINDOWS\system32\DirectX
2009-12-11 14:44:22 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-11 14:44:20 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-11 14:44:20 ----A---- C:\WINDOWS\desktop.ini
2009-12-11 14:44:15 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-11 14:44:14 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-11 14:44:13 ----D---- C:\Program Files\Common Files\Services
2009-12-11 14:44:11 ----SD---- C:\WINDOWS\Tasks
2009-12-11 14:44:11 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-11 14:44:10 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-11 14:44:07 ----D---- C:\WINDOWS\srchasst
2009-12-11 14:44:06 ----D---- C:\WINDOWS\system32\Macromed
2009-12-11 14:44:04 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-11 14:44:04 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-11 14:44:04 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-11 14:44:04 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-11 14:44:03 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-11 14:43:59 ----D---- C:\Program Files\Movie Maker
2009-12-11 14:43:56 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-11 14:43:56 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-11 14:43:56 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-11 14:43:56 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-11 14:43:53 ----A---- C:\WINDOWS\system32\fltmc.exe
2009-12-11 14:43:53 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-11 14:43:52 ----D---- C:\WINDOWS\system32\Restore
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-11 14:43:52 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-11 14:43:51 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-11 14:43:51 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-11 14:43:51 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-11 14:43:49 ----D---- C:\Program Files\NetMeeting
2009-12-11 14:43:49 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-11 14:43:49 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-11 14:43:48 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-11 14:43:48 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-11 14:43:46 ----D---- C:\Program Files\Outlook Express
2009-12-11 14:43:46 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-12-11 14:43:46 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-11 14:43:46 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-11 14:43:46 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-11 14:43:46 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-11 14:43:45 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-11 14:43:45 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-11 14:43:41 ----D---- C:\Program Files\Common Files\System
2009-12-11 14:43:40 ----D---- C:\Program Files\Internet Explorer
2009-12-11 14:43:31 ----D---- C:\Program Files\ComPlus Applications
2009-12-11 14:43:30 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-11 14:43:30 ----A---- C:\WINDOWS\vb.ini
2009-12-11 14:43:26 ----D---- C:\WINDOWS\Registration
2009-12-11 14:43:09 ----D---- C:\Program Files\Windows Media Player
2009-12-11 14:43:09 ----D---- C:\Program Files\Online Services
2009-12-11 14:43:05 ----D---- C:\Program Files\Messenger
2009-12-11 14:43:02 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-11 14:43:02 ----A---- C:\WINDOWS\system32\write.exe
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-11 14:42:54 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-11 14:42:48 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-11 14:42:48 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-11 14:42:48 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-11 14:42:48 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-11 14:42:47 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-11 14:42:46 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-11 14:42:45 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-11 14:42:41 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-11 14:42:28 ----D---- C:\Program Files\MSN
2009-12-11 14:42:28 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-11 14:42:27 ----D---- C:\Program Files\Windows NT
2009-12-11 14:42:27 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-11 14:42:27 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-11 14:42:27 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-11 14:42:27 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-11 14:42:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-11 14:42:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-11 14:42:26 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-11 14:42:25 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-11 14:42:24 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-11 14:42:24 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-11 14:42:23 ----D---- C:\WINDOWS\system32\Com
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-11 14:42:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-11 14:42:22 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-11 14:42:22 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-11 14:42:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-11 14:42:22 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-11 14:42:21 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-11 14:42:17 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-11 14:42:17 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-11 14:42:17 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-11 14:42:17 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 1 months======

2009-12-29 21:10:27 ----A---- C:\WINDOWS\win.ini
2009-12-29 19:52:02 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 NwlnkIpx;NWLink IPX/SPX/NetBIOS Compatible Transport Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;NWLink NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-02-28 63232]
R2 NwlnkSpx;NWLink SPX/SPXII Protocol; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-02-28 55936]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-11-25 4463104]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-06-02 99856]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller; C:\WINDOWS\system32\DRIVERS\l1c51x86.sys [2009-07-27 44032]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-02-28 12160]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2009-09-30 1418368]
S3 adi4ichg;adi4ichg; C:\WINDOWS\system32\drivers\adi4ichg.sys []
S3 GarenaPEngine;GarenaPEngine; \??\C:\DOCUME~1\PC\LOCALS~1\Temp\SFR32.tmp []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; E:\Programy\Avast 4.8 home\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-11-25 602112]
R2 avast! Antivirus;avast! Antivirus; E:\Programy\Avast 4.8 home\ashServ.exe [2009-11-25 138680]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2009-10-29 1074568]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-10-11 153376]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2010-01-03 75064]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2010-01-03 214520]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; E:\Programy\Spyware Terminator\sp_rsser.exe [2010-01-03 488960]
R2 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
R3 avast! Mail Scanner;avast! Mail Scanner; E:\Programy\Avast 4.8 home\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; E:\Programy\Avast 4.8 home\ashWebSv.exe [2009-11-25 352920]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; E:\Hry\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-07-26 25832]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Roli]

Zdravím, tohle fixni v HJT :

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HJT najdeš zde :

C:\Program Files\trend micro\PC

Fix znamená že spustíš HJT

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

položka Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

položka Registry - tady vyčistíš registry; před použitím doporučuji udělat jejich zálohu, kterou Ccleaner nabízí,

čištění registru je třeba několikrát zopakovat !


