Zasekávání počítače a zvuku

[Hellfik]

Dobrý den, včera se mi začal sekat počítač,zvuk a najednou se počítač zapíná strašně dlouho - dříve tak 2 minuty a teď asi 6 minut.
Log:

Logfile of random's system information tool 1.09 (written by random/random)
Run by oem at 2012-07-23 14:10:38
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 41 GB (40%) free of 102 GB
Total RAM: 2039 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:11:04, on 23.7.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe
C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Program Files\ActivIdentity\ActivClient Mini\accrdsub.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ActivIdentity\ActivClient Mini\acevents.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Documents and Settings\oem\Plocha\kluci\PBDO-bot\PBDO-Bot.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
D:\vosatka\Users\Admin\Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\oem.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient Mini\accrdsub.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IFXSPMGT] C:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [Kerio VPN Client] "C:\Program Files\Kerio\VPN Client\kvpnclient.exe" /tryauto
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: ackpbsc - C:\Program Files\ActivIdentity\ActivClient Mini\ackpbsc.dll
O20 - Winlogon Notify: acunlock - C:\Program Files\ActivIdentity\ActivClient Mini\acunlock.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ActivClient Authentication Service (acachsrv) - ActivIdentity - C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Personal Secure Drive service (PersonalSecureDriveService) - Infineon Technologies AG - C:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 12486 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1454471165-1417001333-1005Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-299502267-1454471165-1417001333-1005UA.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C1F65B6F-2B95-4833-81E1-48FC366A3ED3}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-05-04 453504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-05-04 157576]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-09-15 1015808]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2011-09-19 141848]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2011-09-19 166424]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2011-09-19 137752]
"QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-10-19 177456]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2011-09-19 872448]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-11-20 488752]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-11-01 995328]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-11-01 1101824]
"PTHOSTTR"=C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE [2007-01-09 145184]
"accrdsub"=C:\Program Files\ActivIdentity\ActivClient Mini\accrdsub.exe [2006-04-20 176128]
"SynTPStart"=C:\Program Files\Synaptics\SynTP\SynTPStart.exe [2007-09-15 102400]
"IFXSPMGT"=C:\WINDOWS\system32\ifxspmgt.exe [2008-01-25 677144]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]
"Samsung PanelMgr"=C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorun []
"Print2PDF Print Monitor"=C:\Program Files\Software602\Print2PDF\Print2PDF.exe /server []
"Kerio VPN Client"=C:\Program Files\Kerio\VPN Client\kvpnclient.exe [2008-09-01 2965504]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"MSConfig"=C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE [2008-04-14 171008]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Documents and Settings\oem\Plocha\kluci\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EA Core]
C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files\Origin\Origin.exe [2012-07-16 3407536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Documents and Settings\oem\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe [2012-03-07 137536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\oem\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-06-14 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-06-27 1996200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2012-07-03 17417392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Program Files\uTorrent\uTorrent.exe [2012-06-23 880496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
C:\PROGRA~1\GAMEPA~1\gpcl.exe [2011-07-29 409088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^oem^Nabídka Start^Programy^Po spuštění^FIFA 11 Registration.lnk]
C:\Program Files\EA Sports\FIFA 11\Support\EAregister.exe /remind /language=ENB /PRID=DR:185015500 /WHPR=FIFA 11 /PRNM=Electronic Arts Product []

