VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Outlook nepíše znaky ěščřž

https://forum.viry.cz:443/viewtopic.php?t=96562

Stránka 1 z 1

Outlook nepíše znaky ěščřž

Napsal: 21 led 2010 23:32
od coral
Dobrý den, Outlook 2007 mi nepíše znaky ěščřž. Již jsem se dočetl, že je to způsobeno virem z keylogeru, ten jsem bohužel spustil konkrétně keyloger na program Nero 8. :( Zkoušel jsem ho odstranit standartně antivirem Norton 2009, ale nepomohl mi. Nevím jakým způsobem se viru zbavit. :( moc děkuji za pomoc. Zde je výpis z RSIT.

Logfile of random's system information tool 1.06 (written by random/random)
Run by Coral Acer at 2010-01-21 23:14:25
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 26 GB (48%) free of 55 GB
Total RAM: 2815 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:34, on 21.1.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Firebird\bin\fbguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Empowering Technology\eLock\LockServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\Firebird\bin\fbserver.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\PROGRA~1\LAUNCH~1\LManager.exe
C:\Program Files\Acer\Acer Arcade\PCMService.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Acer\Empowering Technology\eLock\Monitor\LockMon.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Kalendar\kalendar.exe
C:\DOCUME~1\CORALA~1\LOCALS~1\Temp\Rar$EX00.562\maydesign mxClock\mxClock.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\DOCUME~1\CORALA~1\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Coral Acer\Dokumenty\Install\programky\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Coral Acer.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cs.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/ ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.aceradvantage.com/stdreg/sta ... 2027E22000
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe /idle
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Kalendar] C:\Program Files\Kalendar\kalendar.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [mxClock] C:\DOCUME~1\CORALA~1\LOCALS~1\Temp\Rar$EX00.562\maydesign mxClock\mxClock.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Secunia PSI (RC3).lnk = C:\Program Files\Secunia\PSI (RC3)\psi.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files\Firebird\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 12464 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\IPSBHO.DLL [2009-08-26 107896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2009-12-16 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-23 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-12-16 1109504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-12-23 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\WINDOWS\system32\eDStoolbar.dll [2006-08-09 106496]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll [2009-12-16 700416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"preload"=C:\Windows\RUNXMLPL.exe [2005-05-19 32768]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-07-20 7581696]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-07-20 86016]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-07-21 16261632]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"AzMixerSel"=C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [2005-06-11 53248]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-05-25 786521]
"ntiMUI"=C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe [2006-05-15 45056]
"IMJPMIG8.1"=C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE [2004-08-18 208952]
"MSPY2002"=C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe [2004-08-18 59392]
"PHIME2002ASync"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"PHIME2002A"=C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE [2004-08-18 455168]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-08-08 634880]
"PCMService"=C:\Program Files\Acer\Acer Arcade\PCMService.exe [2006-04-27 151552]
"ePower_DMC"=C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [2006-07-18 438272]
"Boot"=C:\Acer\Empowering Technology\ePower\Boot.exe [2006-03-15 579584]
"Acer ePresentation HPD"=C:\Acer\Empowering Technology\ePresentation\ePresentation.exe [2006-06-07 208896]
"eLockMonitor"=C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe [2006-03-31 16384]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-08-09 342016]
"eRecoveryService"=C:\Acer\Empowering Technology\eRecovery\eRAgent.exe [2006-06-01 413696]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-09-23 61440]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-12-16 975360]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2007-01-20 200704]
"AdobeCS4ServiceManager"=C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-23 149280]
"iconcache"= []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
"Kalendar"=C:\Program Files\Kalendar\kalendar.exe [2005-11-09 580608]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"mxClock"=C:\DOCUME~1\CORALA~1\LOCALS~1\Temp\Rar$EX00.562\maydesign mxClock\mxClock.exe [2006-10-12 720482]
"Advanced SystemCare 3"=C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe [2009-11-20 2335880]
"uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2010-01-20 289584]

C:\Documents and Settings\Coral Acer\Nabídka Start\Programy\Po spuštění
Secunia PSI (RC3).lnk - C:\Program Files\Secunia\PSI (RC3)\psi.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SymEFA.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Acer\Acer Arcade\PCMService.exe"="C:\Program Files\Acer\Acer Arcade\PCMService.exe:*:Enabled:CyberLink PowerCinema Resident Program"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe"="C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Miranda IM\miranda32.exe"="C:\Program Files\Miranda IM\miranda32.exe:*:Enabled:Miranda IM"
"C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe"="C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4"
"C:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe"="C:\Program Files\Graphisoft\ArchiCAD 11\ArchiCAD.exe:*:Enabled:ArchiCAD 11.0.0 Component"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{172944e2-efd7-11de-a84b-0016d3509c84}]
shell\AutoRun\command - wdsync.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac385a3f-fb8b-11de-a863-0016d3509c84}]
shell\AutoRun\command - LPoZhe.ExE
shell\OPEN\command - lpoZhe.ExE