Defragmentuj disk buď integrovaným windows nástrojem,

nebo jinou aplikací, například Defragglerem


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:

Kód: Vybrat vše

:processes
explorer.exe       

:files 
C:\*.tmp
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp

:commands
[purity]
[emptytemp]
[start explorer]

klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

[matej7]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\*.tmp not found.
C:\WINDOWS\System32\CONFIG.TMP moved successfully.
C:\WINDOWS\002596_.tmp moved successfully.
C:\WINDOWS\SET25.tmp moved successfully.
C:\WINDOWS\SET3.tmp moved successfully.
C:\WINDOWS\SET4.tmp moved successfully.
C:\WINDOWS\SET8.tmp moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 82858 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: PC
->Temp folder emptied: 1094000 bytes
->Temporary Internet Files folder emptied: 5766651 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 95642666 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 49152 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 98,00 mb


OTM by OldTimer - Version 3.1.5.0 log created on 01102010_200805

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_740.dat scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Roli]

Bezva nyní použij Mbam z mého podpisu.

[matej7]

Malwarebytes' Anti-Malware 1.44
Verzia databázy: 3536
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10.1.2010 20:37:44
mbam-log-2010-01-10 (20-37-44).txt

Typ kontroly: Rýchla
Objektov kontrolovaných: 101813
Uplynutý cas: 2 minute(s), 21 second(s)

Infikovaných procesov pamäte: 0
Infikovaných modulov pamäte: 0
Infikovaných registracných klúcov: 0
Infikovaných registracných hodnôt: 0
Infikovaných registracných údajov položiek: 0
Infikovaných priecinkov: 0
Infikovaných súborov: 0

Infikovaných procesov pamäte:
(Žiadne škodlivé položky)

Infikovaných modulov pamäte:
(Žiadne škodlivé položky)

Infikovaných registracných klúcov:
(Žiadne škodlivé položky)

Infikovaných registracných hodnôt:
(Žiadne škodlivé položky)

Infikovaných registracných údajov položiek:
(Žiadne škodlivé položky)

Infikovaných priecinkov:
(Žiadne škodlivé položky)

Infikovaných súborov:
(Žiadne škodlivé položky)

[Roli]

Tady čisto tak ještě použijeme větší kalibr, proto stáhni a ulož na plochu ComboFix,

spusť aplikaci pod účtem s administrátorským oprávněním a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah vlož sem.

[matej7]

ComboFix 10-01-04.01 - PC 10.01.2010 20:49:00.1.3 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1491 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100110-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\regedit.com
c:\windows\system32\taskmgr.com

.
((((((((((((((((((((((((( Files Created from 2009-12-10 to 2010-01-10 )))))))))))))))))))))))))))))))
.