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ackpbsc]
C:\Program Files\ActivIdentity\ActivClient Mini\ackpbsc.dll [2006-04-27 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\acunlock]
C:\Program Files\ActivIdentity\ActivClient Mini\acunlock.dll [2006-04-14 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2011-09-19 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\RealVNC\VNC4\winvnc4.exe"="C:\Program Files\RealVNC\VNC4\winvnc4.exe:*:Enabled:VNC Server"
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe"="C:\Program Files\Sybase\SQL Anywhere 9\win32\dbisqlg.exe:*:Enabled:Adaptive Server Anywhere ISQL"
"C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe"="C:\Program Files\Sybase\Shared\Sybase Central 4.3\win32\scjview.exe:*:Enabled:Sybase Central"
"C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe"="C:\Program Files\Sybase\SQL Anywhere 9\win32\dbeng9.exe:*:Enabled:Adaptive Server Anywhere Database Engine"
"C:\skoleni\exe\Kasa.exe"="C:\skoleni\exe\Kasa.exe:*:Enabled:Kasa"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\javaw.exe"="C:\WINDOWS\system32\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Charles\Charles.exe"="C:\Program Files\Charles\Charles.exe:*:Enabled:Charles Web Debugging Proxy"
"C:\Program Files\Common Files\soft602\langserv.exe"="C:\Program Files\Common Files\soft602\langserv.exe:*:Enabled:Software602 Spell Checker"
"C:\Documents and Settings\oem\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe"="C:\Documents and Settings\oem\Local Settings\Data aplikací\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin"
"C:\Program Files\EA Sports\FIFA 09\FIFA09.exe"="C:\Program Files\EA Sports\FIFA 09\FIFA09.exe:*:Enabled:FIFA09"
"C:\Program Files\KBot\KBot 6.19\KBotcc.exe"="C:\Program Files\KBot\KBot 6.19\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\Profibot\OpenStealth 1.16\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.16\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Profibot\OpenStealth 1.17\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.17\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Profibot\OpenStealth 1.18\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.18\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\KBot\KBot 6.23\KBotcc.exe"="C:\Program Files\KBot\KBot 6.23\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\Profibot\OpenStealth 1.19\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.19\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Profibot\OpenStealth 1.20\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.20\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Profibot\OpenStealth 1.21\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.21\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\KBot\KBot 6.26\KBotcc.exe"="C:\Program Files\KBot\KBot 6.26\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\KBot\KBot 6.28\KBotcc.exe"="C:\Program Files\KBot\KBot 6.28\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\KBot\KBot 6.29\KBotcc.exe"="C:\Program Files\KBot\KBot 6.29\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\STORMWARE\Pohoda_2\Pohoda.exe"="C:\Program Files\STORMWARE\Pohoda_2\Pohoda.exe:*:Disabled:Ekonomický systém POHODA 2012 Premium"
"C:\Program Files\STORMWARE\Pohoda\Pohoda.exe"="C:\Program Files\STORMWARE\Pohoda\Pohoda.exe:*:Disabled:Pohoda"
"C:\Program Files\STORMWARE\Pohoda_2\StwRp50C.exe"="C:\Program Files\STORMWARE\Pohoda_2\StwRp50C.exe:*:Disabled:REPORT 2012 Designer"
"C:\Program Files\STORMWARE\Pohoda_2\StwPh.exe"="C:\Program Files\STORMWARE\Pohoda_2\StwPh.exe:*:Disabled:StwPh"
"C:\Program Files\STORMWARE\Pohoda\StwPh.exe"="C:\Program Files\STORMWARE\Pohoda\StwPh.exe:*:Disabled:StwPh"
"C:\Program Files\STORMWARE\Pohoda\StwRp50C.exe"="C:\Program Files\STORMWARE\Pohoda\StwRp50C.exe:*:Disabled:StwRp50C"
"C:\Program Files\STORMWARE\Pohoda_2\StwUpdater.exe"="C:\Program Files\STORMWARE\Pohoda_2\StwUpdater.exe:*:Disabled:StwUpdater"
"C:\Program Files\STORMWARE\Pohoda\StwUpdater.exe"="C:\Program Files\STORMWARE\Pohoda\StwUpdater.exe:*:Disabled:StwUpdater"
"C:\Program Files\STORMWARE\Pohoda_2\StwUpdCopy.exe"="C:\Program Files\STORMWARE\Pohoda_2\StwUpdCopy.exe:*:Disabled:StwUpdCopy"
"C:\Program Files\STORMWARE\Pohoda\StwUpdCopy.exe"="C:\Program Files\STORMWARE\Pohoda\StwUpdCopy.exe:*:Disabled:StwUpdCopy"
"C:\Program Files\KBot\KBot 6.30\KBotcc.exe"="C:\Program Files\KBot\KBot 6.30\KBotcc.exe:*:Enabled:KBot control center"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Run a DLL as an App"
"C:\Program Files\Profibot\OpenStealth 1.23\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.23\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Profibot\OpenStealth 1.25\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.25\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\Microsoft Games\Age of Empires III\age3.exe"="C:\Program Files\Microsoft Games\Age of Empires III\age3.exe:*:Enabled:Age of Empires 3"
"C:\Program Files\KBot\KBot 6.32\KBotcc.exe"="C:\Program Files\KBot\KBot 6.32\KBotcc.exe:*:Enabled:KBot control center"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Wolfenstein - Enemy Territory\et.exe"="C:\Program Files\Wolfenstein - Enemy Territory\et.exe:*:Enabled:et"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Profibot\OpenStealth 1.27\OpenStealth.exe"="C:\Program Files\Profibot\OpenStealth 1.27\OpenStealth.exe:*:Enabled:OpenStealth"
"C:\Program Files\KBot\KBot 6.35\KBotcc.exe"="C:\Program Files\KBot\KBot 6.35\KBotcc.exe:*:Enabled:KBot control center"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Hamachi\hamachi.exe"="C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi Client"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2010\pes2010.exe:*:Enabled:Pro Evolution Soccer 2010"
"C:\Program Files\Valve\hl.exe"="C:\Program Files\Valve\hl.exe:*:Enabled:Half-Life Launcher"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3fhg"=mp3fhg.acm
"VIDC.YV12"=DivX.dll
"msacm.ac3acm"=ac3acm.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.DIVX"=DivX.dll
"VIDC.FMVC"=fmcodec.dll