======List of files/folders created in the last 1 months======

2010-01-21 23:14:24 ----D---- C:\rsit
2010-01-21 23:01:42 ----D---- C:\Program Files\QuickTime
2010-01-21 23:01:10 ----SHD---- C:\Config.Msi
2010-01-21 23:00:32 ----D---- C:\Program Files\Common Files\Apple
2010-01-21 23:00:19 ----D---- C:\Program Files\Apple Software Update
2010-01-21 23:00:19 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2010-01-21 22:53:00 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-01-21 22:45:50 ----D---- C:\WINDOWS\LastGood
2010-01-21 22:45:44 ----D---- C:\Program Files\Secunia
2010-01-21 22:29:18 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Canon
2010-01-21 17:53:20 ----HD---- C:\Documents and Settings\All Users\Data aplikací\CanonBJ
2010-01-21 17:53:05 ----A---- C:\WINDOWS\system32\CNMLM9C.DLL
2010-01-21 17:53:02 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2010-01-21 17:52:47 ----A---- C:\WINDOWS\system32\CNC630O.DLL
2010-01-21 17:52:47 ----A---- C:\WINDOWS\system32\CNC630L.DLL
2010-01-21 17:52:47 ----A---- C:\WINDOWS\system32\CNC630I.DLL
2010-01-21 17:52:47 ----A---- C:\WINDOWS\system32\CNC630C.DLL
2010-01-21 17:52:39 ----HD---- C:\Program Files\CanonBJ
2010-01-21 17:47:14 ----D---- C:\Documents and Settings\All Users\Data aplikací\CanonIJSetup000
2010-01-21 17:47:12 ----D---- C:\Program Files\Canon
2010-01-20 22:50:36 ----D---- C:\Program Files\uTorrent
2010-01-20 22:49:31 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\uTorrent
2010-01-14 08:39:13 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-01-14 08:39:06 ----A---- C:\WINDOWS\imsins.BAK
2010-01-14 08:38:58 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-01-06 16:35:58 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\TrueCrypt
2010-01-05 14:06:05 ----D---- C:\WINDOWS\Sun
2009-12-31 21:07:41 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\vlc
2009-12-31 21:05:39 ----D---- C:\Program Files\VideoLAN
2009-12-25 19:44:16 ----A---- C:\WINDOWS\ReplacerUndo.txt
2009-12-25 19:41:32 ----A---- C:\WINDOWS\system32\icon.exe
2009-12-25 19:41:26 ----D---- C:\Program Files\Wallpapers
2009-12-25 19:41:22 ----D---- C:\WINDOWS\VCP_SAVE
2009-12-25 19:41:21 ----D---- C:\Program Files\Fonts
2009-12-25 19:41:13 ----D---- C:\WINDOWS\VCP_TEMP
2009-12-25 14:22:03 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\CyberLink
2009-12-24 22:32:47 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\IObit
2009-12-24 22:32:45 ----D---- C:\Program Files\IObit
2009-12-24 17:02:42 ----D---- C:\Program Files\Trend Micro
2009-12-24 12:37:38 ----D---- C:\Program Files\IrfanView
2009-12-24 12:19:56 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-12-24 12:08:45 ----D---- C:\Program Files\CCleaner
2009-12-24 02:21:05 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-12-24 01:52:22 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\AIMP
2009-12-24 01:52:07 ----D---- C:\Program Files\AIMP2
2009-12-23 23:11:15 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-23 23:11:15 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-23 23:11:15 ----A---- C:\WINDOWS\system32\java.exe
2009-12-23 23:11:15 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-12-23 23:08:06 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Graphisoft
2009-12-23 23:02:40 ----A---- C:\WINDOWS\ModemLog_Nokia E52 USB Modem.txt
2009-12-23 22:56:11 ----A---- C:\WINDOWS\system32\WkExt32.dll
2009-12-23 22:56:11 ----A---- C:\WINDOWS\system32\WibuXpm4J32.dll
2009-12-23 22:56:11 ----A---- C:\WINDOWS\system32\wibuKJni.dll
2009-12-23 22:56:09 ----A---- C:\WINDOWS\system32\WkDos.exe
2009-12-23 22:56:06 ----A---- C:\WINDOWS\system32\WkWin32.dll
2009-12-23 22:56:04 ----D---- C:\Program Files\WIBU-SYSTEMS
2009-12-23 22:56:04 ----D---- C:\Program Files\WIBUKEY
2009-12-23 22:55:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple Computer
2009-12-23 22:53:24 ----D---- C:\Program Files\Graphisoft
2009-12-23 22:52:12 ----D---- C:\Program Files\Java
2009-12-23 22:52:12 ----D---- C:\Program Files\Common Files\Java
2009-12-23 22:52:00 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Sun
2009-12-23 22:49:37 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\WinRAR
2009-12-23 22:35:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2009-12-23 21:56:28 ----D---- C:\Program Files\UNIQA
2009-12-23 21:30:27 ----D---- C:\Program Files\Kalendar
2009-12-23 21:28:26 ----N---- C:\WINDOWS\system32\spmsgXP_2k3.dll
2009-12-23 21:28:18 ----HDC---- C:\WINDOWS\$NtUninstallWdf01007$
2009-12-23 21:03:09 ----D---- C:\Program Files\Adobe Media Player
2009-12-23 20:54:22 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Adobe
2009-12-23 20:54:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-12-23 20:53:48 ----D---- C:\Program Files\Adobe
2009-12-23 20:52:25 ----A---- C:\WINDOWS\system32\muweb.dll
2009-12-23 20:52:25 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2009-12-23 20:52:25 ----A---- C:\WINDOWS\system32\mucltui.dll
2009-12-23 20:51:15 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-12-23 20:48:43 ----D---- C:\Program Files\Common Files\Adobe
2009-12-23 20:46:02 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\TortoiseSVN
2009-12-23 20:42:33 ----D---- C:\Program Files\Common Files\PCSuite
2009-12-23 20:42:29 ----D---- C:\Program Files\Common Files\Nokia
2009-12-23 20:41:30 ----D---- C:\Program Files\PC Connectivity Solution
2009-12-23 20:41:05 ----A---- C:\WINDOWS\system32\wdfcoinstaller01007.dll
2009-12-23 20:41:05 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2009-12-23 20:23:25 ----D---- C:\Program Files\PowerISO
2009-12-23 20:16:20 ----D---- C:\Program Files\RocketDock
2009-12-23 20:09:45 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\PC Suite
2009-12-23 20:09:45 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Nokia
2009-12-23 20:09:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\PC Suite
2009-12-23 20:06:14 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2009-12-23 20:06:13 ----D---- C:\Program Files\Nokia
2009-12-23 19:59:38 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Miranda
2009-12-23 19:59:23 ----D---- C:\Program Files\Miranda IM
2009-12-23 19:49:28 ----D---- C:\WINDOWS\Prefetch
2009-12-23 19:41:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\Installations
2009-12-23 19:39:55 ----A---- C:\WINDOWS\iun6002.exe
2009-12-23 19:39:49 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-23 19:36:58 ----D---- C:\Program Files\MSECache
2009-12-23 19:26:57 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Subversion
2009-12-23 19:26:46 ----D---- C:\WINDOWS\system32\cs
2009-12-23 19:26:46 ----D---- C:\WINDOWS\l2schemas
2009-12-23 19:26:45 ----D---- C:\WINDOWS\system32\bits
2009-12-23 19:25:30 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-12-23 19:23:58 ----D---- C:\Program Files\Microsoft Works
2009-12-23 19:23:34 ----D---- C:\Program Files\Microsoft Visual Studio
2009-12-23 19:23:33 ----D---- C:\Program Files\Common Files\DESIGNER
2009-12-23 19:22:39 ----D---- C:\Program Files\Microsoft.NET
2009-12-23 19:18:17 ----D---- C:\WINDOWS\SHELLNEW
2009-12-23 19:17:45 ----D---- C:\Program Files\Microsoft Office
2009-12-23 19:17:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2009-12-23 19:17:12 ----RHD---- C:\MSOCache
2009-12-23 19:11:31 ----D---- C:\WINDOWS\network diagnostic
2009-12-23 19:08:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2009-12-23 19:08:11 ----D---- C:\WINDOWS\EHome
2009-12-23 19:07:40 ----D---- C:\Program Files\TortoiseSVN
2009-12-23 19:07:40 ----D---- C:\Program Files\Common Files\TortoiseOverlays
2009-12-23 19:02:28 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Search Settings
2009-12-23 19:02:04 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\pdfforge
2009-12-23 18:50:09 ----A---- C:\WINDOWS\system32\GDS32.DLL
2009-12-23 18:50:07 ----D---- C:\Program Files\Firebird
2009-12-23 18:50:05 ----D---- C:\GEN
2009-12-23 18:48:53 ----D---- C:\Program Files\Application Updater
2009-12-23 18:48:52 ----D---- C:\Program Files\pdfforge Toolbar
2009-12-23 18:48:07 ----A---- C:\WINDOWS\system32\pdfcmnnt.dll
2009-12-23 18:48:05 ----A---- C:\WINDOWS\system32\MSMPIDE.DLL
2009-12-23 18:48:04 ----D---- C:\Program Files\PDFCreator
2009-12-23 18:45:44 ----D---- C:\WINDOWS\ie8updates
2009-12-23 18:45:16 ----D---- C:\WINDOWS\WBEM
2009-12-23 18:44:20 ----HDC---- C:\WINDOWS\ie8
2009-12-23 18:44:20 ----D---- C:\WINDOWS\system32\cs-CZ
2009-12-23 18:44:15 ----D---- C:\WINDOWS\system32\LogFiles
2009-12-23 17:35:09 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\TeamViewer
2009-12-23 17:34:57 ----D---- C:\Program Files\TeamViewer
2009-12-23 17:32:12 ----D---- C:\WINDOWS\ServicePackFiles
2009-12-23 17:29:31 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\skypePM
2009-12-23 17:29:20 ----D---- C:\Program Files\QIP
2009-12-23 17:27:42 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Skype
2009-12-23 17:27:03 ----D---- C:\Program Files\Common Files\Skype
2009-12-23 17:27:00 ----RD---- C:\Program Files\Skype
2009-12-23 17:26:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2009-12-23 17:25:23 ----D---- C:\Program Files\WinRAR
2009-12-23 17:19:49 ----D---- C:\Program Files\TrueCrypt
2009-12-23 17:17:45 ----D---- C:\totalcmd
2009-12-23 17:17:45 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\GHISLER
2009-12-23 17:15:25 ----D---- C:\Program Files\DreamCom
2009-12-23 17:02:36 ----N---- C:\WINDOWS\system32\tzchange.exe
2009-12-23 16:53:16 ----D---- C:\Program Files\Mozilla Firefox
2009-12-23 16:43:56 ----D---- C:\Documents and Settings\Coral Acer\Data aplikací\Mozilla
2009-12-23 16:43:38 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2009-12-23 16:43:38 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2009-12-23 16:43:37 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2009-12-23 16:38:21 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2009-12-23 16:38:03 ----D---- C:\Program Files\Windows Sidebar
2009-12-23 16:38:03 ----D---- C:\Program Files\Norton AntiVirus
2009-12-23 16:38:02 ----D---- C:\Documents and Settings\All Users\Data aplikací\Norton
2009-12-23 16:35:21 ----D---- C:\Program Files\NortonInstaller
2009-12-23 16:35:21 ----D---- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
2009-12-23 16:24:41 ----SHD---- C:\RECYCLER

======List of files/folders modified in the last 1 months======

2010-01-21 23:02:27 ----SHD---- C:\WINDOWS\Installer
2010-01-21 23:01:42 ----RD---- C:\Program Files
2010-01-21 23:01:42 ----D---- C:\WINDOWS\system32
2010-01-21 23:01:17 ----D---- C:\WINDOWS
2010-01-21 23:00:32 ----D---- C:\Program Files\Common Files
2010-01-21 23:00:23 ----SD---- C:\WINDOWS\Tasks
2010-01-21 22:48:00 ----D---- C:\WINDOWS\Temp
2010-01-21 22:45:52 ----HD---- C:\WINDOWS\inf
2010-01-21 22:45:52 ----D---- C:\WINDOWS\system32\drivers
2010-01-21 22:45:46 ----D---- C:\WINDOWS\system32\CatRoot2
2010-01-21 18:00:45 ----A---- C:\WINDOWS\ModemLog_HDAUDIO Soft Data Fax Modem with SmartCP.txt
2010-01-21 17:55:08 ----D---- C:\WINDOWS\system32\FxsTmp
2010-01-21 17:54:49 ----D---- C:\WINDOWS\Media
2010-01-21 17:54:44 ----RSHD---- C:\WINDOWS\system32\dllcache
2010-01-21 17:53:01 ----D---- C:\WINDOWS\twain_32
2010-01-21 00:10:22 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-01-14 09:08:04 ----D---- C:\WINDOWS\AppPatch
2010-01-14 08:39:11 ----HD---- C:\WINDOWS\$hf_mig$
2010-01-14 08:34:55 ----D---- C:\WINDOWS\Debug
2010-01-05 01:17:46 ----A---- C:\WINDOWS\system32\MRT.exe
2010-01-04 18:08:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-25 19:41:21 ----RSD---- C:\WINDOWS\Fonts
2009-12-25 14:13:31 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-25 12:52:42 ----SD---- C:\Documents and Settings\Coral Acer\Data aplikací\Microsoft
2009-12-24 13:10:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-24 13:06:38 ----A---- C:\WINDOWS\win.ini
2009-12-24 12:23:47 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-24 12:07:49 ----D---- C:\Program Files\Yahoo!
2009-12-23 22:30:12 ----D---- C:\Program Files\Symantec
2009-12-23 20:52:45 ----D---- C:\WINDOWS\system32\wbem
2009-12-23 20:42:48 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-23 20:40:46 ----D---- C:\WINDOWS\WinSxS
2009-12-23 20:17:30 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-23 19:48:58 ----D---- C:\WINDOWS\system32\Setup
2009-12-23 19:48:58 ----D---- C:\Program Files\Messenger
2009-12-23 19:48:09 ----D---- C:\WINDOWS\security
2009-12-23 19:39:39 ----D---- C:\Program Files\Outlook Express
2009-12-23 19:27:48 ----D---- C:\Program Files\Windows Media Player
2009-12-23 19:27:47 ----D---- C:\WINDOWS\Help
2009-12-23 19:27:16 ----D---- C:\WINDOWS\ime
2009-12-23 19:26:48 ----D---- C:\WINDOWS\system32\usmt
2009-12-23 19:26:47 ----D---- C:\Program Files\Internet Explorer
2009-12-23 19:26:45 ----D---- C:\WINDOWS\PeerNet
2009-12-23 19:26:45 ----D---- C:\Program Files\Movie Maker
2009-12-23 19:25:48 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-23 19:25:05 ----D---- C:\WINDOWS\system32\config
2009-12-23 19:22:39 ----D---- C:\WINDOWS\pchealth
2009-12-23 19:18:41 ----D---- C:\Program Files\Common Files\System
2009-12-23 19:16:18 ----D---- C:\WINDOWS\system32\Restore
2009-12-23 19:16:18 ----D---- C:\WINDOWS\system32\npp
2009-12-23 19:16:15 ----D---- C:\WINDOWS\msagent
2009-12-23 19:16:13 ----D---- C:\WINDOWS\srchasst
2009-12-23 19:16:09 ----D---- C:\Program Files\NetMeeting
2009-12-23 19:16:06 ----D---- C:\WINDOWS\system32\Com
2009-12-23 19:16:02 ----D---- C:\Program Files\Windows NT
2009-12-23 19:15:25 ----D---- C:\WINDOWS\system32\oobe
2009-12-23 19:15:23 ----D---- C:\WINDOWS\system
2009-12-23 19:10:02 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-23 16:39:15 ----D---- C:\Documents and Settings\All Users\Data aplikací\Symantec
2009-12-23 16:38:29 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 43008]
R1 BHDrvx86;Symantec Heuristics Driver; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\BHDrvx86.sys [2009-08-26 259632]
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\ccHPx86.sys [2009-12-23 482432]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100119.001\IDSxpx86.sys []
R1 PQNTDrv;PQNTDrv; C:\WINDOWS\system32\drivers\PQNTDrv.sys [2002-09-16 4228]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2007-01-20 31644]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\NAV\1007020.00B\SRTSPX.SYS [2009-08-26 43696]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\SYMTDI.SYS [2009-08-26 217136]
R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2009-12-23 223432]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-08-14 74720]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver; \??\C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; \??\C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
R2 int15;int15; \??\C:\WINDOWS\system32\drivers\int15.sys []
R2 irda;Protokol IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2008-04-13 88192]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R2 tvicport;tvicport; \??\C:\WINDOWS\system32\drivers\tvicport.sys []
R2 WIBUKEY;WIBU-KEY Kernel Driver; C:\WINDOWS\SYSTEM32\DRIVERS\WibuKey.sys [2007-08-21 72704]
R2 zntport;zntport; \??\C:\WINDOWS\system32\drivers\zntport.sys []
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2006-06-25 564224]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\DKbFltr.sys [2006-01-20 17408]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-10-18 998656]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-10-24 218496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-07-24 4353024]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100121.005\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100121.005\NAVEX15.SYS []
R3 NTIDrvr;Upper Class Filter Driver; C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys [2006-08-30 6144]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-07-20 3685152]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-03-04 34176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-03-04 13056]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2006-03-07 11136]
R3 psdfilter;psdfilter; \??\C:\WINDOWS\system32\Drivers\psdfilter.sys []
R3 psdvdisk;psdvdisk; \??\C:\WINDOWS\system32\Drivers\psdvdisk.sys []
R3 Rasirda;WAN Miniport (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\SRTSP.SYS [2009-08-26 308272]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\SYMFW.SYS [2009-08-26 89904]
R3 SYMIDS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\SYMIDS.SYS [2009-08-26 33072]
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-26 36400]
R3 SYMNDIS;Symantec Network Filter Driver; C:\WINDOWS\System32\Drivers\NAV\1007020.00B\SYMNDIS.SYS [2009-08-26 36400]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2006-05-25 193088]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2006-05-17 162560]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-10-18 721280]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
S3 Cam5603D;Acer OrbiCam; C:\WINDOWS\System32\Drivers\BisonCam.sys [2006-06-30 775936]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 int15.sys;int15.sys; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys []
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2009-10-06 17664]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2009-10-06 22016]
S3 NSCIRDA;NSC Infrared Device Driver; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2008-04-13 28672]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2008-06-16 7808]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMDNS.SYS []
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2009-08-26 36400]
S3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NAV\1000000.07D\SYMREDRV.SYS []
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2009-10-06 7936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2009-10-06 7936]
S3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2008-03-27 503008]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;Memory Check Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-05-11 28672]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2009-12-16 375296]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe [2006-04-27 254050]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe [2006-04-27 114784]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe [2006-04-27 61440]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\bin\fbguard.exe [2007-12-12 65536]
R2 Irmon;Sledování infračerveného přenosu; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-12-23 153376]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-05-18 49152]
R2 LockServ;LockServ; C:\Acer\Empowering Technology\eLock\LockServ.exe [2006-06-28 520192]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Norton AntiVirus;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe [2009-08-26 117640]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-07-20 143426]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-01-21 143360]
R2 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2007-02-09 1174152]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2009-12-08 185640]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\bin\fbserver.exe [2007-12-12 1531989]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-10-27 657408]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268288]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-23 655624]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-07-25 2119360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2007-08-22 147824]