2010-01-10 19:28 . 2010-01-10 19:28 -------- d-----w- c:\documents and settings\PC\Application Data\Malwarebytes
2010-01-10 19:28 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-10 19:28 . 2010-01-10 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-10 19:28 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 13:25 . 2010-01-08 14:30 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\LogMeIn Hamachi
2010-01-07 13:25 . 2010-01-10 19:50 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2010-01-07 13:25 . 2010-01-08 14:28 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-01-07 13:20 . 2010-01-07 13:25 -------- d-----w- c:\documents and settings\PC\Application Data\Hamachi
2010-01-07 13:20 . 2009-09-23 08:41 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2010-01-06 20:02 . 2009-12-22 16:01 779264 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\pmv306a-0912220-0-libOctoshapeClient.dll
2010-01-06 20:02 . 2010-01-06 20:02 120088 ----a-w- c:\documents and settings\PC\Application Data\Mozilla\Plugins\npoctoshape.dll
2010-01-06 20:02 . 2010-01-06 20:02 -------- d-----w- c:\documents and settings\PC\Application Data\Octoshape
2010-01-06 20:02 . 2009-06-22 13:37 397824 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-libOctoshapeClient.dll
2010-01-06 20:02 . 2009-06-22 13:37 124184 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-apoctoshape.dll
2010-01-06 20:02 . 2009-06-22 13:37 120088 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-npoctoshape.dll
2010-01-06 20:02 . 2009-01-08 13:44 70936 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
2010-01-06 15:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-06 15:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-06 15:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-06 15:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-06 15:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-06 15:58 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-06 15:58 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-06 15:58 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-06 15:57 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-06 15:57 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-05 08:54 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2010-01-04 19:29 . 2010-01-04 19:29 -------- d-sh--w- c:\documents and settings\PC\PrivacIE
2010-01-03 16:03 . 2010-01-03 16:32 -------- d-----w- c:\documents and settings\PC\Application Data\Xfire
2010-01-03 15:59 . 2010-01-03 15:59 -------- d-----w- c:\documents and settings\PC\Application Data\InstallShield
2010-01-03 15:42 . 2010-01-03 15:46 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-03 15:42 . 2010-01-03 15:46 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-03 15:35 . 2010-01-03 15:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-03 15:35 . 2010-01-03 15:35 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\PunkBuster
2010-01-03 14:39 . 2010-01-03 14:39 -------- d-sh--w- c:\windows\ftpcache
2010-01-03 14:28 . 2010-01-03 14:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-03 13:12 . 2010-01-03 13:12 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2010-01-03 13:12 . 2010-01-03 13:12 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2010-01-03 13:12 . 2010-01-03 13:11 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-03 13:11 . 2010-01-10 14:10 -------- d-----w- c:\documents and settings\PC\Application Data\Spyware Terminator
2010-01-03 13:11 . 2010-01-10 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-01-01 18:56 . 2010-01-01 18:56 -------- d-sh--w- c:\documents and settings\PC\IECompatCache
2010-01-01 16:06 . 2010-01-01 16:06 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-01 16:04 . 2010-01-01 16:04 -------- d-sh--w- c:\documents and settings\PC\IETldCache
2010-01-01 12:40 . 2010-01-02 08:35 -------- d-----w- c:\windows\ie8updates
2010-01-01 12:39 . 2010-01-01 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-01 12:39 . 2010-01-01 12:40 -------- d-----w- c:\windows\system32\sk-SK
2010-01-01 12:38 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-01 12:38 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-01 12:38 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-01 12:38 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-01 12:38 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-01 12:38 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-31 20:36 . 2009-12-31 20:56 67136 ----a-w- c:\windows\War3Unin.dat
2009-12-31 20:36 . 2009-12-31 20:43 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-31 20:36 . 2009-12-31 20:43 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-31 15:34 . 2009-12-31 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare
2009-12-31 15:32 . 2007-03-15 15:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2009-12-31 15:23 . 2009-12-31 15:23 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-31 15:23 . 2009-12-31 15:23 -------- d-----w- c:\windows\system32\AGEIA
2009-12-31 15:10 . 2009-12-31 15:23 -------- d-----w- c:\program files\Common Files\BioWare
2009-12-30 10:25 . 2009-12-30 10:25 -------- d-----w- c:\program files\Common Files\eSellerate
2009-12-30 10:22 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-12-30 09:17 . 2009-12-30 09:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-29 18:33 . 2009-12-29 18:33 4806845 ----a-w- c:\windows\REGBK00.ZIP
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\logo_1.exe
2009-12-29 18:26 . 2009-12-29 18:26 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-29 18:26 . 2009-12-29 18:26 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-29 18:26 . 2009-12-29 18:26 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-29 18:26 . 2008-04-14 00:12 135680 ----a-w- c:\windows\system32\T.COM
2009-12-29 18:26 . 2008-04-14 00:12 146432 ----a-w- c:\windows\R.COM
2009-12-29 18:26 . 2009-12-29 18:26 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-29 18:26 . 2009-12-29 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2009-12-29 11:41 . 2009-12-29 11:41 -------- d-----w- c:\documents and settings\PC\Application Data\Publish Providers
2009-12-29 11:38 . 2009-12-29 11:41 -------- d-----w- c:\documents and settings\PC\Application Data\Sony
2009-12-29 11:38 . 2009-12-29 11:38 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\Sony
2009-12-29 11:37 . 2009-12-29 11:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-12-27 21:33 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-24 14:23 . 2009-11-25 03:27 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-12-24 14:23 . 2009-11-25 02:59 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-12-24 14:23 . 2009-11-25 02:42 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-12-24 14:23 . 2009-11-25 02:42 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-12-24 14:23 . 2009-10-22 15:59 196565 ----a-w- c:\windows\system32\atiicdxx.dat
2009-12-24 14:23 . 2009-12-24 14:23 10134 ----a-r- c:\documents and settings\PC\Application Data\Microsoft\Installer\{A778A787-08A4-4089-CB68-02A9737DE532}\ARPPRODUCTICON.exe
2009-12-24 14:14 . 2009-12-24 14:28 -------- d-----w- c:\program files\ATI
2009-12-24 14:13 . 2009-12-24 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-12-24 13:22 . 2009-11-25 03:11 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-12-24 10:04 . 2009-12-24 10:15 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\SubtitleCreator
2009-12-23 12:46 . 2009-12-23 21:47 -------- d-----w- c:\documents and settings\PC\Application Data\Azureus
2009-12-23 10:38 . 2009-12-23 10:38 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ESET
2009-12-23 09:00 . 2009-12-24 10:32 -------- d-----w- c:\documents and settings\PC\Application Data\dvdcss
2009-12-23 09:00 . 2010-01-06 17:21 -------- d-----w- c:\documents and settings\PC\Application Data\vlc
2009-12-23 08:17 . 2009-12-23 08:18 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-20 19:11 . 2010-01-10 16:10 1 ----a-w- c:\documents and settings\PC\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-20 19:11 . 2009-12-20 19:11 -------- d-----w- c:\documents and settings\PC\Application Data\OpenOffice.org
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\PC\Application Data\Ashampoo
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ashampoo
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2009-12-20 13:08 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-20 13:08 . 2009-12-20 13:08 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-20 13:07 . 2010-01-03 15:36 -------- d-----w- c:\windows\system32\LogFiles
2009-12-20 13:07 . 2009-12-20 13:07 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-12-20 08:31 . 2010-01-10 19:06 -------- d-----w- c:\program files\trend micro
2009-12-20 08:31 . 2009-12-20 08:31 -------- d-----w- C:\rsit
2009-12-19 13:45 . 2009-12-19 13:45 -------- d-----w- c:\documents and settings\PC\Application Data\AVS4YOU
2009-12-19 13:45 . 2009-12-19 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-12-19 13:43 . 2009-12-19 13:44 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-12-19 13:42 . 2007-09-27 13:22 638976 ----a-w- c:\windows\system32\divx.dll
2009-12-19 13:42 . 2007-09-27 13:22 524288 ----a-w- c:\windows\system32\xvidcore.dll
2009-12-19 13:42 . 2007-09-27 13:22 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2009-12-19 13:42 . 2007-09-27 13:22 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2009-12-19 13:42 . 2007-09-27 13:22 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-12-19 13:42 . 2003-05-21 22:50 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2009-12-19 13:42 . 2003-05-21 11:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-19 13:42 . 2002-01-05 14:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-12-19 13:42 . 2002-01-05 13:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-12-19 13:42 . 2002-01-05 01:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-17 20:58 . 2009-12-17 20:58 125 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\fusioncache.dat
2009-12-17 20:58 . 2009-12-17 21:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ApplicationHistory
2009-12-17 20:48 . 2009-12-17 20:48 -------- d-----w- c:\documents and settings\PC\Application Data\Windows Search
2009-12-17 20:46 . 2009-12-17 20:46 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\Identities
2009-12-17 20:46 . 2009-12-17 20:46 -------- d-----w- c:\documents and settings\PC\Application Data\Windows Desktop Search