======List of files/folders created in the last 1 month======

2012-07-18 10:11:46 ----D---- C:\Documents and Settings\oem\Data aplikací\WinRAR
2012-07-18 10:11:09 ----D---- C:\Program Files\WinRAR
2012-07-16 09:19:47 ----D---- C:\Program Files\KONAMI
2012-07-16 09:19:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\KONAMI
2012-07-14 14:57:49 ----D---- C:\Program Files\LogMeIn Hamachi
2012-07-14 11:29:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\PDF Writer
2012-07-14 11:28:48 ----D---- C:\Documents and Settings\oem\Data aplikací\PDF Writer
2012-07-14 10:50:05 ----D---- C:\Program Files\Common Files\STORMWARE
2012-07-14 10:50:04 ----A---- C:\WINDOWS\system32\bzFlRdr.dll
2012-07-14 10:50:04 ----A---- C:\WINDOWS\system32\bzDCT.dll
2012-07-14 10:49:54 ----A---- C:\WINDOWS\system32\msvbvm60.dll
2012-07-11 21:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$
2012-07-11 21:01:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2718523$
2012-07-11 21:00:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$
2012-07-11 20:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$
2012-07-11 20:54:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$
2012-07-10 21:36:49 ----D---- C:\Program Files\Common Files\Skype
2012-07-10 12:54:33 ----D---- C:\Program Files\Fiddler2
2012-07-09 10:00:47 ----D---- C:\Documents and Settings\All Users\Data aplikací\EA Core
2012-07-08 18:34:36 ----D---- C:\Program Files\Origin Games
2012-07-08 18:34:05 ----D---- C:\Documents and Settings\oem\Data aplikací\Origin
2012-07-08 18:33:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\Origin
2012-07-08 18:31:11 ----D---- C:\Program Files\Origin
2012-07-08 18:25:48 ----D---- C:\ProgramData
2012-07-08 18:25:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Electronic Arts
2012-07-08 18:07:17 ----A---- C:\WINDOWS\system32\XAudio2_7.dll
2012-07-08 18:07:17 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll
2012-07-08 18:07:16 ----A---- C:\WINDOWS\system32\xactengine3_7.dll
2012-07-08 18:07:15 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll
2012-07-08 18:07:14 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll
2012-07-08 18:07:13 ----A---- C:\WINDOWS\system32\d3dx11_43.dll
2012-07-08 18:07:12 ----A---- C:\WINDOWS\system32\d3dx10_43.dll
2012-07-08 18:07:08 ----A---- C:\WINDOWS\system32\D3DX9_43.dll
2012-07-08 18:07:03 ----A---- C:\WINDOWS\system32\XAudio2_6.dll
2012-07-08 18:07:03 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll
2012-07-08 18:07:01 ----A---- C:\WINDOWS\system32\xactengine3_6.dll
2012-07-08 18:06:59 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll
2012-07-08 18:06:58 ----A---- C:\WINDOWS\system32\XAudio2_5.dll
2012-07-08 18:06:54 ----A---- C:\WINDOWS\system32\xactengine3_5.dll
2012-07-08 18:06:53 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll
2012-07-08 18:06:47 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll
2012-07-08 18:06:46 ----A---- C:\WINDOWS\system32\d3dx11_42.dll
2012-07-08 18:06:45 ----A---- C:\WINDOWS\system32\d3dx10_42.dll
2012-07-08 18:06:42 ----A---- C:\WINDOWS\system32\D3DX9_42.dll
2012-07-08 17:53:11 ----D---- C:\Program Files\Common Files\Java
2012-07-08 17:52:08 ----A---- C:\WINDOWS\system32\javaws.exe
2012-07-08 17:51:37 ----A---- C:\WINDOWS\system32\javaw.exe
2012-07-08 17:51:37 ----A---- C:\WINDOWS\system32\java.exe
2012-07-08 17:49:36 ----D---- C:\Program Files\Java
2012-07-08 17:38:31 ----D---- C:\Program Files\Oracle
2012-07-08 17:37:31 ----D---- C:\Documents and Settings\oem\Data aplikací\Oracle
2012-07-08 17:37:07 ----A---- C:\WINDOWS\system32\npDeployJava1.dll
2012-07-08 17:22:10 ----D---- C:\Program Files\SystemRequirementsLab
2012-07-08 17:05:10 ----D---- C:\Program Files\Electronic Arts
2012-07-08 16:34:15 ----A---- C:\WINDOWS\system32\d3dx10_41.dll
2012-07-08 16:34:15 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll
2012-07-08 16:34:14 ----A---- C:\WINDOWS\system32\D3DX9_41.dll
2012-07-08 16:34:12 ----A---- C:\WINDOWS\system32\XAudio2_4.dll
2012-07-08 16:34:12 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll
2012-07-08 16:34:11 ----A---- C:\WINDOWS\system32\xactengine3_4.dll
2012-07-08 16:34:10 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll
2012-07-08 16:34:09 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2012-07-08 16:34:09 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2012-07-08 16:34:06 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2012-07-08 16:34:02 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2012-07-08 16:34:02 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2012-07-08 16:34:01 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2012-07-08 16:34:00 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2012-07-08 16:33:58 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2012-07-08 16:33:58 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2012-07-08 16:33:57 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2012-07-08 16:33:55 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2012-07-08 16:33:55 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2012-07-08 16:33:53 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2012-07-08 16:33:51 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2012-07-08 16:33:51 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2012-07-08 16:33:50 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2012-07-08 16:33:48 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2012-07-08 16:33:38 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2012-07-08 16:33:38 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2012-07-08 16:33:36 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2012-07-05 20:00:32 ----D---- C:\Program Files\CCleaner
2012-07-05 14:08:39 ----D---- C:\Program Files\VB Decompiler Pro
2012-07-04 14:13:59 ----D---- C:\Program Files\EA Sports
2012-06-25 16:04:24 ----A---- C:\WINDOWS\system32\msxml4.dll
2012-06-25 14:28:45 ----SHD---- C:\found.001
2012-06-24 10:38:35 ----D---- C:\Program Files\GamePark2