-----------------EOF-----------------

Re: Outlook nepíše znaky ěščřž

Napsal: 22 led 2010 08:41
od JaRon
ahoj,
Presun ComboFix
na plochu (ak tam este nie je)

otvor si Poznamkovy blok - notepad

do neho zkopiruj skript z nasledujiceho okna:

Kód: Vybrat vše

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac385a3f-fb8b-11de-a863-0016d3509c84}]
uloz vytvoreny textovy soubor ako CFScript.txt na plochu

po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:

Obrázek

po aplikacii by mal vzniknut dalsi log, ten vloz sem :)

Re: Outlook nepíše znaky ěščřž

Napsal: 24 led 2010 14:36
od coral
Provedl jsem a posílám log:

ComboFix 10-01-23.05 - Coral Acer 24.01.2010 14:13:31.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2815.1690 [GMT 1:00]
Spuštěný z: c:\documents and settings\Coral Acer\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Coral Acer\Plocha\CFScript.txt
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SearchSettings.dll
c:\windows\Fonts\MyriadPro-Regular.otf
c:\windows\system32\sysdm.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-12-24 do 2010-01-24 )))))))))))))))))))))))))))))))
.

2010-01-21 22:14 . 2010-01-21 22:14 -------- d-----w- C:\rsit
2010-01-21 22:01 . 2010-01-21 22:02 -------- d-----w- c:\program files\QuickTime
2010-01-21 22:00 . 2010-01-21 22:00 -------- d-----w- c:\program files\Common Files\Apple
2010-01-21 22:00 . 2010-01-21 22:00 -------- d-----w- c:\program files\Apple Software Update
2010-01-21 21:53 . 2010-01-21 21:53 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-21 21:45 . 2010-01-21 21:45 -------- d-----w- c:\program files\Secunia
2010-01-21 16:54 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-21 16:54 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2010-01-21 16:53 . 2008-04-22 04:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9C.DLL
2010-01-21 16:53 . 2008-04-22 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9C.DLL
2010-01-21 16:53 . 2008-04-22 04:00 230912 ----a-w- c:\windows\system32\CNMLM9C.DLL
2010-01-21 16:53 . 2010-01-21 16:53 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-01-21 16:52 . 2008-04-07 13:58 1339392 ----a-w- c:\windows\system32\CNC630C.DLL
2010-01-21 16:52 . 2008-04-07 13:58 98304 ----a-w- c:\windows\system32\CNC630I.DLL
2010-01-21 16:52 . 2008-03-10 12:59 270336 ----a-w- c:\windows\system32\CNC630L.DLL
2010-01-21 16:52 . 2007-03-15 13:12 188416 ----a-w- c:\windows\system32\CNC630O.DLL
2010-01-21 16:52 . 2010-01-21 16:52 -------- d--h--w- c:\program files\CanonBJ
2010-01-21 16:47 . 2010-01-21 21:28 -------- d-----w- c:\program files\Canon
2010-01-20 21:50 . 2010-01-20 21:50 -------- d-----w- c:\program files\uTorrent
2010-01-13 15:15 . 2009-11-21 16:03 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2010-01-13 15:15 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll
2010-01-13 15:15 . 2009-10-15 16:32 119808 ------w- c:\windows\system32\dllcache\t2embed.dll
2010-01-13 03:38 . 2010-01-13 03:38 -------- d-sh--w- c:\documents and settings\Coral Acer\IECompatCache
2010-01-08 13:02 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-01-08 13:02 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys
2010-01-08 13:00 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2010-01-08 13:00 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys
2010-01-05 15:12 . 2010-01-05 15:13 -------- d-----w- c:\documents and settings\Coral Acer\KBCertifikat
2010-01-05 13:06 . 2010-01-05 15:14 -------- d-----w- c:\documents and settings\Coral Acer\kbpki
2010-01-05 13:06 . 2010-01-05 13:06 -------- d-----w- c:\windows\Sun
2009-12-31 20:05 . 2009-12-31 20:05 -------- d-----w- c:\program files\VideoLAN
2009-12-25 18:41 . 2005-09-28 01:31 49152 ----a-w- c:\windows\system32\icon.exe
2009-12-25 18:41 . 2009-12-25 18:41 -------- d-----w- c:\program files\Wallpapers
2009-12-25 18:41 . 2009-12-25 18:41 -------- d-----w- c:\windows\VCP_SAVE
2009-12-25 18:41 . 2009-12-25 18:41 -------- d-----w- c:\program files\Fonts
2009-12-25 18:41 . 2009-12-25 18:52 -------- d-----w- c:\windows\VCP_TEMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-24 13:17 . 2009-12-23 17:48 -------- d-----w- c:\program files\pdfforge Toolbar
2010-01-04 17:08 . 2006-08-30 13:17 64362 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 17:08 . 2006-08-30 13:17 384380 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 14:51 . 2009-12-24 00:52 -------- d-----w- c:\program files\AIMP2
2009-12-25 20:33 . 2009-12-23 19:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-25 18:47 . 2009-12-23 18:53 90352 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-24 21:32 . 2009-12-24 21:32 -------- d-----w- c:\program files\IObit
2009-12-24 16:02 . 2009-12-24 16:02 -------- d-----w- c:\program files\Trend Micro
2009-12-24 12:09 . 2009-12-23 18:23 -------- d-----w- c:\program files\Microsoft Works
2009-12-24 11:37 . 2009-12-24 11:37 -------- d-----w- c:\program files\IrfanView
2009-12-24 11:19 . 2009-12-24 11:19 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-12-24 11:08 . 2009-12-24 11:08 -------- d-----w- c:\program files\CCleaner
2009-12-24 11:07 . 2007-02-09 20:50 -------- d-----w- c:\program files\Yahoo!
2009-12-23 22:31 . 2009-12-23 16:15 -------- d-----w- c:\program files\DreamCom
2009-12-23 22:20 . 2009-12-23 19:16 -------- d-----w- c:\program files\RocketDock
2009-12-23 22:10 . 2009-12-23 22:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 22:10 . 2009-12-23 21:52 -------- d-----w- c:\program files\Java
2009-12-23 21:56 . 2009-12-23 21:56 -------- d-----w- c:\program files\WIBUKEY
2009-12-23 21:56 . 2009-12-23 21:56 -------- d-----w- c:\program files\WIBU-SYSTEMS
2009-12-23 21:53 . 2009-12-23 21:53 -------- d-----w- c:\program files\Graphisoft
2009-12-23 21:52 . 2009-12-23 21:52 -------- d-----w- c:\program files\Common Files\Java
2009-12-23 21:30 . 2009-12-23 15:38 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-23 21:30 . 2009-12-23 15:38 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-23 21:30 . 2009-12-23 15:38 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-12-23 21:30 . 2009-12-23 15:38 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-23 21:30 . 2006-08-30 12:45 -------- d-----w- c:\program files\Symantec
2009-12-23 20:56 . 2009-12-23 20:56 -------- d-----w- c:\program files\UNIQA
2009-12-23 20:31 . 2009-12-23 20:30 -------- d-----w- c:\program files\Kalendar
2009-12-23 20:28 . 2009-12-23 20:28 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-23 20:28 . 2009-12-23 20:28 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-23 20:03 . 2009-12-23 20:03 -------- d-----w- c:\program files\Adobe Media Player
2009-12-23 19:51 . 2009-12-23 19:51 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-12-23 19:42 . 2009-12-23 19:42 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-23 19:42 . 2009-12-23 19:42 -------- d-----w- c:\program files\Common Files\Nokia
2009-12-23 19:42 . 2009-12-23 19:06 -------- d-----w- c:\program files\Nokia
2009-12-23 19:41 . 2009-12-23 19:41 -------- d-----w- c:\program files\PC Connectivity Solution
2009-12-23 19:23 . 2009-12-23 19:23 -------- d-----w- c:\program files\PowerISO
2009-12-23 19:17 . 2006-08-30 12:45 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-23 18:59 . 2009-12-23 18:59 -------- d-----w- c:\program files\Miranda IM
2009-12-23 18:59 . 2009-12-23 16:29 -------- d-----w- c:\program files\QIP
2009-12-23 18:39 . 2009-12-23 18:39 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-23 18:39 . 2009-12-23 18:39 737280 ----a-w- c:\windows\iun6002.exe
2009-12-23 18:36 . 2009-12-23 18:36 -------- d-----w- c:\program files\MSECache
2009-12-23 18:30 . 2004-09-17 11:36 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-23 18:30 . 2004-09-17 11:36 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-23 18:22 . 2009-12-23 18:22 -------- d-----w- c:\program files\Microsoft.NET
2009-12-23 18:07 . 2009-12-23 18:07 -------- d-----w- c:\program files\TortoiseSVN
2009-12-23 18:07 . 2009-12-23 18:07 -------- d-----w- c:\program files\Common Files\TortoiseOverlays
2009-12-23 17:51 . 2009-12-23 17:48 -------- d-----w- c:\program files\PDFCreator
2009-12-23 17:50 . 2009-12-23 17:50 -------- d-----w- c:\program files\Firebird
2009-12-23 17:48 . 2009-12-23 17:48 -------- d-----w- c:\program files\Application Updater
2009-12-23 16:34 . 2009-12-23 16:34 -------- d-----w- c:\program files\TeamViewer
2009-12-23 16:29 . 2009-12-23 16:29 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-23 16:27 . 2009-12-23 16:27 -------- d-----r- c:\program files\Skype
2009-12-23 16:27 . 2009-12-23 16:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-23 16:21 . 2009-12-23 16:19 -------- d-----w- c:\program files\TrueCrypt
2009-12-23 16:19 . 2009-12-23 16:19 223432 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-12-23 15:44 . 2009-12-23 15:44 0 ----a-w- c:\windows\nsreg.dat
2009-12-23 15:38 . 2009-12-23 15:38 -------- d-----w- c:\program files\Norton AntiVirus
2009-12-23 15:38 . 2009-12-23 15:38 -------- d-----w- c:\program files\Windows Sidebar
2009-12-23 15:35 . 2009-12-23 15:35 -------- d-----w- c:\program files\NortonInstaller
2009-12-21 19:08 . 2006-01-09 19:08 916480 ----a-w- c:\windows\system32\wininet.dll
2009-11-21 16:03 . 2004-08-18 04:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