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 14:12 . 2009-12-11 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-24 14:23 . 2009-12-11 14:04 -------- d-----w- c:\program files\ATI Technologies
2009-12-20 15:55 . 2009-12-11 15:15 45960 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-16 17:28 . 2009-12-16 17:26 -------- d-----w- c:\documents and settings\PC\Application Data\Winamp
2009-12-15 18:27 . 2009-12-15 18:27 691696 ----a-w- c:\windows\system32\drivers\sptd.sys.16095416
2009-12-15 16:55 . 2009-12-11 13:45 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-15 16:55 . 2009-12-11 13:45 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-11 15:17 . 2009-12-11 13:45 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-11 15:15 . 2009-12-11 15:15 -------- d-----w- c:\documents and settings\PC\Application Data\ATI
2009-12-11 15:15 . 2009-12-11 15:15 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-11 14:51 . 2009-12-11 14:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-11 14:47 . 2009-12-11 14:15 -------- d-----w- c:\program files\VIA
2009-12-11 13:45 . 2009-12-11 13:45 -------- d-----w- c:\program files\microsoft frontpage
2009-12-11 13:43 . 2009-12-11 13:43 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-25 03:50 . 2009-08-14 04:27 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:26 . 2009-08-14 02:27 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2009-12-24 13:22 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2009-12-24 13:22 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2009-12-24 13:22 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2009-12-24 13:22 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2009-12-24 13:22 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2009-12-24 13:22 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2009-08-14 01:58 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2009-12-24 13:22 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2009-08-14 01:42 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:26 . 2009-12-24 13:22 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-25 02:26 . 2009-12-24 13:22 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2009-12-24 13:22 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:20 . 2009-12-24 13:22 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-25 02:20 . 2009-12-24 13:22 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-25 02:19 . 2009-12-24 13:22 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2009-12-24 13:22 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2009-12-24 13:22 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-25 02:18 . 2009-12-24 13:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2009-12-24 13:22 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2009-08-14 01:12 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 09:30 . 2009-11-21 09:30 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-10-29 07:45 . 2006-02-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-02-28 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\hry\cs 1.6\steam.exe" [2009-12-15 1217808]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DAEMON Tools Lite"="e:\programy\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-10-09 33677312]
"SpywareTerminator"="e:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-03 2166784]
"avast!"="e:\programy\AVAST4~1.8HO\ashDisp.exe" [2009-11-24 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- e:\programy\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- e:\programy\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\freecell.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Programy\\ICQ6.5\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Hry\\CS 1.6\\SteamApps\\camejko\\counter-strike\\hl.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"e:\\Programy\\BitLord\\BitLord.exe"=
"e:\\Hry\\Dragon Age\\bin_ship\\daorigins.exe"=
"e:\\Hry\\Dragon Age\\DAOriginsLauncher.exe"=
"e:\\Hry\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"e:\\Programy\\Garena\\Garena.exe"=
"e:\\Programy\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"e:\\Hry\\CS 1.6\\SteamApps\\camejko\\dedicated server\\hltv.exe"=
"c:\\Documents and Settings\\PC\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"e:\\Hry\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe"=
"e:\\Hry\\CS 1.6\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.1.2010 16:58 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [3.1.2010 14:12 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.1.2010 16:58 20560]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 12:27 1074568]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [11.12.2009 15:02 44032]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [11.12.2009 15:17 1418368]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.1.2010 15:28 691696]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\hry\Dragon Age\bin_ship\daupdatersvc.service.exe [31.12.2009 16:19 25832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp --> c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp [?]
.
Contents of the 'Scheduled Tasks' folder