======List of files/folders modified in the last 1 month======

2012-07-23 14:10:51 ----D---- C:\Program Files\trend micro
2012-07-23 13:49:16 ----D---- C:\WINDOWS\system32\CatRoot2
2012-07-23 13:28:35 ----D---- C:\Documents and Settings\oem\Data aplikací\uTorrent
2012-07-23 13:24:01 ----D---- C:\WINDOWS\temp
2012-07-23 13:06:59 ----D---- C:\Documents and Settings\oem\Data aplikací\Skype
2012-07-23 13:03:19 ----RASH---- C:\boot.ini
2012-07-23 13:03:19 ----D---- C:\WINDOWS\pss
2012-07-23 13:03:19 ----A---- C:\WINDOWS\win.ini
2012-07-23 13:03:19 ----A---- C:\WINDOWS\system.ini
2012-07-23 12:57:01 ----D---- C:\WINDOWS\Prefetch
2012-07-23 12:47:41 ----D---- C:\WINDOWS\system32\drivers
2012-07-23 12:46:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-07-23 12:30:57 ----D---- C:\Program Files\Valve
2012-07-23 10:47:30 ----SHD---- C:\WINDOWS\Installer
2012-07-23 10:47:30 ----SD---- C:\Documents and Settings\oem\Data aplikací\Microsoft
2012-07-23 10:46:59 ----D---- C:\Config.Msi
2012-07-23 10:46:53 ----RD---- C:\Program Files
2012-07-23 07:22:10 ----D---- C:\WINDOWS\system32
2012-07-19 13:40:51 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-07-19 12:15:15 ----D---- C:\Program Files\Wolfenstein - Enemy Territory
2012-07-16 13:31:42 ----HD---- C:\WINDOWS\inf
2012-07-15 19:03:06 ----D---- C:\WINDOWS
2012-07-14 14:57:24 ----D---- C:\Documents and Settings\oem\Data aplikací\Hamachi
2012-07-14 11:36:44 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-07-14 10:50:09 ----RSD---- C:\WINDOWS\assembly
2012-07-14 10:50:05 ----D---- C:\Program Files\Common Files
2012-07-14 10:49:04 ----D---- C:\Program Files\Common Files\STORMWARE Shared
2012-07-13 14:01:16 ----D---- C:\Program Files\Profibot
2012-07-12 12:17:03 ----D---- C:\Program Files\DsNET Corp
2012-07-12 10:41:48 ----SD---- C:\WINDOWS\Tasks
2012-07-12 10:41:39 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-07-11 21:03:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-07-11 21:01:46 ----A---- C:\WINDOWS\imsins.BAK
2012-07-11 21:01:13 ----HD---- C:\WINDOWS\$hf_mig$
2012-07-11 20:55:40 ----A---- C:\WINDOWS\system32\MRT.exe
2012-07-11 20:55:29 ----D---- C:\WINDOWS\WinSxS
2012-07-10 21:37:34 ----D---- C:\Documents and Settings\All Users\Data aplikací\Skype
2012-07-10 21:36:52 ----RD---- C:\Program Files\Skype
2012-07-10 11:17:24 ----D---- C:\Documents and Settings\oem\Data aplikací\DAEMON Tools Lite
2012-07-10 09:48:43 ----D---- C:\WINDOWS\system32\DirectX
2012-07-05 20:07:43 ----D---- C:\WINDOWS\Minidump
2012-07-05 19:27:54 ----A---- C:\WINDOWS\ntbtlog.txt
2012-07-05 19:04:47 ----D---- C:\Program Files\VB Decompiler Lite
2012-07-04 14:05:51 ----D---- C:\Program Files\Webteh
2012-07-04 14:03:33 ----HD---- C:\Program Files\InstallShield Installation Information
2012-07-03 07:31:34 ----D---- C:\Program Files\KBot
2012-07-02 13:50:28 ----D---- C:\WINDOWS\Network Diagnostic
2012-06-25 15:02:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\WINDOWS\System32\drivers\psd.sys [2007-07-24 38816]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-09-30 21361]
R2 DgiVecp;DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys []
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2011-09-19 281600]
R3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2011-09-19 94976]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-03-21 1203776]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-08-28 146560]
R3 b57w2k;Broadcom NetLink (TM) Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-10-26 142720]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-02-15 1342570]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-02-15 57096]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-06-23 242240]
R3 GTIPCI21;GTIPCI21; C:\WINDOWS\system32\DRIVERS\gtipci21.sys [2006-09-14 88192]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2011-09-19 5854752]
R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-07-24 41216]
R3 kvpndev;Kerio VPN adapter; C:\WINDOWS\system32\DRIVERS\kvpndrv.sys [2008-06-24 65024]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NETw4x32;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-10-31 2236544]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-09-15 213696]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2007-01-24 290304]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S0 dkqowvqn;dkqowvqn; C:\WINDOWS\System32\drivers\tyvm.sys []
S2 SSPORT;SSPORT; \??\C:\WINDOWS\system32\Drivers\SSPORT.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\oem\LOCALS~1\Temp\catchme.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 RsFx0103;RsFx0103 Driver; C:\WINDOWS\system32\DRIVERS\RsFx0103.sys [2009-03-30 239336]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 acachsrv;ActivClient Authentication Service; C:\Program Files\ActivIdentity\ActivClient Mini\acachsrv.exe [2006-04-12 81920]
R2 accoca;ActivClient Middleware Service; C:\Program Files\ActivIdentity\ActivClient Mini\accoca.exe [2006-05-02 135168]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2008-03-18 13312]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-02-15 258103]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-11-01 794624]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-31 92216]
R2 IFXSpMgtSrv;Security Platform Management Service; C:\WINDOWS\system32\ifxspmgt.exe [2008-01-25 677144]
R2 IFXTCS;Trusted Platform Core Service; C:\WINDOWS\system32\IFXTCS.exe [2008-01-25 886040]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-05-04 161664]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R2 PersonalSecureDriveService;Personal Secure Drive service; C:\WINDOWS\system32\IfxPsdSv.exe [2007-07-24 140568]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2012-06-22 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-11-01 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-11-01 1183744]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 98840]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2008-06-12 2159992]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2010-08-31 710200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 1385896]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 43010392]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-03 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 250056]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WinRM;Windows Remote Management (WS-Management); C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-23 47128]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 366936]
S4 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