------- Sigcheck -------

[-] 2008-04-14 . 9371ED2F7F0E405B46D0BD6186BE1408 . 4920320 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 9371ED2F7F0E405B46D0BD6186BE1408 . 4920320 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\VCP_SAVE\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-12-16 17:12 700416 ----a-w- c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2009-12-16 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
"Kalendar"="c:\program files\Kalendar\kalendar.exe" [2005-11-09 580608]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-20 2335880]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-20 289584]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-08-08 634880]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-18 438272]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-06-07 208896]
"eLockMonitor"="c:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-08-09 342016]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 61440]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-12-16 975360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Coral Acer\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI (RC3).lnk - c:\program files\Secunia\PSI (RC3)\psi.exe [2008-6-16 663552]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Graphisoft\\ArchiCAD 11\\ArchiCAD.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1007020.00B\SymEFA.sys [23.12.2009 22:30 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1007020.00B\BHDrvx86.sys [23.12.2009 22:30 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1007020.00B\cchpx86.sys [23.12.2009 20:39 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100119.001\IDSXpx86.sys [20.1.2010 1:13 329592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [9.2.2007 21:45 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [9.2.2007 21:45 90112]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe [23.12.2009 20:39 117640]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [8.12.2009 11:46 185640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [23.12.2009 10:00 102448]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\bin\fbguard.exe -s --> c:\program files\Firebird\bin\fbguard.exe -s [?]
S2 LockServ;LockServ;c:\acer\Empowering Technology\eLock\LockServ.exe -p --> c:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\bin\fbserver.exe -s --> c:\program files\Firebird\bin\fbserver.exe -s [?]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [16.6.2008 9:31 7808]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-21 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://cs.intl.acer.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.aceradvantage.com/stdreg/startpage. ... 2027E22000
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Coral Acer\Data aplikací\Mozilla\Firefox\Profiles\dbkobjse.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - component: c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\pdfforge Toolbar\SearchSettings.dll
BHO-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - c:\program files\pdfforge Toolbar\SearchSettings.dll
HKLM-Run-iconcache - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-24 14:17
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1284)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-01-24 14:19:19
ComboFix-quarantined-files.txt 2010-01-24 13:19

Před spuštěním: Volných bajtů: 27 993 169 408
Po spuštění: Volných bajtů: 28 164 221 952

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - E6E6B086E36ADAC9E3B055623E35F959

Re: Outlook nepíše znaky ěščřž

Napsal: 25 led 2010 07:34
od JaRon
uz to vypada lepsie :) preventivne prescanuj PC s AVPTool - pocas scanu vypni AV

Re: Outlook nepíše znaky ěščřž

Napsal: 17 úno 2010 09:52
od coral
Dobrý den, omlouvám se byl jsem dlouho mimo internet i tento zavirovaný počítač. Zde posílám výpis z AVP
Autoscan: completed 8 hours ago (events: 3, objects: 405664, time: 02:53:47)
16.2.2010 22:51:07 Task started
17.2.2010 0:25:02 Processing error C:\Documents and Settings\Coral Acer\Local Settings\Data aplikací\Microsoft\Outlook\Outlook.pst Read error
17.2.2010 1:44:55 Task completed

Re: Outlook nepíše znaky ěščřž

Napsal: 17 úno 2010 10:52
od JaRon
vypada to OK - je este nejaky problem ?

Re: Outlook nepíše znaky ěščřž

Napsal: 17 úno 2010 18:55
od coral
Ještě jsem zkusil proskenovat při vypnutém outlooku

Autoscan: completed 17 hours ago (events: 3, objects: 405664, time: 02:53:47)
Autoscan: completed 48 minutes ago (events: 2, objects: 21362, time: 00:38:51)
17.2.2010 17:26:48 Task started
17.2.2010 18:05:39 Task completed



Ale diakritika stéle zlobí. Občas už se dá napsat, ale zatím to nejde pokud stojí ěščř na začátku slova.

Re: Outlook nepíše znaky ěščřž

Napsal: 17 úno 2010 20:25
od coral
přikládám znovu výpis z combofix:

ComboFix 10-02-16.03 - Coral Acer 17.02.2010 19:03:18.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2815.1696 [GMT 1:00]
Spuštěný z: c:\documents and settings\Coral Acer\Plocha\ComboFix.exe
AV: Norton AntiVirus *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-01-17 do 2010-02-17 )))))))))))))))))))))))))))))))
.

2010-02-16 21:28 . 2010-02-17 18:01 -------- d-----w- c:\windows\LastGood
2010-02-16 12:21 . 2008-04-14 03:21 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-02-16 12:21 . 2008-04-14 03:21 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2010-02-16 12:21 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2010-02-16 12:21 . 2008-04-14 02:29 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2010-02-10 18:37 . 2009-12-31 16:50 353792 ------w- c:\windows\system32\dllcache\srv.sys
2010-02-10 18:36 . 2009-12-04 18:22 455424 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2010-02-10 18:34 . 2009-12-09 10:11 2191360 ------w- c:\windows\system32\dllcache\ntoskrnl.exe
2010-02-10 18:34 . 2009-12-09 10:11 2147328 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe
2010-02-10 18:34 . 2009-12-09 10:11 2068224 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe
2010-02-10 18:34 . 2009-12-09 10:11 2025984 ------w- c:\windows\system32\dllcache\ntkrpamp.exe
2010-01-24 15:12 . 2010-01-24 15:12 -------- d-----w- c:\documents and settings\All Users\Data aplikacĂ­
2010-01-24 14:55 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
2010-01-24 14:55 . 2010-01-24 14:55 -------- d-----w- c:\program files\PC Connectivity Solution
2010-01-24 14:55 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerfltj.sys
2010-01-24 14:55 . 2009-10-06 10:52 7936 ----a-w- c:\windows\system32\drivers\usbser_lowerflt.sys
2010-01-24 14:55 . 2009-10-06 10:52 22016 ----a-w- c:\windows\system32\drivers\ccdcmbo.sys
2010-01-24 14:55 . 2009-10-06 10:55 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2010-01-24 14:55 . 2009-10-06 10:52 660480 ----a-w- c:\windows\system32\nmwcdcocls.dll
2010-01-24 14:55 . 2009-10-06 10:52 17664 ----a-w- c:\windows\system32\drivers\ccdcmb.sys
2010-01-24 14:25 . 2010-01-24 14:25 -------- d-----w- c:\program files\MSXML 6.0
2010-01-24 14:25 . 2010-01-24 14:25 -------- d-----w- c:\program files\Ovi Files
2010-01-24 13:59 . 2010-01-24 15:10 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-01-21 22:14 . 2010-01-21 22:14 -------- d-----w- C:\rsit
2010-01-21 22:01 . 2010-01-21 22:02 -------- d-----w- c:\program files\QuickTime
2010-01-21 22:00 . 2010-01-21 22:00 -------- d-----w- c:\program files\Common Files\Apple
2010-01-21 22:00 . 2010-01-21 22:00 -------- d-----w- c:\program files\Apple Software Update
2010-01-21 21:53 . 2010-01-21 21:53 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-21 21:45 . 2010-01-21 21:45 -------- d-----w- c:\program files\Secunia
2010-01-21 16:54 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-01-21 16:54 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys
2010-01-21 16:53 . 2008-04-22 04:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9C.DLL
2010-01-21 16:53 . 2008-04-22 04:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9C.DLL
2010-01-21 16:53 . 2008-04-22 04:00 230912 ----a-w- c:\windows\system32\CNMLM9C.DLL
2010-01-21 16:53 . 2010-01-21 16:53 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-01-21 16:52 . 2008-04-07 13:58 1339392 ----a-w- c:\windows\system32\CNC630C.DLL
2010-01-21 16:52 . 2008-04-07 13:58 98304 ----a-w- c:\windows\system32\CNC630I.DLL
2010-01-21 16:52 . 2008-03-10 12:59 270336 ----a-w- c:\windows\system32\CNC630L.DLL
2010-01-21 16:52 . 2007-03-15 13:12 188416 ----a-w- c:\windows\system32\CNC630O.DLL
2010-01-21 16:52 . 2010-01-21 16:52 -------- d--h--w- c:\program files\CanonBJ
2010-01-21 16:47 . 2010-01-21 21:28 -------- d-----w- c:\program files\Canon
2010-01-20 21:50 . 2010-01-20 21:50 -------- d-----w- c:\program files\uTorrent