2010-01-10 c:\windows\Tasks\User_Feed_Synchronization-{7D1B8E99-6DA7-43F6-A148-711D0F18BF11}.job
- c:\windows\system32\msfeedssync.exe [2010-01-01 03:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {092475B1-4D09-4DA2-AA69-BEE9A6F0E11E} = 92.245.2.245,92.245.2.162
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://sk.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sk:official
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
FF - plugin: c:\documents and settings\PC\Application Data\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-10 20:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-10 20:51:29
ComboFix-quarantined-files.txt 2010-01-10 19:51

Pre-Run: 88 467 689 472 bytes free
Post-Run: 7 adresárov, 88 440 635 392 voľných bajtov

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 21FBAC59CE5607DBE60F08C1EEE76700

[Roli]

Ještě doladíme, proto pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

FireFox::  
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



po aplikaci na Tebe vypadne další log, dej ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

[matej7]

ComboFix 10-01-04.01 - PC 10.01.2010 21:16:07.2.3 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1587 [GMT 1:00]
Running from: c:\documents and settings\PC\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\PC\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100110-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Files Created from 2009-12-10 to 2010-01-10 )))))))))))))))))))))))))))))))
.

2010-01-10 19:28 . 2010-01-10 19:28 -------- d-----w- c:\documents and settings\PC\Application Data\Malwarebytes
2010-01-10 19:28 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-10 19:28 . 2010-01-10 19:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-01-10 19:28 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 13:25 . 2010-01-08 14:30 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\LogMeIn Hamachi
2010-01-07 13:25 . 2010-01-10 20:15 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\LogMeIn Hamachi
2010-01-07 13:25 . 2010-01-08 14:28 -------- d-----w- c:\program files\LogMeIn Hamachi
2010-01-07 13:20 . 2010-01-07 13:25 -------- d-----w- c:\documents and settings\PC\Application Data\Hamachi
2010-01-07 13:20 . 2009-09-23 08:41 26176 ---ha-w- c:\windows\system32\drivers\hamachi.sys
2010-01-06 20:02 . 2009-12-22 16:01 779264 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\pmv306a-0912220-0-libOctoshapeClient.dll
2010-01-06 20:02 . 2010-01-06 20:02 120088 ----a-w- c:\documents and settings\PC\Application Data\Mozilla\Plugins\npoctoshape.dll
2010-01-06 20:02 . 2010-01-06 20:02 -------- d-----w- c:\documents and settings\PC\Application Data\Octoshape
2010-01-06 20:02 . 2009-06-22 13:37 397824 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-libOctoshapeClient.dll
2010-01-06 20:02 . 2009-06-22 13:37 124184 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-apoctoshape.dll
2010-01-06 20:02 . 2009-06-22 13:37 120088 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\sua-0906220-0-npoctoshape.dll
2010-01-06 20:02 . 2009-01-08 13:44 70936 ----a-w- c:\documents and settings\PC\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
2010-01-06 15:58 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-01-06 15:58 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-01-06 15:58 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-01-06 15:58 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr
2010-01-06 15:58 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-01-06 15:58 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-01-06 15:58 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-01-06 15:58 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-01-06 15:57 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2010-01-06 15:57 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2010-01-05 08:54 . 2005-06-24 15:24 438272 ----a-r- c:\windows\system32\vp6vfw.dll
2010-01-04 19:29 . 2010-01-04 19:29 -------- d-sh--w- c:\documents and settings\PC\PrivacIE
2010-01-03 16:03 . 2010-01-03 16:32 -------- d-----w- c:\documents and settings\PC\Application Data\Xfire
2010-01-03 15:59 . 2010-01-03 15:59 -------- d-----w- c:\documents and settings\PC\Application Data\InstallShield
2010-01-03 15:42 . 2010-01-03 15:46 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-01-03 15:42 . 2010-01-03 15:46 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-01-03 15:35 . 2010-01-03 15:35 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-01-03 15:35 . 2010-01-03 15:35 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\PunkBuster
2010-01-03 14:39 . 2010-01-03 14:39 -------- d-sh--w- c:\windows\ftpcache
2010-01-03 14:28 . 2010-01-03 14:28 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-01-03 13:12 . 2010-01-03 13:12 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2010-01-03 13:12 . 2010-01-03 13:12 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2010-01-03 13:12 . 2010-01-03 13:11 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2010-01-03 13:11 . 2010-01-10 14:10 -------- d-----w- c:\documents and settings\PC\Application Data\Spyware Terminator
2010-01-03 13:11 . 2010-01-10 14:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2010-01-01 18:56 . 2010-01-01 18:56 -------- d-sh--w- c:\documents and settings\PC\IECompatCache
2010-01-01 16:06 . 2010-01-01 16:06 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-01-01 16:04 . 2010-01-01 16:04 -------- d-sh--w- c:\documents and settings\PC\IETldCache
2010-01-01 12:40 . 2010-01-02 08:35 -------- d-----w- c:\windows\ie8updates
2010-01-01 12:39 . 2010-01-01 12:40 -------- dc-h--w- c:\windows\ie8
2010-01-01 12:39 . 2010-01-01 12:40 -------- d-----w- c:\windows\system32\sk-SK
2010-01-01 12:38 . 2009-10-29 07:45 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-01-01 12:38 . 2009-10-29 07:45 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-01-01 12:38 . 2009-10-29 07:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-01-01 12:38 . 2009-10-29 07:45 246272 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-01-01 12:38 . 2009-10-29 07:45 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-01-01 12:38 . 2009-10-29 07:45 11069952 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-12-31 20:36 . 2009-12-31 20:56 67136 ----a-w- c:\windows\War3Unin.dat
2009-12-31 20:36 . 2009-12-31 20:43 2829 ----a-w- c:\windows\War3Unin.pif