-----------------EOF-----------------

Mám: Windows XP Professional verze 2002
Intel Core 2 CPU
2.00 GHz
1,99 RAM

To je zatím vše co jsem našel o tomto PC.

[Rudy]

Zdravím!
Vidím tam rootkit. Dejte log ComobFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

[Hellfik]

Log má 243970 znaků takže ho posílám na letecké poště:
http://leteckaposta.cz/119774749

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Collect::
c:\windows\system32\drivers\tyvm.sys

driver::
dkqowvqn

Regnull::
[HKEY_USERS\S-1-5-21-299502267-1454471165-1417001333-1005\Software\SecuROM\License information*]

Reboot::

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

[Hellfik]

ComboFix 12-07-24.01 - oem 23.07.2012 22:12:09.7.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1556 [GMT 2:00]
Spuštěný z: c:\documents and settings\oem\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\oem\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_dkqowvqn
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-23 do 2012-07-23 )))))))))))))))))))))))))))))))
.
.
2012-07-23 15:27 . 2012-07-23 15:27 -------- d-----w- c:\program files\FileHippo.com
2012-07-16 08:59 . 2012-07-16 10:22 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Temporary Projects
2012-07-16 07:19 . 2012-07-16 07:19 -------- d-----w- c:\program files\KONAMI
2012-07-14 12:58 . 2012-07-23 12:29 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\LogMeIn Hamachi
2012-07-14 12:58 . 2012-07-23 20:28 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2012-07-14 12:57 . 2012-07-14 12:57 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-07-14 09:28 . 2012-07-14 09:28 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\PDF Writer
2012-07-14 09:28 . 2012-07-14 09:28 -------- d-----w- c:\documents and settings\oem\Data aplikací\PDF Writer
2012-07-14 08:50 . 2012-07-14 08:50 -------- d-----w- c:\program files\Common Files\STORMWARE
2012-07-14 08:50 . 2008-10-30 07:27 227840 ----a-w- c:\windows\system32\bzFlRdr.dll
2012-07-14 08:50 . 2008-07-09 07:27 103424 ----a-w- c:\windows\system32\bzDCT.dll
2012-07-14 08:49 . 2004-02-23 18:42 1386496 ----a-w- c:\windows\system32\msvbvm60.dll
2012-07-10 19:36 . 2012-07-10 19:36 -------- d-----w- c:\program files\Common Files\Skype
2012-07-10 10:54 . 2012-07-10 10:54 -------- d-----w- c:\program files\Fiddler2
2012-07-09 05:01 . 2012-07-09 05:01 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2012-07-08 16:34 . 2012-07-08 16:34 -------- d-----w- c:\program files\Origin Games
2012-07-08 16:34 . 2012-07-08 16:34 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\Origin
2012-07-08 16:34 . 2012-07-09 05:06 -------- d-----w- c:\documents and settings\oem\Data aplikací\Origin
2012-07-08 16:31 . 2012-07-16 04:48 -------- d-----w- c:\program files\Origin
2012-07-08 16:25 . 2012-07-08 16:25 -------- d-----w- C:\ProgramData
2012-07-08 16:07 . 2010-05-26 09:41 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-07-08 16:07 . 2010-05-26 09:41 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll
2012-07-08 16:07 . 2010-05-26 09:41 248672 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-07-08 16:07 . 2010-05-26 09:41 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
2012-07-08 16:07 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
2012-07-08 16:06 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2012-07-08 16:06 . 2009-09-04 15:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2012-07-08 16:06 . 2009-09-04 15:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2012-07-08 16:06 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2012-07-08 16:06 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-07-08 15:53 . 2012-07-08 15:53 -------- d-----w- c:\program files\Common Files\Java
2012-07-08 15:52 . 2012-05-04 17:29 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-08 15:49 . 2012-07-08 15:49 -------- d-----w- c:\program files\Java
2012-07-08 15:38 . 2012-07-08 15:38 -------- d-----w- c:\program files\Oracle
2012-07-08 15:37 . 2012-07-08 15:37 -------- d-----w- c:\documents and settings\oem\Data aplikací\Oracle
2012-07-08 15:37 . 2012-05-04 17:29 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-08 15:30 . 2012-07-08 15:30 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Sun
2012-07-08 15:22 . 2012-07-08 15:22 -------- d-----w- c:\program files\SystemRequirementsLab
2012-07-08 15:05 . 2012-07-08 16:31 -------- d-----w- c:\program files\Electronic Arts
2012-07-08 14:34 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2012-07-08 14:34 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2012-07-08 14:34 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2012-07-08 14:34 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-07-08 14:34 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-07-08 14:34 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-07-08 14:33 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-07-08 14:33 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-07-08 14:33 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2012-07-08 14:33 . 2008-05-30 12:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2012-07-08 14:33 . 2008-05-30 12:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2012-07-08 14:33 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2012-07-05 18:00 . 2012-07-05 18:00 -------- d-----w- c:\program files\CCleaner
2012-07-05 12:08 . 2012-07-05 15:16 -------- d-----w- c:\program files\VB Decompiler Pro
2012-07-04 12:13 . 2012-07-08 16:28 -------- d-----w- c:\program files\EA Sports
2012-07-02 14:27 . 2012-07-02 14:27 -------- d-----w- c:\documents and settings\oem\Local Settings\Data aplikací\GTX