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-26 22:56 . 2009-12-23 19:06 -------- d-----w- c:\program files\Nokia
2010-01-24 14:58 . 2009-12-23 19:42 -------- d-----w- c:\program files\Common Files\Nokia
2010-01-24 14:25 . 2006-08-30 12:30 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-24 13:17 . 2009-12-23 17:48 -------- d-----w- c:\program files\pdfforge Toolbar
2010-01-04 17:08 . 2006-08-30 13:17 64362 ----a-w- c:\windows\system32\perfc005.dat
2010-01-04 17:08 . 2006-08-30 13:17 384380 ----a-w- c:\windows\system32\perfh005.dat
2009-12-31 20:05 . 2009-12-31 20:05 -------- d-----w- c:\program files\VideoLAN
2009-12-31 16:50 . 2004-08-18 04:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-31 14:51 . 2009-12-24 00:52 -------- d-----w- c:\program files\AIMP2
2009-12-25 20:33 . 2009-12-23 19:48 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-25 18:47 . 2009-12-23 18:53 90352 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-12-25 18:41 . 2009-12-25 18:41 -------- d-----w- c:\program files\Wallpapers
2009-12-25 18:41 . 2009-12-25 18:41 -------- d-----w- c:\program files\Fonts
2009-12-24 21:32 . 2009-12-24 21:32 -------- d-----w- c:\program files\IObit
2009-12-24 16:02 . 2009-12-24 16:02 -------- d-----w- c:\program files\Trend Micro
2009-12-24 12:09 . 2009-12-23 18:23 -------- d-----w- c:\program files\Microsoft Works
2009-12-24 11:37 . 2009-12-24 11:37 -------- d-----w- c:\program files\IrfanView
2009-12-24 11:19 . 2009-12-24 11:19 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-12-24 11:08 . 2009-12-24 11:08 -------- d-----w- c:\program files\CCleaner
2009-12-24 11:07 . 2007-02-09 20:50 -------- d-----w- c:\program files\Yahoo!
2009-12-23 22:31 . 2009-12-23 16:15 -------- d-----w- c:\program files\DreamCom
2009-12-23 22:20 . 2009-12-23 19:16 -------- d-----w- c:\program files\RocketDock
2009-12-23 22:10 . 2009-12-23 22:11 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-23 22:10 . 2009-12-23 21:52 -------- d-----w- c:\program files\Java
2009-12-23 21:56 . 2009-12-23 21:56 -------- d-----w- c:\program files\WIBUKEY
2009-12-23 21:56 . 2009-12-23 21:56 -------- d-----w- c:\program files\WIBU-SYSTEMS
2009-12-23 21:53 . 2009-12-23 21:53 -------- d-----w- c:\program files\Graphisoft
2009-12-23 21:52 . 2009-12-23 21:52 -------- d-----w- c:\program files\Common Files\Java
2009-12-23 21:30 . 2009-12-23 15:38 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-23 21:30 . 2009-12-23 15:38 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-23 21:30 . 2009-12-23 15:38 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2009-12-23 21:30 . 2009-12-23 15:38 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-23 21:30 . 2006-08-30 12:45 -------- d-----w- c:\program files\Symantec
2009-12-23 20:56 . 2009-12-23 20:56 -------- d-----w- c:\program files\UNIQA
2009-12-23 20:31 . 2009-12-23 20:30 -------- d-----w- c:\program files\Kalendar
2009-12-23 20:28 . 2009-12-23 20:28 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2009-12-23 20:28 . 2009-12-23 20:28 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2009-12-23 20:03 . 2009-12-23 20:03 -------- d-----w- c:\program files\Adobe Media Player
2009-12-23 19:51 . 2009-12-23 19:51 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-12-23 19:42 . 2009-12-23 19:42 -------- d-----w- c:\program files\Common Files\PCSuite
2009-12-23 19:23 . 2009-12-23 19:23 -------- d-----w- c:\program files\PowerISO
2009-12-23 19:17 . 2006-08-30 12:45 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-23 18:59 . 2009-12-23 18:59 -------- d-----w- c:\program files\Miranda IM
2009-12-23 18:59 . 2009-12-23 16:29 -------- d-----w- c:\program files\QIP
2009-12-23 18:39 . 2009-12-23 18:39 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-23 18:39 . 2009-12-23 18:39 737280 ----a-w- c:\windows\iun6002.exe
2009-12-23 18:36 . 2009-12-23 18:36 -------- d-----w- c:\program files\MSECache
2009-12-23 18:30 . 2004-09-17 11:36 76487 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-23 18:30 . 2004-09-17 11:36 2684 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-23 18:22 . 2009-12-23 18:22 -------- d-----w- c:\program files\Microsoft.NET
2009-12-23 18:07 . 2009-12-23 18:07 -------- d-----w- c:\program files\TortoiseSVN
2009-12-23 18:07 . 2009-12-23 18:07 -------- d-----w- c:\program files\Common Files\TortoiseOverlays
2009-12-23 17:51 . 2009-12-23 17:48 -------- d-----w- c:\program files\PDFCreator
2009-12-23 17:50 . 2009-12-23 17:50 -------- d-----w- c:\program files\Firebird
2009-12-23 17:48 . 2009-12-23 17:48 -------- d-----w- c:\program files\Application Updater
2009-12-23 16:34 . 2009-12-23 16:34 -------- d-----w- c:\program files\TeamViewer
2009-12-23 16:29 . 2009-12-23 16:29 48 ---ha-w- c:\windows\system32\ezsidmv.dat
2009-12-23 16:27 . 2009-12-23 16:27 -------- d-----r- c:\program files\Skype
2009-12-23 16:27 . 2009-12-23 16:27 -------- d-----w- c:\program files\Common Files\Skype
2009-12-23 16:21 . 2009-12-23 16:19 -------- d-----w- c:\program files\TrueCrypt
2009-12-23 16:19 . 2009-12-23 16:19 223432 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-12-23 15:44 . 2009-12-23 15:44 0 ----a-w- c:\windows\nsreg.dat
2009-12-23 15:38 . 2009-12-23 15:38 -------- d-----w- c:\program files\Norton AntiVirus
2009-12-23 15:38 . 2009-12-23 15:38 -------- d-----w- c:\program files\Windows Sidebar
2009-12-23 15:35 . 2009-12-23 15:35 -------- d-----w- c:\program files\NortonInstaller
2009-12-21 19:08 . 2006-01-09 19:08 916480 ------w- c:\windows\system32\wininet.dll
2009-12-17 07:42 . 2004-08-18 04:00 343552 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:10 . 2004-08-18 04:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 10:11 . 2005-09-29 19:30 2147328 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-09 10:11 . 2005-09-29 19:30 2025984 ------w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2004-08-18 04:00 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:14 . 2004-08-18 04:00 1294336 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:14 . 2004-08-18 04:00 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2004-08-18 04:00 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2004-08-18 04:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2004-08-18 04:00 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2004-08-18 04:00 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-27 16:09 . 2004-08-18 04:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-21 16:03 . 2004-08-18 04:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