2009-12-31 20:36 . 2009-12-31 20:43 139264 ----a-w- c:\windows\War3Unin.exe
2009-12-31 15:34 . 2009-12-31 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare
2009-12-31 15:32 . 2007-03-15 15:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2009-12-31 15:23 . 2009-12-31 15:23 -------- d-----w- c:\program files\AGEIA Technologies
2009-12-31 15:23 . 2009-12-31 15:23 -------- d-----w- c:\windows\system32\AGEIA
2009-12-31 15:10 . 2009-12-31 15:23 -------- d-----w- c:\program files\Common Files\BioWare
2009-12-30 10:25 . 2009-12-30 10:25 -------- d-----w- c:\program files\Common Files\eSellerate
2009-12-30 10:22 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-12-30 09:17 . 2009-12-30 09:17 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-12-29 18:33 . 2009-12-29 18:33 4806845 ----a-w- c:\windows\REGBK00.ZIP
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\VDLL.DLL
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\system32\runouce.exe
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\RUNDL132.EXE
2009-12-29 18:28 . 2009-12-29 18:28 -------- d---a-w- c:\windows\logo_1.exe
2009-12-29 18:26 . 2009-12-29 18:26 632064 ----a-w- c:\windows\system32\msvcr80.dll
2009-12-29 18:26 . 2009-12-29 18:26 554240 ----a-w- c:\windows\system32\msvcp80.dll
2009-12-29 18:26 . 2009-12-29 18:26 34048 ----a-w- c:\windows\system32\eEmpty.exe
2009-12-29 18:26 . 2008-04-14 00:12 135680 ----a-w- c:\windows\system32\T.COM
2009-12-29 18:26 . 2008-04-14 00:12 146432 ----a-w- c:\windows\R.COM
2009-12-29 18:26 . 2009-12-29 18:26 -------- d-----w- c:\program files\Common Files\MicroWorld
2009-12-29 18:26 . 2009-12-29 18:26 -------- d-----w- c:\documents and settings\All Users\Application Data\MicroWorld
2009-12-29 11:41 . 2009-12-29 11:41 -------- d-----w- c:\documents and settings\PC\Application Data\Publish Providers
2009-12-29 11:38 . 2009-12-29 11:41 -------- d-----w- c:\documents and settings\PC\Application Data\Sony
2009-12-29 11:38 . 2009-12-29 11:38 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\Sony
2009-12-29 11:37 . 2009-12-29 11:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-12-27 21:33 . 2009-11-02 19:42 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-24 14:23 . 2009-11-25 03:27 446464 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-12-24 14:23 . 2009-11-25 02:59 311296 ----a-w- c:\windows\system32\atiiiexx.dll
2009-12-24 14:23 . 2009-11-25 02:42 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-12-24 14:23 . 2009-11-25 02:42 3 ----a-w- c:\windows\system32\ativva5x.dat
2009-12-24 14:23 . 2009-10-22 15:59 196565 ----a-w- c:\windows\system32\atiicdxx.dat
2009-12-24 14:23 . 2009-12-24 14:23 10134 ----a-r- c:\documents and settings\PC\Application Data\Microsoft\Installer\{A778A787-08A4-4089-CB68-02A9737DE532}\ARPPRODUCTICON.exe
2009-12-24 14:14 . 2009-12-24 14:28 -------- d-----w- c:\program files\ATI
2009-12-24 14:13 . 2009-12-24 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2009-12-24 13:22 . 2009-11-25 03:11 208896 ----a-w- c:\windows\system32\atipdlxx.dll
2009-12-24 10:04 . 2009-12-24 10:15 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\SubtitleCreator
2009-12-23 12:46 . 2009-12-23 21:47 -------- d-----w- c:\documents and settings\PC\Application Data\Azureus
2009-12-23 10:38 . 2009-12-23 10:38 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ESET
2009-12-23 09:00 . 2009-12-24 10:32 -------- d-----w- c:\documents and settings\PC\Application Data\dvdcss
2009-12-23 09:00 . 2010-01-06 17:21 -------- d-----w- c:\documents and settings\PC\Application Data\vlc
2009-12-23 08:17 . 2009-12-23 08:18 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-20 19:11 . 2010-01-10 16:10 1 ----a-w- c:\documents and settings\PC\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2009-12-20 19:11 . 2009-12-20 19:11 -------- d-----w- c:\documents and settings\PC\Application Data\OpenOffice.org
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\PC\Application Data\Ashampoo
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ashampoo
2009-12-20 13:17 . 2009-12-20 13:17 -------- d-----w- c:\documents and settings\All Users\Application Data\ashampoo
2009-12-20 13:08 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2009-12-20 13:08 . 2009-12-20 13:08 -------- d-----w- c:\program files\Windows Media Connect 2
2009-12-20 13:07 . 2010-01-03 15:36 -------- d-----w- c:\windows\system32\LogFiles
2009-12-20 13:07 . 2009-12-20 13:07 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-12-20 08:31 . 2010-01-10 19:06 -------- d-----w- c:\program files\trend micro
2009-12-20 08:31 . 2009-12-20 08:31 -------- d-----w- C:\rsit
2009-12-19 13:45 . 2009-12-19 13:45 -------- d-----w- c:\documents and settings\PC\Application Data\AVS4YOU
2009-12-19 13:45 . 2009-12-19 13:45 -------- d-----w- c:\documents and settings\All Users\Application Data\AVS4YOU
2009-12-19 13:43 . 2009-12-19 13:44 -------- d-----w- c:\program files\Common Files\AVSMedia
2009-12-19 13:42 . 2007-09-27 13:22 638976 ----a-w- c:\windows\system32\divx.dll
2009-12-19 13:42 . 2007-09-27 13:22 524288 ----a-w- c:\windows\system32\xvidcore.dll
2009-12-19 13:42 . 2007-09-27 13:22 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2009-12-19 13:42 . 2007-09-27 13:22 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2009-12-19 13:42 . 2007-09-27 13:22 139264 ----a-w- c:\windows\system32\xvidvfw.dll
2009-12-19 13:42 . 2003-05-21 22:50 1700352 ----a-w- c:\windows\system32\GdiPlus.dll
2009-12-19 13:42 . 2003-05-21 11:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-12-19 13:42 . 2002-01-05 14:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2009-12-19 13:42 . 2002-01-05 13:40 487424 ----a-w- c:\windows\system32\msvcp70.dll
2009-12-19 13:42 . 2002-01-05 01:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-12-17 20:58 . 2009-12-17 20:58 125 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\fusioncache.dat
2009-12-17 20:58 . 2009-12-17 21:06 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\ApplicationHistory
2009-12-17 20:48 . 2009-12-17 20:48 -------- d-----w- c:\documents and settings\PC\Application Data\Windows Search
2009-12-17 20:46 . 2009-12-17 20:46 -------- d-----w- c:\documents and settings\PC\Local Settings\Application Data\Identities
2009-12-17 20:46 . 2009-12-17 20:46 -------- d-----w- c:\documents and settings\PC\Application Data\Windows Desktop Search