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-25 12:28 . 2012-06-25 12:28 -------- d-----w- C:\found.001
2012-06-24 08:38 . 2012-06-24 08:38 -------- d-----w- c:\program files\GamePark2
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-23 13:00 . 2012-06-22 17:47 137176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-07-23 13:00 . 2012-06-22 18:34 268952 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-07-23 13:00 . 2012-06-22 17:46 268952 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-07-19 11:40 . 2012-06-22 17:46 268952 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-07-12 08:41 . 2012-04-24 12:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-12 08:41 . 2012-04-24 12:54 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-03 11:46 . 2012-04-23 18:37 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-23 09:59 . 2012-06-23 09:24 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-22 17:57 . 2012-06-22 17:46 75136 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-06-22 17:47 . 2012-06-22 17:47 22328 ----a-w- c:\documents and settings\oem\Data aplikací\PnkBstrK.sys
2012-06-22 17:46 . 2012-06-22 17:46 682280 ----a-w- c:\windows\system32\pbsvc.exe
2012-06-13 13:55 . 2008-04-14 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2008-04-14 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2008-04-14 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2009-08-06 17:24 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2011-09-19 09:27 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2011-09-19 09:27 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2011-09-19 09:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2011-09-19 09:27 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2011-09-19 09:27 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2009-08-06 17:24 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2009-08-06 17:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2011-09-19 09:27 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2011-09-19 09:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-05-31 13:22 . 2008-04-14 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2008-04-14 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2008-04-14 08:06 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-04 17:29 . 2011-10-03 11:44 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-02 13:46 . 2011-09-19 09:21 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-30 07:27 . 2012-02-03 16:12 139264 ----a-w- c:\windows\system32\bzpdf101c.dll
2012-04-30 07:27 . 2012-02-03 16:12 192512 ----a-w- c:\windows\system32\bzpdf101.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-23_19.38.03 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-07-23 20:28 . 2012-07-23 20:28 16384 c:\windows\temp\Perflib_Perfdata_750.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-19 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-19 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-19 137752]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2011-09-19 872448]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-11-01 995328]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-11-01 1101824]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2007-01-09 145184]
"accrdsub"="c:\program files\ActivIdentity\ActivClient Mini\accrdsub.exe" [2006-04-20 176128]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-01-25 677144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-01-12 2219184]
"Kerio VPN Client"="c:\program files\Kerio\VPN Client\kvpnclient.exe" [2008-09-01 2965504]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-15 581693]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]
2006-04-27 13:43 98304 ----a-w- c:\program files\ActivIdentity\ActivClient Mini\ackpbsc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]
2006-04-14 13:55 94208 ----a-w- c:\program files\ActivIdentity\ActivClient Mini\acunlock.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^GamePark klient 2.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\GamePark klient 2.lnk
backup=c:\windows\pss\GamePark klient 2.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^oem^Nabídka Start^Programy^Po spuštění^FIFA 11 Registration.lnk]
path=c:\documents and settings\oem\Nabídka Start\Programy\Po spuštění\FIFA 11 Registration.lnk
backup=c:\windows\pss\FIFA 11 Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\documents and settings\oem\Plocha\kluci\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
2012-07-16 04:46 3407536 ----a-w- c:\program files\Origin\Origin.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-03-07 12:50 137536 ----atw- c:\documents and settings\oem\Local Settings\Data aplikací\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-06-14 16:49 116648 ----atw- c:\documents and settings\oem\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2012-06-27 10:29 1996200 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-07-03 11:46 462920 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-03 11:23 17417392 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-06-23 09:38 880496 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\RealVNC\\VNC4\\winvnc4.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbisqlg.exe"=
"c:\\Program Files\\Sybase\\Shared\\Sybase Central 4.3\\win32\\scjview.exe"=
"c:\\Program Files\\Sybase\\SQL Anywhere 9\\win32\\dbeng9.exe"=
"c:\\skoleni\\exe\\Kasa.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\javaw.exe"=
"c:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"c:\\Documents and Settings\\oem\\Local Settings\\Data aplikací\\Facebook\\Video\\Skype\\FacebookVideoCalling.exe"=
"c:\\Program Files\\EA Sports\\FIFA 09\\FIFA09.exe"=