------- Sigcheck -------

[-] 2008-04-14 . 9371ED2F7F0E405B46D0BD6186BE1408 . 4920320 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 9371ED2F7F0E405B46D0BD6186BE1408 . 4920320 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[7] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\VCP_SAVE\explorer.exe
[7] 2004-08-18 . 53114D57AB73A406AC7F602227781A99 . 1032704 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-01-24_13.17.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-11 19:54 . 2009-07-11 19:54 65536 c:\windows\WinSxS\x86_Microsoft.VC80.OpenMP_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e79c4723\vcomp.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80KOR.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 49152 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80JPN.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ITA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 45056 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHT.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 40960 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80CHS.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80FRA.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 61440 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ESP.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 57344 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80ENU.dll
+ 2009-07-11 19:32 . 2009-07-11 19:32 65536 c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\mfc80DEU.dll
+ 2010-02-12 08:27 . 2010-02-12 08:27 16384 c:\windows\Temp\Perflib_Perfdata_a8.dat
+ 2010-02-12 08:27 . 2010-02-12 08:27 16384 c:\windows\Temp\Perflib_Perfdata_a7c.dat
+ 2010-02-12 08:26 . 2010-02-12 08:26 16384 c:\windows\Temp\Perflib_Perfdata_6fc.dat
+ 2006-09-28 17:56 . 2006-09-28 17:56 55808 c:\windows\system32\WudfSvc.dll
+ 2006-09-28 19:13 . 2006-09-28 19:13 95344 c:\windows\system32\WUDFCoinstaller.dll
+ 2006-11-02 10:51 . 2006-11-02 10:51 39936 c:\windows\system32\wpdshextres.dll
+ 2006-10-18 19:00 . 2006-10-18 19:00 17408 c:\windows\system32\wpdshextautoplay.exe
+ 2006-10-18 20:47 . 2006-10-18 20:47 63488 c:\windows\system32\wpdmtpus.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 35840 c:\windows\system32\wpdconns.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 37376 c:\windows\system32\wmdmps.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 33792 c:\windows\system32\wmdmlog.dll
+ 2010-01-24 15:07 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 27136 c:\windows\system32\mspmsnsv.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 11264 c:\windows\system32\LAPRXY.dll
- 2009-12-23 19:41 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-01-24 14:55 . 2008-08-26 08:26 18816 c:\windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.sys
+ 2010-01-24 14:55 . 2009-10-06 10:52 22016 c:\windows\system32\DRVSTORE\ccdcmbo_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\ccdcmbo.sys
+ 2010-01-24 14:55 . 2009-10-06 10:52 91136 c:\windows\system32\DRVSTORE\ccdcmb_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\nmwcdcls.dll
+ 2010-01-24 14:55 . 2009-10-06 10:52 17664 c:\windows\system32\DRVSTORE\ccdcmb_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\ccdcmb.sys
+ 2006-09-28 18:00 . 2006-09-28 18:00 82944 c:\windows\system32\drivers\WudfRd.sys
+ 2006-09-28 17:55 . 2006-09-28 17:55 77568 c:\windows\system32\drivers\WudfPf.sys
+ 2006-10-18 19:00 . 2006-10-18 19:00 38528 c:\windows\system32\drivers\wpdusb.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 48688 c:\windows\system32\drivers\NAV\1008000.029\symndisv.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 36400 c:\windows\system32\drivers\NAV\1008000.029\symndis.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 33072 c:\windows\system32\drivers\NAV\1008000.029\symids.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 89904 c:\windows\system32\drivers\NAV\1008000.029\symfw.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 43696 c:\windows\system32\drivers\NAV\1008000.029\srtspx.sys
+ 2009-11-27 17:14 . 2009-11-27 17:14 17920 c:\windows\system32\dllcache\msyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 28672 c:\windows\system32\dllcache\msvidc32.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 11264 c:\windows\system32\dllcache\msrle32.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\system32\dllcache\iyuv_32.dll
+ 2009-12-14 07:10 . 2009-12-14 07:10 33280 c:\windows\system32\dllcache\csrsrv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 84992 c:\windows\system32\dllcache\avifil32.dll
+ 2010-02-17 18:01 . 2009-10-22 11:54 37392 c:\windows\LastGood\system32\DRIVERS\25875202.sys
+ 2010-01-24 14:54 . 2010-01-24 14:54 78336 c:\windows\Installer\4f76f9.msi
+ 2010-01-24 14:56 . 2010-01-24 14:56 24255 c:\windows\Installer\{F1C3541D-5B93-4131-B440-692FBA3DD250}\ARPPRODUCTICON.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 35088 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\oisicon.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 18704 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\mspicons.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 20240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\cagicon.exe
+ 2010-01-24 14:57 . 2010-01-24 14:57 10134 c:\windows\Installer\{8D100E0C-1A5A-43AD-93EF-76F94AE61C30}\ARPPRODUCTICON.exe
+ 2010-01-24 14:58 . 2010-01-24 14:58 10134 c:\windows\Installer\{564B16F4-6B5B-47B0-9AB6-FF2E943947F7}\ARPPRODUCTICON.exe
+ 2010-01-24 14:55 . 2010-01-24 14:55 10134 c:\windows\Installer\{4CE6B3C4-D8E2-4A5D-BEF5-5B69AF843B0C}\ARPPRODUCTICON.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 10134 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\ARPPRODUCTICON.exe
+ 2009-11-27 17:14 . 2009-11-27 17:14 17920 c:\windows\Driver Cache\i386\msyuv.dll
+ 2009-11-27 16:09 . 2009-11-27 16:09 48128 c:\windows\Driver Cache\i386\iyuv_32.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\wmvdmoe2.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\wmvdmod.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 4096 c:\windows\system32\WMVADVE.DLL
+ 2006-10-18 20:47 . 2006-10-18 20:47 4096 c:\windows\system32\WMVADVD.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\wmsdmoe2.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\wmsdmod.dll
+ 2006-10-18 20:58 . 2006-10-18 20:58 8704 c:\windows\system32\wdfmgr.exe
+ 2006-10-18 20:47 . 2006-10-18 20:47 4096 c:\windows\system32\wdfapi.dll
+ 2006-10-18 20:58 . 2006-10-18 20:58 8704 c:\windows\system32\uwdf.exe
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\MPG4DMOD.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\MP4SDMOD.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 4096 c:\windows\system32\MP43DMOD.dll
+ 2010-01-24 14:55 . 2009-10-06 10:56 8320 c:\windows\system32\DRVSTORE\nmwcdnsuc_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\nmwcdnsuc.sys
+ 2010-01-24 14:55 . 2009-10-06 10:52 7936 c:\windows\system32\DRVSTORE\ccdcmbm_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\usbser_lowerflt.sys
+ 2010-01-24 14:55 . 2009-10-06 10:52 7936 c:\windows\system32\DRVSTORE\ccdcmbcj_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\usbser_lowerfltj.sys
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\system32\dllcache\tsbyuv.dll
+ 2010-01-24 14:55 . 2010-01-24 14:55 3262 c:\windows\Installer\{C50EF365-2898-489A-B6C7-30DAA466E9A2}\ARPPRODUCTICON.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 8854 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\Uninstall_QA_OTI_H_FE5D756F71E147C4972AD6775344B40B.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 8854 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NewShortcut31_E2CBBE559A074AF98E8596196B075190.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 8854 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NewShortcut2_1C7B7089989A424FB39D41A32581C775.exe
+ 2009-11-27 16:09 . 2009-11-27 16:09 8704 c:\windows\Driver Cache\i386\tsbyuv.dll
+ 2009-07-11 23:02 . 2009-07-11 23:02 159032 c:\windows\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
+ 2006-09-28 17:56 . 2006-09-28 17:56 316416 c:\windows\system32\WUDFx.dll
+ 2006-09-28 17:56 . 2006-09-28 17:56 165376 c:\windows\system32\WudfPlatform.dll
+ 2006-09-28 17:56 . 2006-09-28 17:56 146432 c:\windows\system32\WudfHost.exe
+ 2006-10-18 20:47 . 2006-10-18 20:47 356352 c:\windows\system32\wpdsp.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 133632 c:\windows\system32\WPDShServiceObj.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 154624 c:\windows\system32\wpdmtp.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 629760 c:\windows\system32\wpd_ci.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 656896 c:\windows\system32\WMVXENCD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 767488 c:\windows\system32\WMVSENCD.dll
+ 2004-08-18 04:00 . 2009-04-01 22:02 604160 c:\windows\system32\wmspdmod.dll
+ 2004-08-18 04:00 . 2008-06-18 04:03 938496 c:\windows\system32\WMNetmgr.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 157184 c:\windows\system32\wmidx.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 535040 c:\windows\system32\wmdrmsdk.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 348672 c:\windows\system32\wmdrmnet.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 429056 c:\windows\system32\wmdrmdev.dll
+ 2004-08-18 04:00 . 2007-10-25 08:28 222720 c:\windows\system32\wmasf.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 757248 c:\windows\system32\WMADMOD.dll
+ 2006-01-09 19:08 . 2009-12-08 09:25 474112 c:\windows\system32\shlwapi.dll
- 2006-01-09 19:08 . 2008-04-14 03:21 474112 c:\windows\system32\shlwapi.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 211456 c:\windows\system32\qasf.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 199168 c:\windows\system32\PortableDeviceWMDRM.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 132096 c:\windows\system32\PortableDeviceWiaCompat.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 166912 c:\windows\system32\PortableDeviceTypes.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 101888 c:\windows\system32\PortableDeviceClassExtension.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 284160 c:\windows\system32\PortableDeviceApi.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 321536 c:\windows\system32\mswmdm.dll
+ 2004-08-18 04:00 . 2006-12-04 15:21 414720 c:\windows\system32\msscp.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 175616 c:\windows\system32\mspmsp.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 179712 c:\windows\system32\msnetobj.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 259072 c:\windows\system32\MPG4DECD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 317440 c:\windows\system32\MP4SDECD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 259072 c:\windows\system32\MP43DECD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 212992 c:\windows\system32\MFPLAT.dll
+ 2004-08-18 04:00 . 2008-06-18 00:09 100864 c:\windows\system32\logagent.exe
- 2009-12-23 19:41 . 2009-05-11 11:30 547840 c:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2010-01-24 14:55 . 2009-05-11 11:30 547840 c:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\PCCSWpdDriver.dll
+ 2010-01-24 14:55 . 2009-10-06 10:56 136704 c:\windows\system32\DRVSTORE\nmwcdnsu_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\nmwcdnsu.sys
+ 2010-01-24 14:55 . 2009-10-06 10:52 660480 c:\windows\system32\DRVSTORE\ccdcmb_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\nmwcdcocls.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 991744 c:\windows\system32\drmv2clt.dll
+ 2006-10-18 19:00 . 2006-10-18 19:00 249856 c:\windows\system32\drmupgds.exe
+ 2006-10-18 20:47 . 2006-10-18 20:47 671232 c:\windows\system32\drivers\UMDF\wpdmtpdr.dll
+ 2010-02-03 00:20 . 2009-08-25 23:34 217136 c:\windows\system32\drivers\NAV\1008000.029\symtdi.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 310320 c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 308272 c:\windows\system32\drivers\NAV\1008000.029\srtsp.sys
+ 2010-02-03 00:19 . 2010-02-03 00:19 482432 c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys
+ 2010-02-03 00:20 . 2009-08-25 23:34 259632 c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys
+ 2009-04-01 22:02 . 2009-04-01 22:02 604160 c:\windows\system32\dllcache\wmspdmod.dll
+ 2008-06-18 04:03 . 2008-06-18 04:03 938496 c:\windows\system32\dllcache\WMNetmgr.dll
+ 2007-10-25 08:28 . 2007-10-25 08:28 222720 c:\windows\system32\dllcache\wmasf.dll
+ 2009-12-08 09:25 . 2009-12-08 09:25 474112 c:\windows\system32\dllcache\shlwapi.dll
+ 2009-12-17 07:42 . 2009-12-17 07:42 343552 c:\windows\system32\dllcache\mspaint.exe
+ 2008-06-18 00:09 . 2008-06-18 00:09 100864 c:\windows\system32\dllcache\logagent.exe
+ 2004-08-18 04:00 . 2006-10-18 20:47 229376 c:\windows\system32\cewmdm.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 542720 c:\windows\system32\blackbox.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 276992 c:\windows\system32\audiodev.dll
+ 2010-02-17 18:01 . 2009-09-25 15:59 128016 c:\windows\LastGood\system32\DRIVERS\25875201.sys
+ 2010-02-17 18:01 . 2009-10-09 21:31 315408 c:\windows\LastGood\system32\DRIVERS\2587520.sys
+ 2010-01-24 14:59 . 2010-01-24 14:59 815104 c:\windows\Installer\4f7776.msi
+ 2010-01-24 14:58 . 2010-01-24 14:58 609792 c:\windows\Installer\4f776f.msi
+ 2010-01-24 14:56 . 2010-01-24 14:56 358912 c:\windows\Installer\4f7751.msi
+ 2010-01-24 14:55 . 2010-01-24 14:55 496128 c:\windows\Installer\4f774b.msi
+ 2010-01-24 14:55 . 2010-01-24 14:55 331776 c:\windows\Installer\4f7715.msi
+ 2010-01-24 14:25 . 2010-01-24 14:25 871424 c:\windows\Installer\352212.msi
+ 2010-01-26 22:55 . 2010-01-26 22:55 424960 c:\windows\Installer\2f0f085.msi
+ 2010-01-24 14:59 . 2010-01-24 14:59 287934 c:\windows\Installer\{B6164ADA-55DA-4FA9-B78B-A7EB741742A1}\ARPPRODUCTICON.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 888080 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\wordicon.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 272648 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pubs.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 922384 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\pptico.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 845584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 217864 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\misc.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 458752 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NewShortcut20_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2010-01-26 22:57 . 2010-01-26 22:57 458752 c:\windows\Installer\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}\NewShortcut16_F7578A24A4B240E4BA057EF931EB25B5.exe
+ 2009-12-23 16:00 . 2009-12-04 18:22 455424 c:\windows\Driver Cache\i386\mrxsmb.sys
+ 2010-01-24 14:58 . 2010-01-24 14:58 1233920 c:\windows\WinSxS\x86_Microsoft.MSXML2_6bd6b9abf345378f_4.20.9818.0_x-ww_8ff50c5d\msxml4.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 2603008 c:\windows\system32\WpdShext.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 1382912 c:\windows\system32\WMVSDECD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 1574912 c:\windows\system32\WMVENCOD.dll
+ 2006-10-18 20:47 . 2006-10-18 20:47 1543680 c:\windows\system32\WMVDECOD.dll
+ 2004-08-18 04:00 . 2009-05-20 03:56 2458112 c:\windows\system32\WMVCore.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 1329152 c:\windows\system32\WMSPDMOE.dll
+ 2004-08-18 04:00 . 2006-10-18 20:47 1117696 c:\windows\system32\WMADMOE.dll
+ 2010-01-24 14:55 . 2009-05-11 10:47 1302600 c:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
- 2009-12-23 19:41 . 2009-05-11 10:47 1302600 c:\windows\system32\DRVSTORE\pccswpddri_1C34ED6F4888FC93BE68C7A31A24834F522D3CBF\WUDFUpdate_01007.dll
+ 2010-01-24 14:55 . 2009-10-06 10:55 1112288 c:\windows\system32\DRVSTORE\ccdcmb_40BC39A62FCDF7FB9E872CE08AFC5F75B82C3181\wdfcoinstaller01007.dll
+ 2004-08-18 04:00 . 2009-05-20 03:56 2458112 c:\windows\system32\dllcache\WMVCore.dll
+ 2009-11-27 17:14 . 2009-11-27 17:14 1294336 c:\windows\system32\dllcache\quartz.dll
+ 2010-01-24 14:57 . 2010-01-24 14:57 3625984 c:\windows\Installer\4f7769.msi
+ 2010-01-14 20:26 . 2010-01-14 20:26 5027840 c:\windows\Installer\37efbab.msp
+ 2010-01-26 22:57 . 2010-01-26 22:57 1634304 c:\windows\Installer\2f0f08c.msi
+ 2009-12-23 18:25 . 2010-02-11 02:02 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 1172240 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\xlicons.exe
+ 2009-12-23 18:25 . 2010-02-11 02:02 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
- 2009-12-23 18:25 . 2010-01-14 07:40 1165584 c:\windows\Installer\{91120000-0031-0000-0000-0000000FF1CE}\accicons.exe
+ 2009-12-23 16:01 . 2009-12-09 10:11 2191360 c:\windows\Driver Cache\i386\ntoskrnl.exe
- 2009-12-23 16:01 . 2009-08-04 21:59 2191360 c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2009-12-23 16:01 . 2009-12-09 10:11 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-12-23 16:01 . 2009-08-04 17:29 2025984 c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2009-02-10 18:09 . 2009-08-04 17:29 2068224 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-02-10 18:09 . 2009-12-09 10:11 2068224 c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2009-12-23 16:01 . 2009-12-09 10:11 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2009-12-23 16:01 . 2009-08-04 17:29 2147328 c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2007-02-09 21:42 . 2010-02-01 19:26 30364104 c:\windows\system32\MRT.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-12-16 17:12 700416 ----a-w- c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll" [2009-12-16 700416]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2009-08-13 17:55 85768 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"Kalendar"="c:\program files\Kalendar\kalendar.exe" [2005-11-09 580608]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2009-11-20 2335880]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-01-20 289584]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2009-12-10 401728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-07-20 7581696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-07-20 86016]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 16261632]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-06-11 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-05-25 786521]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2006-05-15 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-18 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-18 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-18 455168]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2006-08-08 634880]
"PCMService"="c:\program files\Acer\Acer Arcade\PCMService.exe" [2006-04-27 151552]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-07-18 438272]
"Boot"="c:\acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 579584]
"Acer ePresentation HPD"="c:\acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-06-07 208896]
"eLockMonitor"="c:\acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe" [2006-03-31 16384]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-08-09 342016]
"eRecoveryService"="c:\acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 413696]
"WarReg_PopUp"="c:\acer\WR_PopUp\WarReg_PopUp.exe" [2006-09-23 61440]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-12-16 975360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2007-01-20 200704]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-12-23 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Coral Acer\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Secunia PSI (RC3).lnk - c:\program files\Secunia\PSI (RC3)\psi.exe [2008-6-16 663552]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Ovi Files Connector.lnk - c:\program files\Ovi Files\Ovi Files_agent.exe [2010-1-24 1160560]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Acer\\Acer Arcade\\PCMService.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Graphisoft\\ArchiCAD 11\\ArchiCAD.exe"=
"c:\\totalcmd\\TOTALCMD.EXE"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1008000.029\SymEFA.sys [3.2.2010 1:20 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\NAV\1008000.029\BHDrvx86.sys [3.2.2010 1:20 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NAV\1008000.029\cchpx86.sys [3.2.2010 1:19 482432]
R1 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100210.001\IDSXpx86.sys [12.2.2010 22:15 329592]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [16.12.2009 17:38 375296]
R2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;c:\windows\system32\eLock2BurnerLockDriver.sys [9.2.2007 21:45 17664]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver;c:\windows\system32\eLock2FSCTLDriver.sys [9.2.2007 21:45 90112]
R2 Norton AntiVirus;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe [3.2.2010 1:19 117640]
R2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [8.12.2009 11:46 185640]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [23.12.2009 10:00 102448]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [16.6.2008 9:31 7808]
R4 25875201;25875201;c:\windows\system32\DRIVERS\25875201.sys --> c:\windows\system32\DRIVERS\25875201.sys [?]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\bin\fbguard.exe -s --> c:\program files\Firebird\bin\fbguard.exe -s [?]
S2 LockServ;LockServ;c:\acer\Empowering Technology\eLock\LockServ.exe -p --> c:\acer\Empowering Technology\eLock\LockServ.exe -p [?]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\bin\fbserver.exe -s --> c:\program files\Firebird\bin\fbserver.exe -s [?]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - 25875201
*NewlyCreated* - 25875202
*NewlyCreated* - HIDSERV
*NewlyCreated* - SETUP_9.0.0.722_16.02.2010_22-01DRV
.
Obsah adresáře 'Naplánované úlohy'