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-07 14:12 . 2009-12-11 14:02 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-24 14:23 . 2009-12-11 14:04 -------- d-----w- c:\program files\ATI Technologies
2009-12-20 15:55 . 2009-12-11 15:15 45960 ----a-w- c:\documents and settings\PC\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-16 17:28 . 2009-12-16 17:26 -------- d-----w- c:\documents and settings\PC\Application Data\Winamp
2009-12-15 18:27 . 2009-12-15 18:27 691696 ----a-w- c:\windows\system32\drivers\sptd.sys.16095416
2009-12-15 16:55 . 2009-12-11 13:45 147275 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-15 16:55 . 2009-12-11 13:45 5110 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-11 15:17 . 2009-12-11 13:45 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-11 15:15 . 2009-12-11 15:15 -------- d-----w- c:\documents and settings\PC\Application Data\ATI
2009-12-11 15:15 . 2009-12-11 15:15 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-11 14:51 . 2009-12-11 14:02 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-11 14:47 . 2009-12-11 14:15 -------- d-----w- c:\program files\VIA
2009-12-11 13:45 . 2009-12-11 13:45 -------- d-----w- c:\program files\microsoft frontpage
2009-12-11 13:43 . 2009-12-11 13:43 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-25 03:50 . 2009-08-14 04:27 4463104 ----a-w- c:\windows\system32\drivers\ati2mtag.sys
2009-11-25 03:26 . 2009-08-14 02:27 300032 ----a-w- c:\windows\system32\ati2dvag.dll
2009-11-25 03:11 . 2009-12-24 13:22 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-11-25 03:10 . 2009-12-24 13:22 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-11-25 03:10 . 2009-12-24 13:22 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-11-25 03:10 . 2009-12-24 13:22 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-11-25 03:09 . 2009-12-24 13:22 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-11-25 03:07 . 2009-12-24 13:22 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-11-25 02:59 . 2009-08-14 01:58 3538496 ----a-w- c:\windows\system32\ati3duag.dll
2009-11-25 02:44 . 2009-12-24 13:22 13533184 ----a-w- c:\windows\system32\atioglxx.dll
2009-11-25 02:43 . 2009-08-14 01:42 2142848 ----a-w- c:\windows\system32\ativvaxx.dll
2009-11-25 02:26 . 2009-12-24 13:22 65024 ----a-w- c:\windows\system32\atimpc32.dll
2009-11-25 02:26 . 2009-12-24 13:22 65024 ----a-w- c:\windows\system32\amdpcom32.dll
2009-11-25 02:21 . 2009-12-24 13:22 565248 ----a-w- c:\windows\system32\atikvmag.dll
2009-11-25 02:20 . 2009-12-24 13:22 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-11-25 02:20 . 2009-12-24 13:22 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-11-25 02:19 . 2009-12-24 13:22 176128 ----a-w- c:\windows\system32\atiadlxx.dll
2009-11-25 02:18 . 2009-12-24 13:22 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-11-25 02:18 . 2009-12-24 13:22 3612672 ----a-w- c:\windows\system32\aticaldd.dll
2009-11-25 02:18 . 2009-12-24 13:22 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-11-25 02:17 . 2009-12-24 13:22 397312 ----a-w- c:\windows\system32\atiok3x2.dll
2009-11-25 02:12 . 2009-08-14 01:12 638976 ----a-w- c:\windows\system32\ati2cqag.dll
2009-11-21 15:51 . 2006-02-28 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-11-21 09:30 . 2009-11-21 09:30 86016 ----a-w- c:\windows\system32\frapsvid.dll
2009-10-29 07:45 . 2006-02-28 12:00 916480 ------w- c:\windows\system32\wininet.dll
2009-10-21 05:38 . 2006-02-28 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:38 . 2006-02-28 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-02-28 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2009-10-13 10:30 . 2006-02-28 12:00 270336 ----a-w- c:\windows\system32\oakley.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-01-10_19.50.43 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-01-10 20:15 . 2010-01-10 20:15 16384 c:\windows\Temp\Perflib_Perfdata_7f0.dat
+ 2010-01-10 20:15 . 2010-01-10 20:15 16384 c:\windows\Temp\Perflib_Perfdata_738.dat
+ 2006-02-28 12:00 . 2010-01-10 19:58 78192 c:\windows\system32\perfc009.dat
- 2006-02-28 12:00 . 2010-01-10 19:13 78192 c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2010-01-10 19:58 461864 c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2010-01-10 19:13 461864 c:\windows\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="e:\hry\cs 1.6\steam.exe" [2009-12-15 1217808]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336]
"DAEMON Tools Lite"="e:\programy\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-10-09 33677312]
"SpywareTerminator"="e:\programy\Spyware Terminator\SpywareTerminatorShield.exe" [2010-01-03 2166784]
"avast!"="e:\programy\AVAST4~1.8HO\ashDisp.exe" [2009-11-24 81000]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57 369200 ----a-w- e:\programy\DAEMON Tools Lite\DTLite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2009-07-01 16:37 37888 ----a-w- e:\programy\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\freecell.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"e:\\Programy\\ICQ6.5\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Hry\\CS 1.6\\SteamApps\\camejko\\counter-strike\\hl.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"e:\\Programy\\BitLord\\BitLord.exe"=
"e:\\Hry\\Dragon Age\\bin_ship\\daorigins.exe"=
"e:\\Hry\\Dragon Age\\DAOriginsLauncher.exe"=
"e:\\Hry\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"=
"e:\\Programy\\Garena\\Garena.exe"=
"e:\\Programy\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=
"e:\\Hry\\CS 1.6\\SteamApps\\camejko\\dedicated server\\hltv.exe"=
"c:\\Documents and Settings\\PC\\Application Data\\Octoshape\\Octoshape Streaming Services\\OctoshapeClient.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"e:\\Hry\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2.exe"=
"c:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe"=
"e:\\Hry\\CS 1.6\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [6.1.2010 16:58 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [3.1.2010 14:12 142592]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6.1.2010 16:58 20560]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [29.10.2009 12:27 1074568]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [11.12.2009 15:02 44032]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [11.12.2009 15:17 1418368]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [3.1.2010 15:28 691696]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu;e:\hry\Dragon Age\bin_ship\daupdatersvc.service.exe [31.12.2009 16:19 25832]
S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp --> c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp [?]
.
Contents of the 'Scheduled Tasks' folder