"c:\\Program Files\\KBot\\KBot 6.19\\KBotcc.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.16\\OpenStealth.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.17\\OpenStealth.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.18\\OpenStealth.exe"=
"c:\\Program Files\\KBot\\KBot 6.23\\KBotcc.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.19\\OpenStealth.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.20\\OpenStealth.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.21\\OpenStealth.exe"=
"c:\\Program Files\\KBot\\KBot 6.26\\KBotcc.exe"=
"c:\\Program Files\\KBot\\KBot 6.28\\KBotcc.exe"=
"c:\\Program Files\\KBot\\KBot 6.29\\KBotcc.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda_2\\Pohoda.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda\\Pohoda.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda_2\\StwRp50C.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda_2\\StwPh.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda\\StwPh.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda\\StwRp50C.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda_2\\StwUpdater.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda\\StwUpdater.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda_2\\StwUpdCopy.exe"=
"c:\\Program Files\\STORMWARE\\Pohoda\\StwUpdCopy.exe"=
"c:\\Program Files\\KBot\\KBot 6.30\\KBotcc.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.25\\OpenStealth.exe"=
"c:\\Program Files\\KBot\\KBot 6.32\\KBotcc.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\et.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Profibot\\OpenStealth 1.27\\OpenStealth.exe"=
"c:\\Program Files\\KBot\\KBot 6.35\\KBotcc.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\KONAMI\\Pro Evolution Soccer 2010\\pes2010.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [21.12.2010 15:04 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [21.12.2010 13:47 94872]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [24.7.2007 8:21 38816]
R2 602XML Updater;602Updater;c:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 13:55 85344]
R2 acachsrv;ActivClient Authentication Service;c:\program files\ActivIdentity\ActivClient Mini\acachsrv.exe [12.4.2006 16:43 81920]
R2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient Mini\accoca.exe [2.5.2006 16:28 135168]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [12.1.2011 16:41 810144]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [27.6.2012 12:29 1385896]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [31.8.2010 12:16 92216]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [23.4.2012 20:37 655944]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [23.6.2012 11:24 242240]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [3.10.2011 11:35 88192]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [24.7.2007 8:21 41216]
R3 kvpndev;Kerio VPN adapter;c:\windows\system32\drivers\kvpndrv.sys [24.6.2008 10:36 65024]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [23.4.2012 20:37 22344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [3.7.2012 13:19 160944]
S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [24.4.2012 14:54 250056]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [23.7.2009 5:08 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [30.3.2009 3:09 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [30.3.2009 3:23 366936]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-24 08:41]
.
2012-07-23 c:\windows\Tasks\User_Feed_Synchronization-{C1F65B6F-2B95-4833-81E1-48FC366A3ED3}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Settings,ProxyServer = 127.0.0.1:3128
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-23 22:32
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1056)
c:\program files\ActivIdentity\ActivClient Mini\ackpbsc.dll
c:\windows\system32\ACLIBEAY.dll
c:\windows\system32\aclog.dll
c:\windows\system32\acevtsub.dll
c:\windows\system32\asphat32.dll
c:\windows\system32\acauth.dll
c:\windows\system32\acerrmes.dll
c:\windows\system32\aspcom.dll
c:\program files\ActivIdentity\ActivClient Mini\Resources\acerrmrc.dll
c:\program files\ActivIdentity\ActivClient Mini\Resources\asphatrc.dll
c:\windows\system32\msi.dll
c:\program files\ActivIdentity\ActivClient Mini\acunlock.dll
c:\windows\system32\aipingui.dll
c:\program files\ActivIdentity\ActivClient Mini\Resources\acunlockrc.dll
.
- - - - - - - > 'explorer.exe'(3680)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\netprovcredman.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\ActivIdentity\ActivClient Mini\acevents.exe
c:\windows\System32\SCardSvr.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\windows\system32\IFXTCS.exe
c:\program files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
c:\windows\system32\IfxPsdSv.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\RealVNC\VNC4\WinVNC4.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files\ActivIdentity\ActivClient Mini\acevents.exe
c:\program files\Hewlett-Packard\Shared\hpqToaster.exe
c:\progra~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
c:\program files\Hewlett-Packard\Shared\hpCaslNotification.exe
c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
.
**************************************************************************
.
Celkový čas: 2012-07-23 22:46:10 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-23 20:46
ComboFix2.txt 2012-07-23 19:45
ComboFix3.txt 2012-04-23 09:53
ComboFix4.txt 2012-04-23 09:27
ComboFix5.txt 2012-07-23 20:09
.
Před spuštěním: Volných bajtů: 56 757 219 328
Po spuštění: Volných bajtů: 56 778 141 696
.
- - End Of File - - 78DEDBF429327E60E846FB1D366C6DF3

EDIT1: Myslím si že to už funguje - tedy zvuk už si myslím funguje normálně.

[Hellfik]

Aha tak se to zase zasekává jako předtím. Po tom combofixu a restartu to šlo krásně tak jsem to večer vypl a když jsem to ráno zapl tak to zase jelo pomalu a zasekával se zvuk. Pokud bude potřeba tak kdyžtak skusím nějak nahrát ten zvuk jak to vtom "křupe".

[Rudy]

Zkuste reinstalovat ovladač zv. karty.

[Hellfik]

Ok zkusím to. Jo zapoměl jsem dodat že dneska mi padla BSOD - asi to nebude mít stímto problémem souvislost ale radši to napíšu.

[Rudy]

Přiložte obsah složky c:windows\minidump zabalený do raru k vašmu příštímu postu.

[Hellfik]

http://leteckaposta.cz/758434835
Jinak já se do té zvukovky radši hrabat nebudu nebo to ještě rozbiju. Nevíte kde bych našel ovladače které k té zvukovce potřebuji? Jelikož já nemůžu nic najít.

[Rudy]

Hledejte na webu výrobce vaší zákl. desky, nebo zv. karty (máte-li vloženou kartu).

[Hellfik]

Asi jsem to už přeinstalovat ale stále to blbne.
Nevíte co je to svchost.exe? Jelikož od začátku problému se mi zdá že je ho ve správci úloh více než dříve. Dnes je tam 8x a býval tam 1x...

[Rudy]

svchost.exe je proces řídící síť. služby. Je spuště tolikrát, kolik služeb řídí.

Asi jsem to už přeinstalovat..

Toto bych rád věděl určitě, může to být stěžejní věc.

[Hellfik]

No ono bylo problém najít ten ovladač já ho možná našel ale nejsem si jistý... Na mojí zvukovou kartu jsem nacházel ovladače jen na Vistu. A když jsem sehnal jeden na XP tak tam psali něco o Toshibe tak jsem to radši neinstaloval abych něco nepodělal a našel jsem nějaký na XP tak jsem to zkusil ale problém tu furt je. Zkouším stále hledat přez google a zkouším tam psát: Analog Devices AD1981HD @ Intel 82801GBM ICH7-M Driver download nebo Analog Devices AD1981HD driver ale nemohu najít nic kloudného a na HP mají celý den přetížené servery nejspíš takže mi to stáhnout nejde. Na stránkách výrobce zvukové karty to nenachází nic kloudného viz. http://search.analog.com/search/default ... D&local=en

[Hellfik]

http://h20000.www2.hp.com/bizsupport/Te ... 135&mode=3
Tohle by měl být on jenže nejde stáhnout - Stránka je nedostupná