2010-02-15 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://cs.intl.acer.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.aceradvantage.com/stdreg/startpage. ... 2027E22000
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Coral Acer\Data aplikací\Mozilla\Firefox\Profiles\dbkobjse.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz
FF - component: c:\documents and settings\All Users\Data aplikací\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - component: c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\components\FirefoxExtension.dll
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\pdfforge Toolbar\FF\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\pdfforge Toolbar\SSFF\components\SearchSettingsFF.dll
FF - plugin: c:\program files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
HKLM-Run-Ovi Files Update - c:\program files\Ovi Files\updater.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-17 19:09
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Norton AntiVirus]
"ImagePath"="\"c:\program files\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe\" /s \"Norton AntiVirus\" /m \"c:\program files\Norton AntiVirus\Engine\16.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1284)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

- - - - - - - > 'explorer.exe'(5580)
c:\windows\system32\MSNCHATHOOK.DLL
c:\windows\system32\sysenv.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\MFC71U.DLL
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\TortoiseSVN\bin\TortoiseStub.dll
c:\program files\TortoiseSVN\bin\TortoiseSVN.dll
c:\program files\TortoiseSVN\bin\intl3_tsvn.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2010-02-17 19:11:57
ComboFix-quarantined-files.txt 2010-02-17 18:11
ComboFix2.txt 2010-01-24 13:19

Před spuštěním: Volných bajtů: 24 787 532 800
Po spuštění: Volných bajtů: 24 846 705 664

- - End Of File - - 4E6A0D8D1EB2A35D3AB64C22D9988BD6

Re: Outlook nepíše znaky ěščřž

Napsal: 18 úno 2010 07:38
od JaRon
pouzi CFScript:

Kód: Vybrat vše

Driver::
25875201
25875202


File::
c:\windows\system32\DRIVERS\25875201.sys

Re: Outlook nepíše znaky ěščřž

Napsal: 28 črc 2010 12:27
od kluk
Zdravim mam presne ten samy problem.
ComboFix log

Kód: Vybrat vše

ComboFix 10-07-27.04 - Administrator 28.07.2010  12:47:02.1.2 - x86
Microsoft Windows 7 Professional   6.1.7600.0.1250.420.1029.18.2046.951 [GMT 2:00]
Spuštěný z: d:\profily\Other\Tomas\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Ostatní výmazy   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\programdata\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

----- BITS: Možné infikované stránky -----

hxxp://phserver:8530
.
(((((((((((((((((((((((((   Soubory vytvořené od 2010-06-28 do 2010-07-28  )))))))))))))))))))))))))))))))
.