2010-01-10 c:\windows\Tasks\User_Feed_Synchronization-{7D1B8E99-6DA7-43F6-A148-711D0F18BF11}.job
- c:\windows\system32\msfeedssync.exe [2010-01-01 03:31]
.
.
------- Supplementary Scan -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {092475B1-4D09-4DA2-AA69-BEE9A6F0E11E} = 92.245.2.245,92.245.2.162
FF - ProfilePath - c:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\8hwzxgix.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://sk.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sk:official
FF - plugin: c:\documents and settings\PC\Application Data\Mozilla\plugins\npoctoshape.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".sk");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-10 21:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
"ImagePath"="\??\c:\docume~1\PC\LOCALS~1\Temp\SFR32.tmp"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(716)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2010-01-10 21:18:55
ComboFix-quarantined-files.txt 2010-01-10 20:18
ComboFix2.txt 2010-01-10 19:51

Pre-Run: 88 458 526 720 bytes free
Post-Run: 7 adresárov, 88 423 354 368 voľných bajtov

[Roli]

Nepořádek je pryč, tak že nyní přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Pak dej vědět jestli je s PC ještě problém.

[matej7]

dakujem

[Roli]

dakujem

To je sice milé že děkuješ ale já bych rád věděl jestli PC při startu ještě zlobí nebo ne.

[matej7]

ked sa to stane napisem tu

[Roli]

Dobře budu tady.