2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:52	--------	d-----w-	c:\users\Administrator.DOMENA\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\MAREK\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\PETRA\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\Lenka\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\Dominika\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2010-07-28 10:51 . 2010-07-28 10:51	--------	d-----w-	c:\users\__sbs_netsetup__\AppData\Local\temp
2010-07-09 13:01 . 2010-07-09 13:01	--------	d-----w-	c:\users\Lenka\EurekaLog
2010-07-09 12:58 . 2010-07-09 12:58	--------	d-----w-	c:\users\Lenka\AppData\Roaming\ICQ
2010-07-02 07:24 . 2010-07-02 07:25	--------	d-----w-	c:\users\PETRA\AppData\Roaming\ICQ
2010-07-01 18:23 . 2010-07-01 18:23	--------	d-----w-	c:\users\Tomas\AppData\Roaming\ICQ
2010-07-01 09:19 . 2004-04-23 12:23	2506752	----a-w-	c:\windows\system32\LWCtPl.dll
2010-07-01 09:19 . 2000-11-28 09:35	27388	----a-w-	c:\windows\system32\drivers\ihidfilt.sys
2010-07-01 09:19 . 2004-04-23 12:26	17344	----a-w-	c:\windows\system32\drivers\LHidHi.sys
2010-07-01 09:19 . 2004-04-23 12:26	13888	----a-w-	c:\windows\system32\drivers\LHidLo.sys
2010-07-01 09:19 . 2004-04-23 12:26	10432	----a-w-	c:\windows\system32\drivers\LUsbSys.sys
2010-07-01 09:19 . 2004-04-23 12:25	86016	----a-w-	c:\windows\system32\W9xDAPI.dll
2010-07-01 09:19 . 2004-04-23 12:24	356352	----a-w-	c:\windows\system32\WMWizard.dll
2010-07-01 09:19 . 2010-07-01 09:19	--------	d-----w-	c:\program files\Common Files\Logitech
2010-07-01 09:19 . 2004-04-23 12:26	33216	----a-w-	c:\windows\system32\LFLoad.sys
2010-07-01 09:19 . 2004-04-23 12:24	61440	----a-w-	c:\windows\system32\W9XdInst.dll
2010-07-01 09:19 . 2004-04-14 08:54	163840	----a-w-	c:\windows\system32\WmJoyFrc.dll
2010-07-01 09:19 . 2010-07-01 09:19	--------	d-----w-	c:\program files\Logitech

.
((((((((((((((((((((((((((((((((((((((((   Find3M výpis   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-28 10:23 . 2009-07-14 08:44	625676	----a-w-	c:\windows\system32\perfh005.dat
2010-07-28 10:23 . 2009-07-14 08:44	119794	----a-w-	c:\windows\system32\perfc005.dat
2010-07-25 11:06 . 2010-04-28 15:45	--------	d-----w-	c:\programdata\Microsoft Help
2010-07-11 15:34 . 2010-05-24 15:43	--------	d-----w-	c:\program files\ICQ6.5
2010-07-11 15:34 . 2010-05-30 17:14	--------	d-----w-	c:\users\MAREK\AppData\Roaming\ICQ
2010-07-03 05:37 . 2010-04-28 12:01	--------	d-----w-	c:\program files\Microsoft Security Essentials
2010-07-01 12:07 . 2010-06-22 14:30	22328	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-07-01 12:07 . 2010-06-22 14:30	103736	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-07-01 09:19 . 2010-05-19 10:23	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-07-01 09:18 . 2010-05-19 10:21	--------	d-----w-	c:\program files\Common Files\InstallShield
2010-07-01 04:45 . 2010-05-01 07:35	--------	d-----w-	c:\programdata\DVD Shrink
2010-06-23 14:29 . 2010-04-28 12:14	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-06-22 20:59 . 2010-05-21 17:02	--------	d-----w-	c:\users\MAREK\AppData\Roaming\BitTorrent
2010-06-22 14:30 . 2010-06-22 14:30	66872	----a-w-	c:\windows\system32\PnkBstrA.exe
2010-06-22 14:29 . 2010-06-22 14:29	--------	d--h--r-	c:\users\MAREK\AppData\Roaming\SecuROM
2010-06-22 14:06 . 2010-06-22 14:06	--------	d-----w-	c:\program files\Electronic Arts
2010-06-22 12:42 . 2010-06-22 12:42	--------	d-----w-	c:\program files\MSXML 4.0
2010-06-13 13:49 . 2010-05-19 10:45	42	----a-w-	c:\users\Tomas\AppData\Roaming\jeyo\JMC_WM\nt32200jcwm.dll
2010-06-13 13:49 . 2010-05-19 10:45	32	----a-w-	c:\users\Tomas\AppData\Roaming\jeyo\JMC_WM\ntcheck3232jcwm.dll
2010-06-13 08:43 . 2010-05-19 10:45	--------	d-----w-	c:\users\Administrator.DOMENA\AppData\Roaming\Jeyo
2010-06-13 08:40 . 2010-06-12 23:40	42	----a-w-	c:\users\Administrator.DOMENA\AppData\Roaming\Jeyo\JME_WM\nt32200jewm25.dll
2010-06-13 08:40 . 2010-06-12 23:40	32	----a-w-	c:\users\Administrator.DOMENA\AppData\Roaming\Jeyo\JME_WM\ntcheck3232jewm25.dll
2010-06-13 08:38 . 2010-06-13 08:38	--------	d-----w-	c:\program files\Jeyo
2010-06-10 15:55 . 2010-06-10 15:55	--------	d-----w-	c:\users\Tomas\AppData\Roaming\CD-LabelPrint
2010-06-01 17:37 . 2010-04-28 11:56	221568	------w-	c:\windows\system32\MpSigStub.exe
2010-05-27 07:24 . 2010-06-10 15:24	34304	----a-w-	c:\windows\system32\atmlib.dll
2010-05-27 03:49 . 2010-06-10 15:24	293888	----a-w-	c:\windows\system32\atmfd.dll
2010-05-21 05:18 . 2010-06-10 15:27	977920	----a-w-	c:\windows\system32\wininet.dll
2010-05-17 21:38 . 2010-05-17 21:37	150528	----a-w-	c:\windows\FAVPID.DLL
2010-05-09 09:14 . 2010-06-24 12:25	641536	----a-w-	c:\windows\system32\CPFilters.dll
2010-05-09 09:14 . 2010-06-24 12:25	417792	----a-w-	c:\windows\system32\msdri.dll
2010-05-01 20:28 . 2010-05-01 20:28	520192	----a-w-	c:\windows\system32\Rolex Explorer II.scr
2010-05-01 20:28 . 2010-05-01 20:28	36840	----a-w-	c:\programdata\Screentime\Rolex Explorer 39mm\saver1.dll
2010-05-01 20:28 . 2010-05-01 20:28	20728	----a-w-	c:\programdata\Screentime\Rolex Explorer 39mm\saver2.dll
2010-05-01 20:28 . 2010-05-01 20:23	674280	----a-w-	c:\windows\system32\Rolex Explorer 39mm.scr
2010-05-01 20:23 . 2010-05-01 20:23	22976	----a-w-	c:\programdata\Screentime\Rolex Datejust 36 mm October 09\saver2.dll
2010-05-01 20:23 . 2010-05-01 20:23	623280	----a-w-	c:\windows\system32\Rolex Datejust 36 mm October 09.scr
2010-05-01 20:23 . 2010-05-01 20:23	39088	----a-w-	c:\programdata\Screentime\Rolex Datejust 36 mm October 09\saver1.dll
2010-05-01 20:20 . 2010-05-01 20:20	20728	----a-w-	c:\programdata\Screentime\Rolex Datejust Lady 31mm\saver2.dll
2010-05-01 20:20 . 2010-05-01 20:20	36840	----a-w-	c:\programdata\Screentime\Rolex Datejust Lady 31mm\saver1.dll
2010-05-01 20:20 . 2010-05-01 20:19	674280	----a-w-	c:\windows\system32\Rolex Datejust Lady 31mm.scr
2010-05-01 20:17 . 2010-05-01 20:16	532480	----a-w-	c:\windows\system32\Rolex Yacht-Master II YG.scr
2010-05-01 20:16 . 2010-05-01 20:16	34304	----a-w-	c:\programdata\Screentime\Rolex Deepsea\saver1.dll
2010-05-01 20:16 . 2010-05-01 20:16	18192	----a-w-	c:\programdata\Screentime\Rolex Deepsea\saver2.dll
2010-05-01 20:16 . 2010-05-01 20:12	524288	----a-w-	c:\windows\system32\Rolex Deepsea.scr
2010-05-01 20:13 . 2010-05-01 20:13	520192	----a-w-	c:\windows\system32\Rolex Oyster Day-Date.scr
2010-05-01 20:11 . 2010-05-01 20:11	532480	----a-w-	c:\windows\system32\Rolex GMT-Master II steel.scr
2010-05-01 14:49 . 2010-06-10 15:27	2326528	----a-w-	c:\windows\system32\win32k.sys
2010-04-29 16:16 . 2010-04-29 16:16	108824	----a-w-	c:\users\Administrator.DOMENA\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 13:11 . 2010-04-29 13:11	108824	----a-w-	c:\users\PETRA\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 12:09 . 2010-04-29 12:09	108824	----a-w-	c:\users\Dominika\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 11:36 . 2010-04-29 11:36	108824	----a-w-	c:\users\MAREK\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-29 11:07 . 2010-04-29 11:07	108824	----a-w-	c:\users\Lenka\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((   Spouštěcí body v registru   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny. 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ICQ"="c:\progra~1\ICQ6.5\ICQ.exe" [2009-11-16 172792]
"StartWMDriverWiz"="c:\progra~1\COMMON~1\Logitech\WmDrivers\wmwizard.dll" [2004-04-23 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2010-02-22 1226024]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]

c:\users\PETRA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-22 136176]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1343400]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2010-03-25 490280]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile	REG_MULTI_SZ   	wcescomm rapimgr
LocalServiceRestricted	REG_MULTI_SZ   	WcesComm RapiMgr
.
Obsah adresáře 'Naplánované úlohy'

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-22 03:23]

2010-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-22 03:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
FF - ProfilePath - 

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

URLSearchHooks-{00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)


.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2402607258-1950833276-2025321928-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,2a,b8,03,44,a5,3d,49,92,b1,5c,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,67,2a,b8,03,44,a5,3d,49,92,b1,5c,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2010-07-28  12:54:04
ComboFix-quarantined-files.txt  2010-07-28 10:54

Před spuštěním: Volných bajtů: 146 387 812 352
Po spuštění: Volných bajtů: 149 595 987 968

- - End Of File - - 0A5AC7555091FACE0924BE941E6DA68B
Predem dekuji za pripadnou pomoc.

Re: Outlook nepíše znaky ěščřž

Napsal: 28 črc 2010 22:51
od motji
Kluk
Založte si prosím vlastní topic, takto by to bylo nepřehledné. Děkujeme za pochopení :)

Re: Outlook nepíše znaky ěščřž

Napsal: 29 črc 2010 06:42
od kluk
omlouvam se mozno zde smazat.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz