Wigon.MM a siszyd32.exe prosím o pomoc

Zpráva

jasanek · #1 Příspěvek od **jasanek** » 05 pro 2009 17:43

Po startu windows mi nod hlásí wigon.mm v souboru atapi.sys. Počítač je trochu pomalejší.

Zde je výpis Combo fix

ComboFix 09-12-04.04 - admin 05.12.2009 16:20:56.1.1 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.800 [GMT 1:00]
Spuštěný z: c:\Documents and Settings\admin\Plocha\ComboFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
FW: Sunbelt Personal Firewall *enabled* {2736EE90-D7F8-499E-AA60-E65D4C2FE069}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atIAcmxx.dll
C:\WINDOWS\system32\av_md.exe
C:\WINDOWS\system32\config\systemprofile\av_md.exe
C:\WINDOWS\system32\config\systemprofile\oashdihasidhasuidhiasdhiashdiuasdhasd
C:\WINDOWS\system32\ieuinit.inf

C:\WINDOWS\system32\userinit.exe . . . je infikován!!

Nakažená kopie C:\WINDOWS\system32\Drivers\atapi.sys byla nalezena a vyléčena.
Obnovena kopie z - C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\atapi.sys

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SKYNET
-------\Service_SKYNET

((((((((((((((((((((((((( Soubory vytvořené od 2009-11-05 do 2009-12-05 )))))))))))))))))))))))))))))))
.

2009-11-29 14:45:06 . 2009-11-29 14:45:51 0 d-----w- C:\Program Files\Traffic Giant
2009-11-29 12:00:09 . 2009-11-29 12:03:42 0 d-----w- C:\Program Files\WinTrack8
2009-11-24 16:50:32 . 2009-11-26 18:26:25 0 d-----w- C:\Program Files\Traffic City 2
2009-11-22 15:52:32 . 2009-11-22 15:56:03 0 d-----w- C:\Program Files\ExpertLotto
2009-11-22 15:51:14 . 2009-11-22 15:51:51 0 d-----w- C:\Program Files\Java
2009-11-22 15:51:12 . 2009-11-22 15:51:12 0 d-----w- C:\Program Files\Common Files\Java
2009-11-22 14:16:01 . 2009-11-22 14:16:06 0 d-----w- C:\Program Files\Rozpisy pro Sportku - free verze 107
2009-11-22 13:28:10 . 1997-03-04 11:44:10 66560 ----a-w- C:\WINDOWS\system32\Nmorenu.dll
2009-11-22 13:28:10 . 1997-01-29 15:53:26 240640 ----a-w- C:\WINDOWS\system32\Nmocod.dll
2009-11-22 13:28:10 . 1997-01-29 15:46:28 48128 ----a-w- C:\WINDOWS\system32\Nmsckn.dll
2009-11-22 13:28:07 . 2009-11-22 13:28:14 0 d-----w- C:\Program Files\Rozpisy pro Šťastných10 (KENO10) - free verze
2009-11-13 19:49:41 . 2009-11-13 19:49:41 0 d-----w- C:\Program Files\Monte Cristo
2009-11-07 21:11:42 . 2009-11-08 21:50:56 0 d-----w- C:\ProgDVB

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-05 10:02:44 . 2006-10-01 16:24:19 0 d-----w- C:\Program Files\Mozilla Thunderbird
2009-11-28 14:19:21 . 2006-10-01 16:35:24 0 d-----w- C:\Program Files\ArtMoney
2009-11-22 15:33:40 . 2008-07-02 20:07:41 0 d-----w- C:\Program Files\MSECache
2009-11-22 14:30:53 . 2009-09-21 21:15:13 0 d-----w- C:\Program Files\Farma
2009-11-22 14:15:55 . 2006-10-27 16:00:35 796672 ----a-w- C:\WINDOWS\GPInstall.exe
2009-11-13 19:49:40 . 2006-10-01 16:09:37 0 d--h--w- C:\Program Files\InstallShield Installation Information
2009-11-13 19:49:18 . 2008-03-10 16:58:27 0 d-----w- C:\Program Files\Airline Tycoon Evolution
2009-11-08 21:45:45 . 2009-09-01 08:26:27 0 d-----w- C:\Program Files\ProgDVB
2009-10-27 10:38:39 . 2001-10-25 14:00:00 83832 ----a-w- C:\WINDOWS\system32\perfc005.dat
2009-10-27 10:38:39 . 2001-10-25 14:00:00 440590 ----a-w- C:\WINDOWS\system32\perfh005.dat
2009-10-25 12:29:25 . 2007-03-13 18:55:27 0 d-----w- C:\Program Files\Recepty doma
2009-10-22 17:43:50 . 2009-10-22 17:39:49 0 d-----w- C:\Program Files\Euro Truck Simulator
2009-10-22 10:03:51 . 2009-10-22 10:03:51 0 d-----w- C:\Program Files\TransSib
2009-10-18 18:51:53 . 2008-12-30 20:48:04 0 d-----w- C:\Program Files\SWF Opener
2009-10-17 07:53:19 . 2009-10-17 07:30:16 0 d-----w- C:\Program Files\Easypano
2009-10-15 15:04:53 . 2009-10-15 15:04:53 0 d-----w- C:\Program Files\TryMedia
2009-10-13 19:32:34 . 2009-06-02 18:37:53 0 d-----w- C:\Program Files\JAM_EE
2009-10-12 18:41:53 . 2009-10-12 18:41:49 0 d-----w- C:\Program Files\Moto assistant
2009-10-12 18:40:37 . 2009-10-12 18:31:51 0 d-----w- C:\Program Files\Quick Moto
2009-10-10 20:49:33 . 2009-10-10 20:49:33 0 d-----w- C:\Program Files\Paradox Interactive
2009-10-10 16:43:35 . 2009-10-02 16:30:34 0 d-----w- C:\Program Files\IndustryGiant 2
2009-10-10 16:03:25 . 2009-10-10 15:31:27 0 d-----w- C:\Program Files\wLite
2009-09-25 05:58:06 . 2004-08-17 13:49:22 663040 ----a-w- C:\WINDOWS\system32\wininet.dll
2009-09-25 05:58:02 . 2004-08-17 13:49:10 81920 ----a-w- C:\WINDOWS\system32\ieencode.dll
2009-09-20 20:49:27 . 2006-10-18 17:39:14 3208 ----a-w- C:\WINDOWS\im32st.dat
2009-06-20 16:32:39 . 2009-06-20 16:35:47 3017985 ----a-w- C:\Program Files\openttd-0.7.1-win32.exe

jasanek · #2 Příspěvek od **jasanek** » 05 pro 2009 18:47

Navíc mi teď každou chvíli vyskočí Spybot s nějakou důležitou změnou v registrech. Vždy je tam value smazána. Povolit, nepovolit. A Svchost mi stále běží mezi 80-100%.

#3 Příspěvek od **Roli** » 05 pro 2009 22:03

Zdravím, potřeboval bych ten log z ComboFix vidět celý, ty jsi ho sem dal půlku, log je na C:/Combofix.txt.

jasanek · #4 Příspěvek od **jasanek** » 19 pro 2009 18:30

Tak nakonec jsem přeinstaloval Windows. A vše se srovnalo. Po týdnu opět stejný příznak. Přišel jsem na to že to dělá soubor siszyd32.exe který je umístěn přímo v Documents and Settings/uživatel/po spuštění a nejde smazat. Ani v nouzovém režimu. Smazal jsem ho tedy v bootovacím režimu. A problém zmizel. Provedl kontrolu pomocí Ad-aware a Spybot a nic. Stejně tak Nod nic nenašel. Týden klid a teď se tam ten soubor zase najednou objevil a položka svchost opět téměř 100%. Co byste mi prosím poradili. Děkuji.

#5 Příspěvek od **Roli** » 19 pro 2009 19:38

siszyd32.exe je vir, tak že použij Rsit z mého podpisu a něco s ním provedeme.

jasanek · #6 Příspěvek od **jasanek** » 19 pro 2009 20:15

info.txt logfile of random's system information tool 1.06 2009-12-19 20:12:18

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent CZ 1.8.5 (build 17414)-->"C:\Documents and Settings\admin\Data aplikací\uTorrent\unins000.exe"
3GP Video Converter 3-->C:\Program Files\ImTOO\3GP Video Converter 3\Uninstall.exe
3ivx MPEG-4 5.0.1 (remove only)-->"C:\Program Files\3ivx\3ivx MPEG-4 5.0.1\uninstall.exe"
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.2 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A92000000001}
Aktualizace systému Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
AstraSlim 1200 SE-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4D3113CE-AC43-4F4B-9768-A565A36ED67B}\setup.exe"
Athlon 64 Processor Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x5
ATI Catalyst Control Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x0
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
BlueSoleil-->MsiExec.exe /X{38F0F8B4-3786-42D6-A82C-DF1FEB010C46}
Catalyst Control Center - Branding-->MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini"
Dir2Mht 2.1-->"C:\Program Files\Dir2Mht\unins000.exe"
DocuCom PDF Driver-->MsiExec.exe /I{5DB98991-D4E7-443F-AD20-13A4ED705D63}
DU Meter-->"C:\Program Files\DU Meter\unins000.exe"
DVBViewer TE2-->"C:\Program Files\DVBViewer TE2\unins000.exe"
ESET Smart Security-->MsiExec.exe /I{49B6C667-BADF-4CBB-81A5-62053B02240A}
FLV Player 1.3.3-->"C:\Program Files\FLVPlayer\uninstall.exe"
Gibo SMS-->C:\Program Files\Gibo SMS\Plugins\Gibo SMS\Uninstall.exe
Google Earth-->MsiExec.exe /X{9074AFC0-CFDA-11DE-B484-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
ICQ6-->"C:\Program Files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
iTV - televizní program 1.6.536-->"C:\Program Files\iTV\unins000.exe"
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110405-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Mozilla Firefox (3.5.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.0)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSI Star Cam 370i-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECD03DA7-5952-406A-8156-5F0C93618D1F}\Setup.exe" -l0x9
Multimedia Keyboard Driver Ver1.0 (KB-0108)-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF262740-C85A-11D5-BBEC-00D0B740900A}\Setup.exe"
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)-->"C:\Program Files\ESET\ESET Smart Security\unins000.exe"
NVIDIA Drivers-->C:\WINDOWS\system32\NVUNINST.EXE UninstallGUI
Odinstalační program HP LaserJet 1200-->C:\Program Files\Hewlett-Packard\LaserJet All-in-one\Uninstall\1200\setup.exe uninst12.ini
OpenTTD 0.7.3-->C:\Program Files\OpenTTD\uninstall.exe
ProgDVB-->C:\Program Files\ProgDVB\Uninstall.exe
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
SDFormatter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5A347920-4AFC-11D5-9FB0-800649886934}\setup.exe"
Softarová utilita ATI - Odinstalovat-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
TechniSat DVB-PC TV Star-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}\Setup.exe" -l0x9 anything -removeonly
Technisat DVB-VC80 Redistributable Modules-->MsiExec.exe /I{134007CC-7026-46C2-B46F-40D9FD2AF385}
Total Commander (Remove or Repair)-->C:\Program Files\Totalcmd\tcuninst.exe
Transport Tycoon Deluxe-->"C:\Program Files\TTDX\unins000.exe"
USB2.0 PC Camera-->C:\Program Files\InstallShield Installation Information\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}\setup.exe -runfromtemp -l0x0009 -removeonly -u
WebCam Live-->MsiExec.exe /X{E9DDC9D1-2D27-4BB2-9CBB-7B93D91B7B26}
WebCam Monitor 5.2-->"C:\Program Files\Deskshare\WebCam Monitor 5\unins000.exe"
Winamp (remove only)-->"C:\Program Files\Winamp\UninstWA.exe"
Windows Installer 3.1 (KB893803)-->"C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: ESET Smart Security 3.0
FW: ESET personal firewall

======System event log======

Computer Name: MACHINENAME
Event Code: 18
Message: Klíče připojení Bluetooth nelze do místního vysílače uložit, protože se nepodařilo zjistit, zda je povoleno správné zabezpečení zařízení.

Record Number: 5
Source Name: BTHUSB
Time Written: 20091205210711.000000+060
Event Type: Upozornění
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Během prověřování, zda \Device\Serial0 je skutečně sériový port, byl zjištěn zásobník typu FIFO. Bude použit tento zásobník.

Record Number: 4
Source Name: Serial
Time Written: 20091205210324.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 2
Message: Během prověřování, zda \Device\Serial1 je skutečně sériový port, byl zjištěn zásobník typu FIFO. Bude použit tento zásobník.

Record Number: 3
Source Name: Serial
Time Written: 20091205210324.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6005
Message: Služba Event Log byla spuštěna.

Record Number: 2
Source Name: EventLog
Time Written: 20091205210310.000000+060
Event Type: Informace
User:

Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20091205210310.000000+060
Event Type: Informace
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 10, AuthenticAMD
"PROCESSOR_REVISION"=040a
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

#7 Příspěvek od **Roli** » 19 pro 2009 20:18

Oou tohle info.txt nee, potřebuji log.txt

jasanek · #8 Příspěvek od **jasanek** » 19 pro 2009 20:20

LOG.TXT:

Logfile of random's system information tool 1.06 (written by random/random)
Run by admin at 2009-12-19 20:10:11
Systém Microsoft Windows XP Professional Service Pack 2
System drive C: has 9 GB (18%) free of 50 GB
Total RAM: 1023 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:51, on 19.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\DU Meter\DUMeter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\DU Meter\DUMeterSvc.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\admin\Plocha\x\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [DU Meter] C:\Program Files\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FreeRapid 0.83u1.lnk = C:\Documents and Settings\admin\Plocha\mash\FreeRapid\frd.exe
O4 - Startup: mHotkey.lnk = C:\WINDOWS\mHotkey.exe
O4 - Startup: siszyd32.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D2C71639-133A-49B4-8D7B-81873FBCA642}: NameServer = 192.168.5.1
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DU Meter Service (DUMeterSvc) - Hagel Technologies Ltd - C:\Program Files\DU Meter\DUMeterSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

--
End of file - 5564 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 501400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2007-12-21 1443072]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2004-12-22 77824]
"NVRaidService"=C:\WINDOWS\system32\nvraidservice.exe [2004-06-11 83968]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-29 61440]
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-17 159232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"=C:\Program Files\DU Meter\DUMeter.exe [2007-11-13 2585360]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
bthprops.cpl,,BluetoothAuthenticationAgent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
C:\WINDOWS\mHotkey.exe [2002-07-23 477184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
C:\Program Files\DAEMON Tools\daemon.exe [2007-08-16 167368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
C:\WINDOWS\FixCamera.exe [2007-07-11 20480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gibo SMS]
C:\Program Files\Gibo SMS\gd\GiboSMS.exe [2006-12-01 962560]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6\ICQ.exe [2007-12-19 172280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
C:\WINDOWS\vsnp2std.exe [2007-09-28 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\WINDOWS\vsnpstd3.exe [2005-09-05 339968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe [2007-03-14 83608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
C:\WINDOWS\tsnp2std.exe [2007-05-12 270336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
C:\WINDOWS\tsnpstd3.exe [2005-12-20 94208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files\Winamp\winampa.exe [2006-06-21 35328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^mHotkey.lnk]
C:\WINDOWS\mHotkey.exe [2002-07-23 477184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^siszyd32.exe]
C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění\siszyd32.exe [2004-08-17 33792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ScanPanel.lnk]
C:\SCANPA~1\ScnPanel.exe [2002-05-09 1941504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Server4PC.lnk]
C:\PROGRA~1\TECHNI~1\bin\SERVER~1.EXE [2009-09-08 338448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinManager.lnk]
C:\PROGRA~1\PC-TV\WINMAN~1\WINMAN~1.EXE []

C:\Documents and Settings\admin\Nabídka Start\Programy\Po spuštění
FreeRapid 0.83u1.lnk - C:\Documents and Settings\admin\Plocha\mash\FreeRapid\frd.exe
mHotkey.lnk - C:\WINDOWS\mHotkey.exe
siszyd32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-09-30 155648]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\GetWare\WebCam Live\WebCam.exe"="C:\Program Files\GetWare\WebCam Live\WebCam.exe:*:Enabled:WebCam Live"
"C:\Documents and Settings\admin\Data aplikací\uTorrent\utorrent.exe"="C:\Documents and Settings\admin\Data aplikací\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\TechniSat DVB\bin\Server4PC.exe"="C:\Program Files\TechniSat DVB\bin\Server4PC.exe:*:Enabled:Server4PC"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50774d7a-e1d8-11de-ad81-806d6172696f}]
shell\AutoRun\command - K:\setup.exe

======List of files/folders created in the last 1 months======

2009-12-19 20:10:16 ----D---- C:\Program Files\trend micro
2009-12-19 20:10:11 ----D---- C:\rsit
2009-12-19 16:23:21 ----A---- C:\WINDOWS\ProgDVB.Ini
2009-12-19 12:56:48 ----A---- C:\ProgDVB.ini
2009-12-19 12:40:25 ----D---- C:\dvbdream
2009-12-19 12:32:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\CMUV
2009-12-19 12:31:51 ----D---- C:\Documents and Settings\All Users\Data aplikací\Technisat
2009-12-19 12:31:39 ----D---- C:\Program Files\DVBViewer TE2
2009-12-19 12:31:08 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-12-19 12:19:04 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-12-19 11:58:28 ----D---- C:\Program Files\ProgDVB
2009-12-19 11:29:09 ----D---- C:\Images
2009-12-17 13:47:23 ----D---- C:\Program Files\Lavasoft
2009-12-17 13:47:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Lavasoft
2009-12-17 13:47:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-12-17 10:28:32 ----A---- C:\WINDOWS\ntbtlog.txt
2009-12-17 00:12:59 ----D---- C:\Documents and Settings\admin\Data aplikací\uTorrent
2009-12-16 12:10:59 ----A---- C:\WINDOWS\system32\fjhdyfhsn.bat
2009-12-15 23:48:36 ----D---- C:\Program Files\Panasonic
2009-12-15 23:48:36 ----A---- C:\WINDOWS\system32\SDDEVMGR.dll
2009-12-15 23:00:08 ----A---- C:\WINDOWS\system32\wnaspi32.dll
2009-12-14 21:47:46 ----D---- C:\Documents and Settings\admin\Data aplikací\Help
2009-12-12 21:06:44 ----SHD---- C:\WINDOWS\ftpcache
2009-12-12 20:32:01 ----D---- C:\Program Files\iTV
2009-12-12 15:14:31 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2009-12-12 15:14:22 ----D---- C:\Program Files\Common Files\Adobe
2009-12-11 19:44:11 ----D---- C:\Documents and Settings\admin\Data aplikací\GetWare
2009-12-11 19:43:49 ----D---- C:\Program Files\GetWare
2009-12-11 19:36:56 ----D---- C:\Documents and Settings\All Users\Data aplikací\Deskshare
2009-12-11 19:36:54 ----D---- C:\WINDOWS\XSxS
2009-12-11 19:36:54 ----D---- C:\Program Files\Xenocode
2009-12-11 19:36:46 ----D---- C:\Program Files\Common Files\Deskshare Shared
2009-12-11 19:36:43 ----D---- C:\Program Files\Deskshare
2009-12-11 17:56:15 ----D---- C:\Program Files\Dir2Mht
2009-12-10 19:58:16 ----D---- C:\WINDOWS\Sun
2009-12-10 19:42:56 ----D---- C:\Documents and Settings\admin\Data aplikací\Google
2009-12-10 19:41:06 ----D---- C:\Program Files\Google
2009-12-08 22:06:06 ----D---- C:\Program Files\ImTOO
2009-12-08 20:33:57 ----HD---- C:\WINDOWS\PIF
2009-12-08 18:19:20 ----D---- C:\Program Files\Codec Pack - All In 1
2009-12-08 18:19:19 ----D---- C:\WINDOWS\system32\languages
2009-12-08 18:17:40 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt
2009-12-08 18:15:19 ----D---- C:\Documents and Settings\admin\Data aplikací\Media Player Classic
2009-12-08 17:54:08 ----D---- C:\WINDOWS\system32\QuickTime
2009-12-08 17:54:06 ----D---- C:\Program Files\3ivx
2009-12-06 23:06:45 ----D---- C:\Documents and Settings\All Users\Data aplikací\ATI
2009-12-06 23:04:31 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2009-12-06 23:04:00 ----D---- C:\Program Files\ATI Technologies
2009-12-06 20:56:07 ----N---- C:\WINDOWS\system32\spmsg.dll
2009-12-06 20:56:07 ----D---- C:\WINDOWS\system32\PreInstall
2009-12-06 20:56:06 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2009-12-06 20:56:04 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2009-12-06 20:56:04 ----HD---- C:\WINDOWS\$hf_mig$
2009-12-06 20:53:25 ----D---- C:\WINDOWS\Minidump
2009-12-06 20:39:10 ----D---- C:\WINDOWS\system32\Lang
2009-12-06 20:19:52 ----D---- C:\Documents and Settings\admin\Data aplikací\AdobeUM
2009-12-06 18:34:08 ----A---- C:\WINDOWS\WININIT.INI
2009-12-06 18:28:15 ----A---- C:\WINDOWS\system32\wmpns.dll
2009-12-06 18:27:14 ----D---- C:\Program Files\StarCodec
2009-12-06 15:24:05 ----D---- C:\Program Files\MHDsim2009
2009-12-06 15:10:11 ----D---- C:\Documents and Settings\admin\Data aplikací\WinRAR
2009-12-06 15:09:52 ----D---- C:\Program Files\WinRAR
2009-12-06 15:07:29 ----D---- C:\Documents and Settings\All Users\Data aplikací\WinZip
2009-12-06 14:49:17 ----D---- C:\ATI
2009-12-06 14:35:34 ----D---- C:\Documents and Settings\admin\Data aplikací\Macromedia
2009-12-06 13:45:38 ----D---- C:\Program Files\OpenTTD
2009-12-06 13:43:39 ----D---- C:\Program Files\TTDX
2009-12-06 13:41:48 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-06 13:41:48 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2009-12-06 13:31:50 ----D---- C:\Program Files\Gibo SMS
2009-12-06 12:53:21 ----D---- C:\Documents and Settings\admin\Data aplikací\ATI
2009-12-06 12:48:17 ----A---- C:\WINDOWS\system32\wiafbdrv.dll
2009-12-06 12:45:12 ----A---- C:\WINDOWS\system32\vbar332.dll
2009-12-06 12:45:12 ----A---- C:\WINDOWS\system32\msrd2x35.dll
2009-12-06 12:45:12 ----A---- C:\WINDOWS\system32\msjter35.dll
2009-12-06 12:45:12 ----A---- C:\WINDOWS\system32\Msjint35.dll
2009-12-06 12:45:12 ----A---- C:\WINDOWS\system32\msjet35.dll
2009-12-06 12:45:11 ----D---- C:\Program Files\TechniSat DVB
2009-12-06 12:39:21 ----A---- C:\WINDOWS\WindowsXP-KB822603-x86.exe
2009-12-06 12:39:21 ----A---- C:\WINDOWS\FixCamera.exe
2009-12-06 12:39:16 ----A---- C:\WINDOWS\vsnp2std.exe
2009-12-06 12:39:16 ----A---- C:\WINDOWS\tsnp2std.exe
2009-12-06 12:39:16 ----A---- C:\WINDOWS\snp2std.ini
2009-12-06 12:39:08 ----A---- C:\WINDOWS\system32\vsnp2std.dll
2009-12-06 12:39:08 ----A---- C:\WINDOWS\system32\rsnp2std.dll
2009-12-06 12:39:08 ----A---- C:\WINDOWS\system32\csnp2std.dll
2009-12-06 12:39:07 ----D---- C:\Program Files\Common Files\snp2std
2009-12-06 12:38:51 ----D---- C:\Documents and Settings\admin\Data aplikací\InstallShield
2009-12-06 12:37:44 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
2009-12-06 12:29:43 ----D---- C:\Program Files\IVT Corporation
2009-12-06 12:28:17 ----A---- C:\WINDOWS\amcap.exe
2009-12-06 12:28:10 ----N---- C:\WINDOWS\tsnpstd3.exe
2009-12-06 12:28:10 ----A---- C:\WINDOWS\vsnpstd3.exe
2009-12-06 12:28:09 ----A---- C:\WINDOWS\snpstd3.ini
2009-12-06 12:28:07 ----N---- C:\WINDOWS\usnpstd3.exe
2009-12-06 12:28:07 ----N---- C:\WINDOWS\system32\vsnpstd3.dll
2009-12-06 12:28:07 ----N---- C:\WINDOWS\system32\rsnpstd3.dll
2009-12-06 12:28:07 ----A---- C:\WINDOWS\vsnpstd3.dll
2009-12-06 12:28:07 ----A---- C:\WINDOWS\system32\csnpstd3.dll
2009-12-06 12:28:06 ----D---- C:\Program Files\Common Files\snpstd3
2009-12-06 12:23:41 ----A---- C:\WINDOWS\Instit.ini
2009-12-06 12:23:41 ----A---- C:\WINDOWS\InstIt.exe
2009-12-06 12:23:40 ----A---- C:\WINDOWS\mHotkey.exe
2009-12-06 12:23:40 ----A---- C:\WINDOWS\HKNTDLL.dll
2009-12-06 12:19:58 ----RSD---- C:\WINDOWS\assembly
2009-12-06 12:19:57 ----D---- C:\WINDOWS\Microsoft.NET
2009-12-06 12:19:56 ----D---- C:\WINDOWS\system32\URTTemp
2009-12-06 12:08:55 ----A---- C:\WINDOWS\IsUninst.exe
2009-12-06 11:59:58 ----D---- C:\Program Files\PC-TV
2009-12-06 11:56:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\MSScanAppDataDir
2009-12-06 11:54:49 ----A---- C:\WINDOWS\ScnPanel.ini
2009-12-06 11:54:49 ----A---- C:\WINDOWS\Ausba5.ini
2009-12-06 11:54:49 ----A---- C:\WINDOWS\AstraPro.ini
2009-12-06 11:54:48 ----A---- C:\WINDOWS\system32\Remove4010.exe
2009-12-06 11:54:36 ----RA---- C:\WINDOWS\system32\ProMicro.dll
2009-12-06 11:54:36 ----RA---- C:\WINDOWS\GetKey5.dll
2009-12-06 11:54:36 ----RA---- C:\WINDOWS\A5.dll
2009-12-06 11:54:36 ----N---- C:\WINDOWS\Ausba5.dll
2009-12-06 11:54:22 ----N---- C:\WINDOWS\AstraPro305.ini
2009-12-06 11:50:47 ----D---- C:\My Documents
2009-12-06 11:50:38 ----A---- C:\WINDOWS\hpbafd.ini
2009-12-06 11:50:20 ----N---- C:\WINDOWS\system32\hppapts0.dll
2009-12-06 11:50:20 ----N---- C:\WINDOWS\system32\hppapml0.exe
2009-12-06 11:50:20 ----N---- C:\WINDOWS\system32\hppapml0.dll
2009-12-06 11:50:20 ----N---- C:\WINDOWS\system32\hppanet0.exe
2009-12-06 11:50:20 ----N---- C:\WINDOWS\system32\hppadt40.dll
2009-12-06 11:50:15 ----N---- C:\WINDOWS\system32\roboex32.dll
2009-12-06 11:50:15 ----N---- C:\WINDOWS\system32\hppamon0.dll
2009-12-06 11:50:14 ----N---- C:\WINDOWS\system32\hpdcmon.dll
2009-12-06 11:49:37 ----D---- C:\Program Files\Hewlett-Packard
2009-12-06 11:47:54 ----A---- C:\WINDOWS\IsUn0405.exe
2009-12-06 03:36:54 ----SHD---- C:\RECYCLER
2009-12-06 01:18:06 ----D---- C:\Documents and Settings\admin\Data aplikací\VitySoft
2009-12-06 01:16:44 ----D---- C:\Documents and Settings\admin\Data aplikací\Talkback
2009-12-06 01:09:38 ----D---- C:\Documents and Settings\admin\Data aplikací\Adobe
2009-12-06 01:03:38 ----D---- C:\Program Files\Mozilla Thunderbird
2009-12-06 01:02:58 ----D---- C:\Documents and Settings\admin\Data aplikací\Thunderbird
2009-12-06 00:59:21 ----D---- C:\WINDOWS\system32\appmgmt
2009-12-06 00:30:21 ----A---- C:\WINDOWS\iun6002.exe
2009-12-06 00:29:32 ----D---- C:\Program Files\3GP Video Converter
2009-12-06 00:29:18 ----D---- C:\Program Files\IrfanView
2009-12-06 00:28:58 ----A---- C:\WINDOWS\ODBC.INI
2009-12-06 00:28:53 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-12-06 00:28:25 ----D---- C:\Program Files\Common Files\DESIGNER
2009-12-06 00:28:13 ----D---- C:\WINDOWS\SHELLNEW
2009-12-06 00:28:11 ----D---- C:\Program Files\Microsoft Office
2009-12-06 00:26:11 ----D---- C:\Program Files\FLVPlayer
2009-12-06 00:23:50 ----D---- C:\Program Files\DAEMON Tools
2009-12-05 23:56:03 ----D---- C:\Documents and Settings\admin\Data aplikací\Mozilla
2009-12-05 23:55:56 ----D---- C:\Program Files\Mozilla Firefox
2009-12-05 23:55:08 ----D---- C:\Documents and Settings\admin\Data aplikací\Zeon
2009-12-05 23:55:00 ----D---- C:\Program Files\zeon
2009-12-05 23:55:00 ----D---- C:\Documents and Settings\All Users\Data aplikací\zeon
2009-12-05 23:54:39 ----A---- C:\WINDOWS\system32\javaws.exe
2009-12-05 23:54:39 ----A---- C:\WINDOWS\system32\javaw.exe
2009-12-05 23:54:39 ----A---- C:\WINDOWS\system32\java.exe
2009-12-05 23:54:28 ----D---- C:\WINDOWS\Downloaded Installations
2009-12-05 23:54:00 ----D---- C:\Program Files\Adobe
2009-12-05 23:53:26 ----D---- C:\Program Files\Java
2009-12-05 23:53:24 ----D---- C:\Program Files\Common Files\Java
2009-12-05 23:53:01 ----D---- C:\Documents and Settings\admin\Data aplikací\Sun
2009-12-05 23:52:50 ----D---- C:\Documents and Settings\admin\Data aplikací\ICQ
2009-12-05 23:52:19 ----D---- C:\Program Files\ICQ6
2009-12-05 23:50:14 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2009-12-05 23:49:41 ----D---- C:\Program Files\DU Meter
2009-12-05 23:45:43 ----D---- C:\Documents and Settings\All Users\Data aplikací\Hagel Technologies
2009-12-05 23:42:00 ----N---- C:\WINDOWS\system32\pxsfs.dll
2009-12-05 23:42:00 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2009-12-05 23:42:00 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2009-12-05 23:42:00 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2009-12-05 23:41:59 ----N---- C:\WINDOWS\system32\vxblock.dll
2009-12-05 23:41:59 ----N---- C:\WINDOWS\system32\pxwave.dll
2009-12-05 23:41:59 ----N---- C:\WINDOWS\system32\pxmas.dll
2009-12-05 23:41:59 ----N---- C:\WINDOWS\system32\pxdrv.dll
2009-12-05 23:41:59 ----N---- C:\WINDOWS\system32\px.dll
2009-12-05 23:41:01 ----D---- C:\WINDOWS\RegisteredPackages
2009-12-05 23:40:27 ----D---- C:\Program Files\Winamp
2009-12-05 23:32:44 ----A---- C:\WINDOWS\wcx_ftp.ini
2009-12-05 21:10:25 ----A---- C:\WINDOWS\system32\h323log.txt
2009-12-05 21:07:17 ----A---- C:\WINDOWS\system32\wshirda.dll
2009-12-05 21:07:17 ----A---- C:\WINDOWS\system32\irmon.dll
2009-12-05 21:07:17 ----A---- C:\WINDOWS\system32\irftp.exe
2009-12-05 21:07:12 ----A---- C:\WINDOWS\system32\ksuser.dll
2009-12-05 21:07:01 ----A---- C:\WINDOWS\system32\hidserv.dll
2009-12-05 21:06:09 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2009-12-05 21:06:09 ----A---- C:\WINDOWS\system32\ati3duag.dll
2009-12-05 21:06:09 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2009-12-05 21:06:08 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2009-12-05 21:06:08 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2009-12-05 21:05:25 ----A---- C:\WINDOWS\system32\usbui.dll
2009-12-05 21:04:22 ----A---- C:\WINDOWS\imsins.BAK
2009-12-05 21:04:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-12-05 21:04:18 ----SHD---- C:\WINDOWS\Installer
2009-12-05 21:04:18 ----A---- C:\WINDOWS\ODBCINST.INI
2009-12-05 21:04:17 ----D---- C:\Program Files\Common Files\ODBC
2009-12-05 21:04:14 ----D---- C:\Program Files\Common Files\SpeechEngines
2009-12-05 21:04:13 ----RD---- C:\Program Files
2009-12-05 21:04:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-12-05 21:04:13 ----D---- C:\Program Files\Common Files
2009-12-05 21:04:10 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2009-12-05 21:04:10 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2009-12-05 21:04:10 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdur.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdru.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2009-12-05 21:04:07 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2009-12-05 21:04:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2009-12-05 21:04:02 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2009-12-05 21:04:02 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2009-12-05 21:04:02 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2009-12-05 21:04:02 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2009-12-05 21:04:02 ----RA---- C:\WINDOWS\system32\kbdest.dll
2009-12-05 21:03:58 ----A---- C:\WINDOWS\system32\kbdsl1.dll
2009-12-05 21:03:58 ----A---- C:\WINDOWS\system32\kbdsl.dll
2009-12-05 21:03:58 ----A---- C:\WINDOWS\system32\kbdro.dll
2009-12-05 21:03:58 ----A---- C:\WINDOWS\system32\kbdpl.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\kbdycl.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\kbdpl1.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\kbdhu1.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\kbdhu.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\kbdcr.dll
2009-12-05 21:03:57 ----A---- C:\WINDOWS\system32\KBDAL.DLL
2009-12-05 21:03:56 ----A---- C:\WINDOWS\system32\spxcoins.dll
2009-12-05 21:03:56 ----A---- C:\WINDOWS\system32\irclass.dll
2009-12-05 21:03:56 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2009-12-05 21:03:56 ----A---- C:\WINDOWS\system32\dgsetup.dll
2009-12-05 21:03:56 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2009-12-05 21:03:53 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2009-12-05 21:03:53 ----A---- C:\WINDOWS\TASKMAN.EXE
2009-12-05 21:03:53 ----A---- C:\WINDOWS\system32\batt.dll
2009-12-05 21:03:52 ----A---- C:\WINDOWS\NOTEPAD.EXE
2009-12-05 21:03:51 ----A---- C:\WINDOWS\system32\storprop.dll
2009-12-05 21:03:44 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2009-12-05 21:03:39 ----RA---- C:\WINDOWS\SET8.tmp
2009-12-05 21:03:37 ----RA---- C:\WINDOWS\SET4.tmp
2009-12-05 21:03:36 ----RA---- C:\WINDOWS\SET3.tmp
2009-12-05 21:03:30 ----D---- C:\WINDOWS\system32\CatRoot2
2009-12-05 21:03:30 ----D---- C:\WINDOWS\system32\CatRoot
2009-12-05 21:03:24 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2009-12-05 21:03:07 ----A---- C:\WINDOWS\setuplog.txt
2009-12-05 21:03:01 ----D---- C:\Documents and Settings
2009-12-05 21:03:00 ----SHD---- C:\System Volume Information
2009-12-05 21:02:11 ----SH---- C:\boot.ini
2009-12-05 20:58:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-12-05 20:58:13 ----RSD---- C:\WINDOWS\Fonts
2009-12-05 20:58:13 ----RD---- C:\WINDOWS\Web
2009-12-05 20:58:13 ----HD---- C:\WINDOWS\inf
2009-12-05 20:58:13 ----D---- C:\WINDOWS\WinSxS
2009-12-05 20:58:13 ----D---- C:\WINDOWS\twain_32
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Temp
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\wins
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\wbem
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\usmt
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\spool
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\ShellExt
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\Setup
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\ras
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\oobe
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\npp
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\mui
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\inetsrv
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\IME
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\icsxml
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\ias
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\export
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\drivers
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\dhcp
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\config
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\3com_dmi
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\3076
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\2052
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1054
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1042
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1041
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1037
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1033
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1031
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1029
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1028
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system32\1025
2009-12-05 20:58:13 ----D---- C:\WINDOWS\system
2009-12-05 20:58:13 ----D---- C:\WINDOWS\security
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Resources
2009-12-05 20:58:13 ----D---- C:\WINDOWS\repair
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Provisioning
2009-12-05 20:58:13 ----D---- C:\WINDOWS\pchealth
2009-12-05 20:58:13 ----D---- C:\WINDOWS\PeerNet
2009-12-05 20:58:13 ----D---- C:\WINDOWS\mui
2009-12-05 20:58:13 ----D---- C:\WINDOWS\msapps
2009-12-05 20:58:13 ----D---- C:\WINDOWS\msagent
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Media
2009-12-05 20:58:13 ----D---- C:\WINDOWS\java
2009-12-05 20:58:13 ----D---- C:\WINDOWS\ime
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Help
2009-12-05 20:58:13 ----D---- C:\WINDOWS\ehome
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Driver Cache
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Debug
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Cursors
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Connection Wizard
2009-12-05 20:58:13 ----D---- C:\WINDOWS\Config
2009-12-05 20:58:13 ----D---- C:\WINDOWS\AppPatch
2009-12-05 20:58:13 ----D---- C:\WINDOWS\addins
2009-12-05 20:56:57 ----RA---- C:\WINDOWS\system32\nvuide.exe
2009-12-05 20:56:57 ----RA---- C:\WINDOWS\system32\NvRaidWizardEnu.dll
2009-12-05 20:56:56 ----RA---- C:\WINDOWS\system32\NvRaidWizard.dll
2009-12-05 20:56:56 ----RA---- C:\WINDOWS\system32\NvRaidSvEnu.dll
2009-12-05 20:56:56 ----RA---- C:\WINDOWS\system32\nvraidservice.exe
2009-12-05 20:56:56 ----RA---- C:\WINDOWS\system32\NvRaidMan.exe
2009-12-05 20:56:56 ----RA---- C:\WINDOWS\system32\NvRaidEnu.dll
2009-12-05 20:56:47 ----A---- C:\WINDOWS\system32\nvraidco.dll
2009-12-05 20:56:33 ----RA---- C:\WINDOWS\system32\idecoi.dll
2009-12-05 20:55:48 ----N---- C:\WINDOWS\avrack.ini
2009-12-05 20:53:21 ----D---- C:\Program Files\Realtek Sound Manager
2009-12-05 20:53:17 ----D---- C:\Program Files\AvRack
2009-12-05 20:53:05 ----A---- C:\WINDOWS\system32\RTLCPAPI.dll
2009-12-05 20:53:04 ----N---- C:\WINDOWS\system32\ChCfg.exe
2009-12-05 20:53:04 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2009-12-05 20:52:57 ----A---- C:\WINDOWS\system32\RTLCPL.EXE
2009-12-05 20:52:44 ----N---- C:\WINDOWS\alcupd.exe
2009-12-05 20:52:44 ----N---- C:\WINDOWS\alcrmv.exe
2009-12-05 20:52:07 ----D---- C:\Program Files\AMD
2009-12-05 20:52:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-05 20:46:54 ----D---- C:\WINDOWS\pss
2009-12-05 20:35:11 ----RA---- C:\WINDOWS\system32\fdco1.dll
2009-12-05 20:33:48 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2009-12-05 20:33:48 ----RA---- C:\WINDOWS\system32\bdco1.dll
2009-12-05 20:33:48 ----A---- C:\WINDOWS\system32\nvunrm.exe
2009-12-05 20:33:46 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2009-12-05 20:33:46 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2009-12-05 20:33:42 ----A---- C:\WINDOWS\system32\nvugart.exe
2009-12-05 20:33:41 ----RA---- C:\WINDOWS\system32\NVCOG.DLL
2009-12-05 20:33:40 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-12-05 20:33:23 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-05 20:26:49 ----D---- C:\Documents and Settings\admin\Data aplikací\ESET
2009-12-05 20:26:03 ----D---- C:\Program Files\ESET
2009-12-05 20:26:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2009-12-05 20:24:07 ----D---- C:\Program Files\Totalcmd
2009-12-05 20:24:07 ----A---- C:\WINDOWS\wincmd.ini
2009-12-05 20:21:16 ----D---- C:\Documents and Settings\admin\Data aplikací\Identities
2009-12-05 20:21:14 ----HD---- C:\Program Files\Uninstall Information
2009-12-05 20:21:08 ----ASH---- C:\Documents and Settings\admin\Data aplikací\desktop.ini
2009-12-05 20:21:07 ----SD---- C:\Documents and Settings\admin\Data aplikací\Microsoft
2009-12-05 20:20:08 ----D---- C:\WINDOWS\SoftwareDistribution
2009-12-05 20:20:06 ----D---- C:\WINDOWS\Prefetch
2009-12-05 20:20:05 ----SD---- C:\WINDOWS\system32\Microsoft
2009-12-05 20:20:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-12-05 20:16:23 ----D---- C:\WINDOWS\system32\xircom
2009-12-05 20:16:23 ----D---- C:\Program Files\xerox
2009-12-05 20:16:23 ----D---- C:\Program Files\microsoft frontpage
2009-12-05 20:16:05 ----A---- C:\WINDOWS\control.ini
2009-12-05 20:16:05 ----A---- C:\AUTOEXEC.BAT
2009-12-05 20:15:50 ----A---- C:\WINDOWS\OEWABLog.txt
2009-12-05 20:15:44 ----A---- C:\WINDOWS\system32\mapi32.dll
2009-12-05 20:14:48 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-12-05 20:14:48 ----RD---- C:\WINDOWS\Offline Web Pages
2009-12-05 20:14:48 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2009-12-05 20:14:40 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2009-12-05 20:14:34 ----HD---- C:\Program Files\WindowsUpdate
2009-12-05 20:14:29 ----D---- C:\Program Files\Online Services
2009-12-05 20:14:11 ----D---- C:\WINDOWS\system32\DirectX
2009-12-05 20:13:50 ----A---- C:\WINDOWS\system32\atrace.dll
2009-12-05 20:13:48 ----A---- C:\WINDOWS\system32\desktop.ini
2009-12-05 20:13:48 ----A---- C:\WINDOWS\desktop.ini
2009-12-05 20:13:41 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2009-12-05 20:13:40 ----D---- C:\Program Files\Common Files\Services
2009-12-05 20:13:40 ----A---- C:\WINDOWS\system32\acctres.dll
2009-12-05 20:13:37 ----SD---- C:\WINDOWS\Tasks
2009-12-05 20:13:37 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2009-12-05 20:13:36 ----D---- C:\Program Files\Common Files\MSSoap
2009-12-05 20:13:32 ----D---- C:\WINDOWS\srchasst
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuweb.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wups.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wucltui.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuauserv.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2009-12-05 20:13:28 ----A---- C:\WINDOWS\system32\wuauclt.exe
2009-12-05 20:13:27 ----A---- C:\WINDOWS\system32\wuapi.dll
2009-12-05 20:13:27 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2009-12-05 20:13:27 ----A---- C:\WINDOWS\system32\qmgr.dll
2009-12-05 20:13:27 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2009-12-05 20:13:27 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2009-12-05 20:13:23 ----D---- C:\Program Files\Movie Maker
2009-12-05 20:13:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2009-12-05 20:13:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2009-12-05 20:13:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2009-12-05 20:13:19 ----A---- C:\WINDOWS\system32\racpldlg.dll
2009-12-05 20:13:16 ----D---- C:\WINDOWS\system32\Restore
2009-12-05 20:13:16 ----A---- C:\WINDOWS\system32\srsvc.dll
2009-12-05 20:13:16 ----A---- C:\WINDOWS\system32\srrstr.dll
2009-12-05 20:13:16 ----A---- C:\WINDOWS\system32\fltMc.exe
2009-12-05 20:13:16 ----A---- C:\WINDOWS\system32\fltlib.dll
2009-12-05 20:13:15 ----A---- C:\WINDOWS\system32\srclient.dll
2009-12-05 20:13:15 ----A---- C:\WINDOWS\system32\mnmdd.dll
2009-12-05 20:13:15 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2009-12-05 20:13:15 ----A---- C:\WINDOWS\system32\ils.dll
2009-12-05 20:13:14 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2009-12-05 20:13:14 ----A---- C:\WINDOWS\system32\msconf.dll
2009-12-05 20:13:14 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2009-12-05 20:13:12 ----D---- C:\Program Files\NetMeeting
2009-12-05 20:13:12 ----A---- C:\WINDOWS\system32\msoert2.dll
2009-12-05 20:13:12 ----A---- C:\WINDOWS\system32\msoeacct.dll
2009-12-05 20:13:11 ----A---- C:\WINDOWS\system32\inetres.dll
2009-12-05 20:13:10 ----A---- C:\WINDOWS\system32\inetcomm.dll
2009-12-05 20:13:09 ----D---- C:\Program Files\Outlook Express
2009-12-05 20:13:09 ----A---- C:\WINDOWS\system32\schedsvc.dll
2009-12-05 20:13:09 ----A---- C:\WINDOWS\system32\mstinit.exe
2009-12-05 20:13:08 ----A---- C:\WINDOWS\system32\mstask.dll
2009-12-05 20:13:08 ----A---- C:\WINDOWS\system32\isign32.dll
2009-12-05 20:13:08 ----A---- C:\WINDOWS\system32\inetcfg.dll
2009-12-05 20:13:08 ----A---- C:\WINDOWS\system32\icwphbk.dll
2009-12-05 20:13:08 ----A---- C:\WINDOWS\system32\icwdial.dll
2009-12-05 20:13:01 ----D---- C:\Program Files\Common Files\System
2009-12-05 20:13:00 ----D---- C:\Program Files\Internet Explorer
2009-12-05 20:12:26 ----D---- C:\Program Files\ComPlus Applications
2009-12-05 20:12:24 ----A---- C:\WINDOWS\vbaddin.ini
2009-12-05 20:12:24 ----A---- C:\WINDOWS\vb.ini
2009-12-05 20:12:18 ----D---- C:\WINDOWS\Registration
2009-12-05 20:12:09 ----D---- C:\Program Files\Windows Media Player
2009-12-05 20:12:03 ----D---- C:\Program Files\Messenger
2009-12-05 20:12:00 ----D---- C:\Program Files\MSN Gaming Zone
2009-12-05 20:12:00 ----A---- C:\WINDOWS\system32\write.exe
2009-12-05 20:11:49 ----A---- C:\WINDOWS\system32\sndvol32.exe
2009-12-05 20:11:49 ----A---- C:\WINDOWS\system32\hticons.dll
2009-12-05 20:11:49 ----A---- C:\WINDOWS\system32\avwav.dll
2009-12-05 20:11:49 ----A---- C:\WINDOWS\system32\avtapi.dll
2009-12-05 20:11:49 ----A---- C:\WINDOWS\system32\avmeter.dll
2009-12-05 20:11:48 ----A---- C:\WINDOWS\system32\winchat.exe
2009-12-05 20:11:41 ----A---- C:\WINDOWS\system32\getuname.dll
2009-12-05 20:11:40 ----A---- C:\WINDOWS\system32\winmine.exe
2009-12-05 20:11:40 ----A---- C:\WINDOWS\system32\sol.exe
2009-12-05 20:11:40 ----A---- C:\WINDOWS\system32\charmap.exe
2009-12-05 20:11:40 ----A---- C:\WINDOWS\system32\calc.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\tslabels.ini
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\tskill.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\reset.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\mshearts.exe
2009-12-05 20:11:39 ----A---- C:\WINDOWS\system32\freecell.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\tscon.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\shadow.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\rwinsta.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\regini.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\qwinsta.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\qappsrv.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\msg.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\logoff.exe
2009-12-05 20:11:38 ----A---- C:\WINDOWS\system32\cdmodem.dll
2009-12-05 20:11:37 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2009-12-05 20:11:37 ----A---- C:\WINDOWS\system32\mtxex.dll
2009-12-05 20:11:37 ----A---- C:\WINDOWS\system32\mtxdm.dll
2009-12-05 20:11:37 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2009-12-05 20:11:37 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2009-12-05 20:11:36 ----A---- C:\WINDOWS\system32\stclient.dll
2009-12-05 20:11:36 ----A---- C:\WINDOWS\system32\comsnap.dll
2009-12-05 20:11:36 ----A---- C:\WINDOWS\system32\comrepl.dll
2009-12-05 20:11:36 ----A---- C:\WINDOWS\system32\comaddin.dll
2009-12-05 20:11:31 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2009-12-05 20:11:30 ----A---- C:\WINDOWS\system32\accwiz.exe
2009-12-05 20:11:29 ----D---- C:\Program Files\Windows NT
2009-12-05 20:11:29 ----A---- C:\WINDOWS\system32\sndrec32.exe
2009-12-05 20:11:29 ----A---- C:\WINDOWS\system32\mplay32.exe
2009-12-05 20:11:29 ----A---- C:\WINDOWS\system32\hypertrm.dll
2009-12-05 20:11:28 ----A---- C:\WINDOWS\system32\spider.exe
2009-12-05 20:11:28 ----A---- C:\WINDOWS\system32\mspaint.exe
2009-12-05 20:11:28 ----A---- C:\WINDOWS\system32\clipbrd.exe
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\sessmgr.exe
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\remotepg.dll
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\rdshost.exe
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\mstscax.dll
2009-12-05 20:11:27 ----A---- C:\WINDOWS\system32\mstsc.exe
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\rdpclip.exe
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\rdchost.dll
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\qprocess.exe
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\icaapi.dll
2009-12-05 20:11:26 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2009-12-05 20:11:25 ----D---- C:\WINDOWS\system32\MsDtc
2009-12-05 20:11:25 ----A---- C:\WINDOWS\system32\xolehlp.dll
2009-12-05 20:11:25 ----A---- C:\WINDOWS\system32\mtxoci.dll
2009-12-05 20:11:25 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2009-12-05 20:11:25 ----A---- C:\WINDOWS\system32\msdtctm.dll
2009-12-05 20:11:25 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2009-12-05 20:11:24 ----D---- C:\WINDOWS\system32\Com
2009-12-05 20:11:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
2009-12-05 20:11:24 ----A---- C:\WINDOWS\system32\msdtc.exe
2009-12-05 20:11:24 ----A---- C:\WINDOWS\system32\colbact.dll
2009-12-05 20:11:24 ----A---- C:\WINDOWS\system32\catsrvps.dll
2009-12-05 20:11:23 ----A---- C:\WINDOWS\system32\comuid.dll
2009-12-05 20:11:23 ----A---- C:\WINDOWS\system32\comsvcs.dll
2009-12-05 20:11:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
2009-12-05 20:11:23 ----A---- C:\WINDOWS\system32\catsrvut.dll
2009-12-05 20:11:23 ----A---- C:\WINDOWS\system32\catsrv.dll
2009-12-05 20:11:22 ----A---- C:\WINDOWS\system32\clbcatq.dll
2009-12-05 20:11:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2009-12-05 20:11:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2009-12-05 20:11:15 ----A---- C:\WINDOWS\system32\licwmi.dll
2009-12-05 20:11:15 ----A---- C:\WINDOWS\system32\cmprops.dll
2009-11-24 17:50:32 ----D---- C:\Program Files\Traffic City 2

======List of files/folders modified in the last 1 months======

2009-12-19 18:20:59 ----A---- C:\WINDOWS\win.ini
2009-12-19 18:20:59 ----A---- C:\WINDOWS\system.ini
2009-12-19 16:23:21 ----D---- C:\WINDOWS
2009-12-19 15:49:14 ----D---- C:\WINDOWS\system32
2009-12-17 23:25:42 ----D---- C:\Temp
2009-12-12 21:10:01 ----D---- C:\Program Files\Fatworld
2009-12-07 21:19:22 ----D---- C:\Temp2
2009-12-06 16:56:44 ----D---- C:\pf
2009-12-06 11:54:48 ----D---- C:\ScanPanel
2009-12-06 03:42:08 ----D---- C:\d
2009-11-28 15:19:21 ----D---- C:\Program Files\ArtMoney

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK8;Ovladač procesoru AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2004-08-11 39424]
R1 easdrv;easdrv; C:\WINDOWS\system32\DRIVERS\easdrv.sys [2007-12-21 30216]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2007-12-21 53768]
R1 hwinterface;hwinterface; C:\WINDOWS\System32\Drivers\hwinterface.sys [2009-12-19 3026]
R2 eamon;EAMON; C:\WINDOWS\system32\DRIVERS\eamon.sys [2007-12-21 39944]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2007-12-21 71176]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-12-22 2304320]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-09-30 3565056]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2005-08-31 20480]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2005-08-31 20480]
R3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2005-10-23 23000]
R3 BTHidEnum;Bluetooth HID Enumerator; C:\WINDOWS\system32\DRIVERS\vbtenum.sys [2005-07-29 11988]
R3 DtvAudio;DtvAudio; C:\WINDOWS\system32\DRIVERS\DtvAudio.sys [2004-06-20 10330]
R3 DtvVideo;DtvVideo; C:\WINDOWS\system32\DRIVERS\DtvVideo.sys [2004-02-26 26730]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2007-12-21 30728]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-10-25 9600]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2004-07-28 33024]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2004-07-28 12928]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 SKYNET;TechniSat DVB-PC TV Star PCI; C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2009-09-11 507408]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD); C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2007-09-05 12212864]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\WINDOWS\system32\DRIVERS\snpstd3.sys [2005-12-08 8718848]
R3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-04 59264]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-03 17024]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2004-10-19 61312]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2005-03-25 82148]
S1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys []
S1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys []
S3 ase647kf;ase647kf; C:\WINDOWS\system32\drivers\ase647kf.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2005-10-23 10068]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-04 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-17 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-04 18944]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2004-08-03 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2001-08-17 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2001-10-24 23808]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-04 59648]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-12-17 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-09-30 602112]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2005-04-06 110592]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-17 14336]
R2 DUMeterSvc;DU Meter Service; C:\Program Files\DU Meter\DUMeterSvc.exe [2007-11-10 1382672]
R2 ekrn;Eset Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2007-12-21 468224]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-09-29 593920]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-12-10 135664]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 EhttpSrv;Eset HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2007-12-21 19200]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

#9 Příspěvek od **Roli** » 19 pro 2009 20:39

Tak že tohle fixni v HJT :

O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: siszyd32.exe

HJT najdeš zde :

C:\Program Files\trend micro\admin

Fix znamená že spustíš HJT Obrázek

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci pod účtem s administrátorským oprávněním a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah vlož sem.

jasanek · #10 Příspěvek od **jasanek** » 19 pro 2009 21:22

ComboFix 09-12-18.03 - admin 19.12.2009 21:11:47.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.704 [GMT 1:00]
Spuštěný z: c:\documents and settings\admin\Plocha\KittyFix.exe
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *disabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\windows\system32\ieuinit.inf
D:\install.exe

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SKYNET
-------\Service_SKYNET

((((((((((((((((((((((((( Soubory vytvořené od 2009-11-19 do 2009-12-19 )))))))))))))))))))))))))))))))
.

2009-12-19 20:04 . 2009-12-19 20:47 -------- d-----w- C:\32788R22FWJFW
2009-12-19 19:10 . 2009-12-19 19:43 -------- d-----w- c:\program files\trend micro
2009-12-19 19:10 . 2009-12-19 19:12 -------- d-----w- C:\rsit
2009-12-19 15:23 . 2009-12-19 15:23 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2009-12-19 11:40 . 2009-12-19 14:07 -------- d-----w- C:\dvbdream
2009-12-19 11:31 . 2009-12-19 11:31 -------- d-----w- c:\program files\DVBViewer TE2
2009-12-19 11:27 . 2004-08-03 21:39 142464 -c--a-w- c:\windows\system32\dllcache\aec.sys
2009-12-19 11:27 . 2004-08-03 21:39 142464 ----a-w- c:\windows\system32\drivers\aec.sys
2009-12-19 11:19 . 2009-12-19 11:19 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 10:58 . 2009-12-19 15:28 -------- d-----w- c:\program files\ProgDVB
2009-12-17 12:47 . 2009-12-17 12:47 -------- d-----w- c:\program files\Lavasoft
2009-12-17 12:47 . 2009-12-17 12:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-17 09:26 . 2004-08-03 22:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2009-12-17 09:26 . 2004-08-03 22:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2009-12-16 11:26 . 2009-12-16 11:26 -------- d-----w- c:\temp\x
2009-12-16 11:10 . 2009-12-17 09:24 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-15 22:48 . 2009-12-15 22:48 -------- d-----w- c:\program files\Panasonic
2009-12-15 22:48 . 2006-02-27 10:45 36864 ----a-w- c:\windows\system32\SDDEVMGR.dll
2009-12-15 22:00 . 2008-10-29 19:25 13576 ----a-w- c:\windows\system32\wnaspi32.dll
2009-12-15 16:19 . 2009-12-15 16:19 61440 ----a-w- c:\windows\1200White.dat
2009-12-15 16:19 . 2009-12-15 16:19 61440 ----a-w- c:\windows\1200Dark.dat
2009-12-15 16:19 . 2009-12-15 16:19 6 ----a-w- c:\windows\1200Expou.dat
2009-12-15 16:19 . 2009-12-15 16:19 3 ----a-w- c:\windows\1200Offsetu.dat
2009-12-15 16:19 . 2009-12-15 16:19 3 ----a-w- c:\windows\1200Gain6.dat
2009-12-12 20:06 . 2009-12-12 20:06 -------- d-sh--w- c:\windows\ftpcache
2009-12-12 19:32 . 2009-12-12 19:32 -------- d-----w- c:\program files\iTV
2009-12-12 14:14 . 2009-12-12 14:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-11 18:43 . 2009-12-11 18:43 -------- d-----w- c:\program files\GetWare
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\windows\XSxS
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Xenocode
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Common Files\Deskshare Shared
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Deskshare
2009-12-11 16:56 . 2009-12-11 16:56 -------- d-----w- c:\program files\Dir2Mht
2009-12-10 18:58 . 2009-12-10 18:58 -------- d-----w- c:\windows\Sun
2009-12-10 18:41 . 2009-12-10 18:42 -------- d-----w- c:\program files\Google
2009-12-08 21:06 . 2009-12-08 21:06 -------- d-----w- c:\program files\ImTOO
2009-12-08 19:33 . 2009-12-08 19:33 -------- d--h--w- c:\windows\PIF
2009-12-08 17:19 . 2009-12-08 17:19 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-08 17:19 . 2009-12-08 17:19 -------- d-----w- c:\windows\system32\languages
2009-12-08 16:54 . 2009-12-08 16:54 -------- d-----w- c:\windows\system32\QuickTime
2009-12-08 16:54 . 2009-12-08 16:54 -------- d-----w- c:\program files\3ivx
2009-12-06 22:04 . 2009-09-29 20:15 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-12-06 22:04 . 2009-12-06 22:05 -------- d-----w- c:\program files\ATI Technologies
2009-12-06 19:56 . 2005-02-25 03:34 22752 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-06 19:56 . 2009-12-06 19:56 -------- d--h--w- c:\windows\$hf_mig$
2009-12-06 19:42 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-12-06 19:42 . 2001-08-17 20:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-12-06 19:39 . 2009-12-06 19:39 -------- d-----w- c:\windows\system32\Lang
2009-12-06 17:31 . 2009-12-06 17:31 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-06 17:28 . 2004-08-17 13:49 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-06 17:27 . 2009-12-08 16:51 -------- d-----w- c:\program files\StarCodec
2009-12-06 14:24 . 2009-12-06 14:32 -------- d-----w- c:\program files\MHDsim2009
2009-12-06 13:49 . 2009-12-06 13:49 -------- d-----w- C:\ATI
2009-12-06 12:45 . 2009-12-06 12:45 -------- d-----w- c:\program files\OpenTTD
2009-12-06 12:43 . 2009-12-06 12:43 -------- d-----w- c:\program files\TTDX
2009-12-06 12:41 . 2009-12-06 12:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-06 12:31 . 2009-12-06 12:44 -------- d-----w- c:\program files\Gibo SMS
2009-12-06 11:48 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-06 11:48 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-06 11:48 . 2001-10-24 11:25 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-06 11:48 . 2001-10-24 11:25 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-12-06 11:45 . 2003-12-07 21:01 368912 ----a-w- c:\windows\system32\vbar332.dll
2009-12-06 11:45 . 2003-12-07 21:01 252176 ----a-w- c:\windows\system32\msrd2x35.dll
2009-12-06 11:45 . 2003-12-07 21:01 1045776 ----a-w- c:\windows\system32\msjet35.dll
2009-12-06 11:45 . 2003-12-07 21:01 24848 ----a-w- c:\windows\system32\msjter35.dll
2009-12-06 11:45 . 2003-12-07 21:01 123664 ----a-w- c:\windows\system32\Msjint35.dll
2009-12-06 11:45 . 2009-12-19 11:31 -------- d-----w- c:\program files\TechniSat DVB
2009-12-06 11:43 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2009-12-06 11:39 . 2007-07-11 15:09 20480 ----a-w- c:\windows\FixCamera.exe
2009-12-06 11:39 . 2005-01-26 14:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2009-12-06 11:39 . 2007-09-28 15:32 344064 ----a-w- c:\windows\vsnp2std.exe
2009-12-06 11:39 . 2007-05-12 10:19 270336 ----a-w- c:\windows\tsnp2std.exe
2009-12-06 11:39 . 2007-01-25 17:48 25472 ----a-w- c:\windows\system32\drivers\sncamd.sys
2009-12-06 11:39 . 2007-09-05 12:48 12212864 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2009-12-06 11:39 . 2007-09-05 14:50 73728 ----a-w- c:\windows\system32\vsnp2std.dll
2009-12-06 11:39 . 2007-02-05 14:25 151552 ----a-w- c:\windows\system32\rsnp2std.dll
2009-12-06 11:39 . 2006-11-16 14:57 77824 ----a-w- c:\windows\system32\csnp2std.dll
2009-12-06 11:39 . 2009-12-06 11:39 -------- d-----w- c:\program files\Common Files\snp2std
2009-12-06 11:37 . 2004-08-17 14:49 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-06 11:37 . 2004-08-17 14:49 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-12-06 11:29 . 2009-12-06 11:29 -------- d-----w- c:\program files\IVT Corporation
2009-12-06 11:28 . 2007-07-20 14:38 81920 ----a-w- c:\windows\amcap.exe
2009-12-06 11:28 . 2005-12-20 13:39 94208 ------w- c:\windows\tsnpstd3.exe
2009-12-06 11:28 . 2005-09-05 14:55 339968 ----a-w- c:\windows\vsnpstd3.exe
2009-12-06 11:28 . 2005-12-08 10:09 8718848 ----a-w- c:\windows\system32\drivers\snpstd3.sys
2009-12-06 11:28 . 2006-03-03 18:58 53248 ----a-w- c:\windows\vsnpstd3.dll
2009-12-06 11:28 . 2006-03-03 18:58 53248 ------w- c:\windows\system32\vsnpstd3.dll
2009-12-06 11:28 . 2005-09-12 16:48 61440 ------w- c:\windows\system32\rsnpstd3.dll
2009-12-06 11:28 . 2004-12-08 17:40 20480 ------w- c:\windows\usnpstd3.exe
2009-12-06 11:28 . 2004-02-16 12:59 61440 ----a-w- c:\windows\system32\csnpstd3.dll
2009-12-06 11:28 . 2009-12-06 11:28 -------- d-----w- c:\program files\Common Files\snpstd3
2009-12-06 11:23 . 2002-08-02 15:04 3329 ----a-w- c:\windows\2K.reg
2009-12-06 11:23 . 2002-08-02 15:04 3323 ----a-w- c:\windows\MeXP.reg
2009-12-06 11:23 . 2002-08-02 15:04 3333 ----a-w- c:\windows\NT4_98.reg
2009-12-06 11:23 . 2001-09-06 19:45 233472 ----a-w- c:\windows\InstIt.exe
2009-12-06 11:23 . 2002-07-23 10:09 477184 ----a-w- c:\windows\mHotkey.exe
2009-12-06 11:23 . 2001-07-02 19:36 24576 ----a-w- c:\windows\HKNTDLL.dll
2009-12-06 11:19 . 2009-12-06 11:20 -------- d-----w- c:\windows\system32\URTTemp
2009-12-06 11:08 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-12-06 10:59 . 2009-12-19 11:22 -------- d-----w- c:\program files\PC-TV
2009-12-06 10:58 . 2004-06-20 08:28 10330 ----a-w- c:\windows\system32\drivers\DtvAudio.sys
2009-12-06 10:58 . 2004-02-26 02:27 26730 ----a-r- c:\windows\system32\drivers\DtvVideo.sys
2009-12-06 10:54 . 2002-04-19 12:52 32768 ----a-w- c:\windows\system32\Remove4010.exe
2009-12-06 10:54 . 2001-06-07 16:56 18120 ----a-w- c:\windows\system32\drivers\AstraPro.sys
2009-12-06 10:54 . 2002-04-19 06:18 167936 ----a-r- c:\windows\A5.dll
2009-12-06 10:54 . 2002-04-19 06:18 167936 ------w- c:\windows\Ausba5.dll
2009-12-06 10:54 . 2002-01-11 03:27 7168 ----a-r- c:\windows\system32\ProMicro.dll
2009-12-06 10:54 . 2001-10-19 08:33 45056 ----a-r- c:\windows\GetKey5.dll
2009-12-06 10:50 . 2009-12-06 10:50 -------- d-----w- C:\My Documents
2009-12-06 10:50 . 2001-01-16 14:21 53248 ------w- c:\windows\system32\hppapml0.dll
2009-12-06 10:50 . 2001-01-16 14:20 61440 ------w- c:\windows\system32\hppapml0.exe
2009-12-06 10:50 . 2001-01-16 14:11 94208 ------w- c:\windows\system32\hppapts0.dll
2009-12-06 10:50 . 2001-01-16 14:10 61440 ------w- c:\windows\system32\hppanet0.exe
2009-12-06 10:50 . 2001-01-08 13:26 73728 ------w- c:\windows\system32\hppadt40.dll
2009-12-06 10:50 . 2001-01-16 14:46 50576 ------w- c:\windows\system32\drivers\hppadt40.sys
2009-12-06 10:50 . 2001-01-16 14:44 17872 ------w- c:\windows\system32\drivers\hppausb0.sys
2009-12-06 10:50 . 2001-01-16 13:43 15792 ------w- c:\windows\system32\drivers\hppaprt0.sys
2009-12-06 10:50 . 2001-01-17 11:38 40960 ------w- c:\windows\system32\hppamon0.dll
2009-12-06 10:50 . 2000-07-31 11:00 317952 ------w- c:\windows\system32\roboex32.dll
2009-12-06 10:50 . 2001-01-05 07:38 58880 ------w- c:\windows\system32\hpdcmon.dll
2009-12-06 10:49 . 2009-12-06 10:49 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-06 10:49 . 2001-08-17 20:47 12928 -c--a-w- c:\windows\system32\dllcache\dot4prt.sys
2009-12-06 10:49 . 2001-08-17 20:47 12928 ----a-w- c:\windows\system32\drivers\Dot4Prt.sys
2009-12-06 10:49 . 2001-10-24 10:43 23808 -c--a-w- c:\windows\system32\dllcache\dot4usb.sys
2009-12-06 10:49 . 2001-10-24 10:43 23808 ----a-w- c:\windows\system32\drivers\Dot4usb.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 11:31 . 2001-10-25 14:00 73416 ----a-w- c:\windows\system32\perfc005.dat
2009-12-19 11:31 . 2001-10-25 14:00 398746 ----a-w- c:\windows\system32\perfh005.dat
2009-12-19 11:29 . 2009-12-05 19:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 20:10 . 2008-10-19 07:31 -------- d-----w- c:\program files\Fatworld
2009-12-08 20:21 . 2009-12-05 19:15 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-08 20:21 . 2009-12-05 19:15 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-08 20:19 . 2009-12-05 19:15 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-06 11:21 . 2009-12-05 19:33 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-05 22:32 . 2009-12-05 19:24 -------- d-----w- c:\program files\Totalcmd
2009-12-05 19:55 . 2009-12-05 19:53 -------- d-----w- c:\program files\AvRack
2009-12-05 19:53 . 2009-12-05 19:53 -------- d-----w- c:\program files\Realtek Sound Manager
2009-12-05 19:52 . 2009-12-05 19:52 -------- d-----w- c:\program files\AMD
2009-12-05 19:26 . 2009-12-05 19:26 -------- d-----w- c:\program files\ESET
2009-12-05 19:16 . 2009-12-05 19:16 -------- d-----w- c:\program files\microsoft frontpage
2009-12-05 19:12 . 2009-12-05 19:12 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-28 14:19 . 2006-10-01 16:35 -------- d-----w- c:\program files\ArtMoney
2009-11-26 18:26 . 2009-11-24 16:50 -------- d-----w- c:\program files\Traffic City 2
2009-09-30 02:20 . 2009-09-30 02:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:10 . 2009-09-30 02:10 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2009-09-30 02:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2009-09-30 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2009-09-30 02:08 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-09-30 02:08 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2009-09-30 02:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2009-09-30 02:07 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 01:46 . 2009-09-30 01:46 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:46 . 2009-09-30 01:46 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2009-09-30 01:30 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2009-09-30 01:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2009-09-30 01:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2009-09-30 01:26 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2007-11-13 2585360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 77824]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
FreeRapid 0.83u1.lnk - c:\documents and settings\admin\Plocha\mash\FreeRapid\frd.exe [2009-12-6 35840]
mHotkey.lnk - c:\windows\mHotkey.exe [2009-12-6 477184]
siszyd32.exe [2004-8-17 33792]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^mHotkey.lnk]
path=c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\mHotkey.lnk
backup=c:\windows\pss\mHotkey.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^siszyd32.exe]
path=c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\siszyd32.exe
backup=c:\windows\pss\siszyd32.exeStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ScanPanel.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ScanPanel.lnk
backup=c:\windows\pss\ScanPanel.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Server4PC.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Server4PC.lnk
backup=c:\windows\pss\Server4PC.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinManager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WinManager.lnk
backup=c:\windows\pss\WinManager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-17 13:49 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2002-07-23 10:09 477184 ----a-w- c:\windows\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-08-16 11:24 167368 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 15:09 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gibo SMS]
2006-12-01 16:23 962560 ----a-w- c:\program files\Gibo SMS\gd\GiboSMS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2007-12-19 14:48 172280 ----a-w- c:\program files\ICQ6\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-09-28 15:32 344064 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2005-09-05 14:55 339968 ----a-w- c:\windows\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-03-14 02:43 83608 ----a-w- c:\program files\Java\jre1.6.0_01\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2007-05-12 10:19 270336 ----a-w- c:\windows\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2005-12-20 13:39 94208 ------w- c:\windows\tsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-06-21 17:14 35328 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe"=
"c:\\Documents and Settings\\admin\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\TechniSat DVB\\bin\\Server4PC.exe"=

R1 easdrv;easdrv;c:\windows\system32\drivers\easdrv.sys [21.12.2007 8:20 30216]
R1 epfwtdi;epfwtdi;c:\windows\system32\drivers\epfwtdi.sys [21.12.2007 8:21 53768]
R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [19.12.2009 16:23 3026]
R2 BthServ;Bluetooth Support Service;c:\windows\system32\svchost.exe -k bthsvcs [17.8.2004 14:49 14336]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [5.12.2009 23:49 1382672]
R2 eamon;EAMON;c:\windows\system32\drivers\eamon.sys [21.12.2007 8:19 39944]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224]
R2 epfw;epfw;c:\windows\system32\drivers\epfw.sys [21.12.2007 8:21 71176]
R3 DtvAudio;DtvAudio;c:\windows\system32\drivers\DtvAudio.sys [6.12.2009 11:58 10330]
R3 DtvVideo;DtvVideo;c:\windows\system32\drivers\DtvVideo.sys [6.12.2009 11:58 26730]
R3 Epfwndis;Eset Personal Firewall;c:\windows\system32\drivers\epfwndis.sys [21.12.2007 8:21 30728]
R3 SNP2STD;USB2.0 PC Camera (SNP2STD);c:\windows\system32\drivers\snp2sxp.sys [6.12.2009 12:39 12212864]
R3 SNPSTD3;USB PC Camera (SNPSTD3);c:\windows\system32\drivers\snpstd3.sys [6.12.2009 12:28 8718848]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 0:07 685816]
S1 Uim_IM;UIM Drive Backup Image Plugin;c:\windows\system32\Drivers\Uim_IM.sys --> c:\windows\system32\Drivers\Uim_IM.sys [?]
S1 UimBus;Universal Image Mounter Controller;c:\windows\system32\DRIVERS\UimBus.sys --> c:\windows\system32\DRIVERS\UimBus.sys [?]
S2 BlueSoleil Hid Service;BlueSoleil Hid Service;c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe [6.4.2005 16:03 110592]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.12.2009 19:41 135664]
S3 BthEnum;Ovladač pro Bluetooth Request Block;c:\windows\system32\drivers\bthenum.sys [5.12.2009 21:07 17024]
S3 BthPan;Bluetooth Device (Personal Area Network);c:\windows\system32\drivers\bthpan.sys [5.12.2009 21:07 100992]
S3 BTHPORT;Ovladač portu Bluetooth;c:\windows\system32\drivers\bthport.sys [5.12.2009 21:07 274304]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth;c:\windows\system32\drivers\bthusb.sys [5.12.2009 21:07 18944]
S3 dot4;Ovladač MS IEEE-1284.4;c:\windows\system32\drivers\Dot4.sys [6.12.2009 11:49 207360]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4;c:\windows\system32\drivers\Dot4Prt.sys [6.12.2009 11:49 12928]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter;c:\windows\system32\drivers\Dot4usb.sys [6.12.2009 11:49 23808]
S3 EhttpSrv;Eset HTTP Server;c:\program files\ESET\ESET Smart Security\EHttpSrv.exe [21.12.2007 8:22 19200]
S3 NdisIP;Microsoft TV/Video Connection;c:\windows\system32\drivers\NdisIP.sys [6.12.2009 12:30 10880]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI);c:\windows\system32\drivers\rfcomm.sys [5.12.2009 21:07 59648]
S3 SLIP;BDA Slip De-Framer;c:\windows\system32\drivers\SLIP.sys [6.12.2009 12:30 11136]
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {D2C71639-133A-49B4-8D7B-81873FBCA642} = 192.168.5.1
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\o4bkulsl.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-Gibo SMS - c:\program files\Gibo SMS\Plugins\Gibo SMS\Uninstall.exe

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-19 21:16:30
ComboFix-quarantined-files.txt 2009-12-19 20:16

Před spuštěním: Volných bajtů: 10 148 491 264
Po spuštění: Volných bajtů: 10 116 841 472

- - End Of File - - 6AE8D1ACC04875617CDD58588BCDD43A

#11 Příspěvek od **Roli** » 19 pro 2009 22:29

Nyní pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:

Kód: Vybrat vše

File::  
c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\siszyd32.exe
c:\windows\pss\siszyd32.exe

Registry::
[-HKLM\~\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^siszyd32.exe]

ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:

Obrázek

po aplikaci na Tebe vypadne další log, dej ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

jasanek · #12 Příspěvek od **jasanek** » 19 pro 2009 22:58

ComboFix 09-12-18.03 - admin 19.12.2009 22:52:01.3.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1023.496 [GMT 1:00]
Spuštěný z: c:\documents and settings\admin\Plocha\KittyFix.exe
Použité ovládací přepínače :: c:\documents and settings\admin\Plocha\CFScript.txt
AV: ESET Smart Security 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

FILE ::
"c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\siszyd32.exe"
"c:\windows\pss\siszyd32.exe"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\siszyd32.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-19 do 2009-12-19 )))))))))))))))))))))))))))))))
.

2009-12-19 21:44 . 2009-12-19 21:44 96256 ----a-w- c:\windows\system32\drivers\sptd1885.sys
2009-12-19 21:43 . 2009-12-19 21:43 -------- d-----w- c:\program files\Common Files\MagicDVDRipper
2009-12-19 20:06 . 2009-12-19 20:16 -------- d-----w- C:\KittyFix
2009-12-19 19:10 . 2009-12-19 19:43 -------- d-----w- c:\program files\trend micro
2009-12-19 19:10 . 2009-12-19 19:12 -------- d-----w- C:\rsit
2009-12-19 15:23 . 2009-12-19 15:23 3026 ----a-w- c:\windows\system32\drivers\hwinterface.sys
2009-12-19 11:40 . 2009-12-19 14:07 -------- d-----w- C:\dvbdream
2009-12-19 11:31 . 2009-12-19 11:31 -------- d-----w- c:\program files\DVBViewer TE2
2009-12-19 11:27 . 2004-08-03 21:39 142464 -c--a-w- c:\windows\system32\dllcache\aec.sys
2009-12-19 11:27 . 2004-08-03 21:39 142464 ------w- c:\windows\system32\drivers\aec.sys
2009-12-19 11:19 . 2009-12-19 11:19 -------- dc----w- c:\windows\system32\DRVSTORE
2009-12-19 10:58 . 2009-12-19 15:28 -------- d-----w- c:\program files\ProgDVB
2009-12-17 12:47 . 2009-12-17 12:47 -------- d-----w- c:\program files\Lavasoft
2009-12-17 12:47 . 2009-12-17 12:47 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-12-17 09:26 . 2004-08-03 22:00 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys
2009-12-17 09:26 . 2004-08-03 22:00 8192 ----a-w- c:\windows\system32\drivers\changer.sys
2009-12-16 11:26 . 2009-12-16 11:26 -------- d-----w- c:\temp\x
2009-12-16 11:10 . 2009-12-17 09:24 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat
2009-12-15 22:48 . 2009-12-15 22:48 -------- d-----w- c:\program files\Panasonic
2009-12-15 22:48 . 2006-02-27 10:45 36864 ----a-w- c:\windows\system32\SDDEVMGR.dll
2009-12-15 22:00 . 2008-10-29 19:25 13576 ----a-w- c:\windows\system32\wnaspi32.dll
2009-12-15 16:19 . 2009-12-15 16:19 61440 ----a-w- c:\windows\1200White.dat
2009-12-15 16:19 . 2009-12-15 16:19 61440 ----a-w- c:\windows\1200Dark.dat
2009-12-15 16:19 . 2009-12-15 16:19 6 ----a-w- c:\windows\1200Expou.dat
2009-12-15 16:19 . 2009-12-15 16:19 3 ----a-w- c:\windows\1200Offsetu.dat
2009-12-15 16:19 . 2009-12-15 16:19 3 ----a-w- c:\windows\1200Gain6.dat
2009-12-12 20:06 . 2009-12-12 20:06 -------- d-sh--w- c:\windows\ftpcache
2009-12-12 19:32 . 2009-12-12 19:32 -------- d-----w- c:\program files\iTV
2009-12-12 14:14 . 2009-12-12 14:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-11 18:43 . 2009-12-11 18:43 -------- d-----w- c:\program files\GetWare
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\windows\XSxS
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Xenocode
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Common Files\Deskshare Shared
2009-12-11 18:36 . 2009-12-11 18:36 -------- d-----w- c:\program files\Deskshare
2009-12-11 16:56 . 2009-12-11 16:56 -------- d-----w- c:\program files\Dir2Mht
2009-12-10 18:58 . 2009-12-10 18:58 -------- d-----w- c:\windows\Sun
2009-12-10 18:41 . 2009-12-10 18:42 -------- d-----w- c:\program files\Google
2009-12-08 21:06 . 2009-12-08 21:06 -------- d-----w- c:\program files\ImTOO
2009-12-08 19:33 . 2009-12-08 19:33 -------- d--h--w- c:\windows\PIF
2009-12-08 17:19 . 2009-12-08 17:19 -------- d-----w- c:\program files\Codec Pack - All In 1
2009-12-08 17:19 . 2009-12-08 17:19 -------- d-----w- c:\windows\system32\languages
2009-12-08 16:54 . 2009-12-08 16:54 -------- d-----w- c:\windows\system32\QuickTime
2009-12-08 16:54 . 2009-12-08 16:54 -------- d-----w- c:\program files\3ivx
2009-12-06 22:04 . 2009-09-29 20:15 593920 ------w- c:\windows\system32\ati2sgag.exe
2009-12-06 22:04 . 2009-12-06 22:05 -------- d-----w- c:\program files\ATI Technologies
2009-12-06 19:56 . 2005-02-25 03:34 22752 ----a-w- c:\windows\system32\spupdsvc.exe
2009-12-06 19:56 . 2009-12-06 19:56 -------- d--h--w- c:\windows\$hf_mig$
2009-12-06 19:42 . 2001-08-17 20:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-12-06 19:42 . 2001-08-17 20:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-12-06 19:39 . 2009-12-06 19:39 -------- d-----w- c:\windows\system32\Lang
2009-12-06 17:31 . 2009-12-06 17:31 0 ----a-w- c:\windows\ativpsrm.bin
2009-12-06 17:28 . 2004-08-17 13:49 221184 ----a-w- c:\windows\system32\wmpns.dll
2009-12-06 17:27 . 2009-12-08 16:51 -------- d-----w- c:\program files\StarCodec
2009-12-06 14:24 . 2009-12-06 14:32 -------- d-----w- c:\program files\MHDsim2009
2009-12-06 13:49 . 2009-12-06 13:49 -------- d-----w- C:\ATI
2009-12-06 12:45 . 2009-12-06 12:45 -------- d-----w- c:\program files\OpenTTD
2009-12-06 12:43 . 2009-12-06 12:43 -------- d-----w- c:\program files\TTDX
2009-12-06 12:41 . 2009-12-06 12:41 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-12-06 12:31 . 2009-12-06 12:44 -------- d-----w- c:\program files\Gibo SMS
2009-12-06 11:48 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-06 11:48 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-06 11:48 . 2001-10-24 11:25 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll
2009-12-06 11:48 . 2001-10-24 11:25 87040 ----a-w- c:\windows\system32\wiafbdrv.dll
2009-12-06 11:45 . 2003-12-07 21:01 368912 ----a-w- c:\windows\system32\vbar332.dll
2009-12-06 11:45 . 2003-12-07 21:01 252176 ----a-w- c:\windows\system32\msrd2x35.dll
2009-12-06 11:45 . 2003-12-07 21:01 1045776 ----a-w- c:\windows\system32\msjet35.dll
2009-12-06 11:45 . 2003-12-07 21:01 24848 ----a-w- c:\windows\system32\msjter35.dll
2009-12-06 11:45 . 2003-12-07 21:01 123664 ----a-w- c:\windows\system32\Msjint35.dll
2009-12-06 11:45 . 2009-12-19 11:31 -------- d-----w- c:\program files\TechniSat DVB
2009-12-06 11:43 . 2009-09-11 06:47 507408 ----a-w- c:\windows\system32\drivers\SkyNET.sys
2009-12-06 11:39 . 2007-07-11 15:09 20480 ----a-w- c:\windows\FixCamera.exe
2009-12-06 11:39 . 2005-01-26 14:45 349472 ----a-w- c:\windows\WindowsXP-KB822603-x86.exe
2009-12-06 11:39 . 2007-09-28 15:32 344064 ----a-w- c:\windows\vsnp2std.exe
2009-12-06 11:39 . 2007-05-12 10:19 270336 ----a-w- c:\windows\tsnp2std.exe
2009-12-06 11:39 . 2007-01-25 17:48 25472 ----a-w- c:\windows\system32\drivers\sncamd.sys
2009-12-06 11:39 . 2007-09-05 12:48 12212864 ----a-w- c:\windows\system32\drivers\snp2sxp.sys
2009-12-06 11:39 . 2007-09-05 14:50 73728 ----a-w- c:\windows\system32\vsnp2std.dll
2009-12-06 11:39 . 2007-02-05 14:25 151552 ----a-w- c:\windows\system32\rsnp2std.dll
2009-12-06 11:39 . 2006-11-16 14:57 77824 ----a-w- c:\windows\system32\csnp2std.dll
2009-12-06 11:39 . 2009-12-06 11:39 -------- d-----w- c:\program files\Common Files\snp2std
2009-12-06 11:37 . 2004-08-17 14:49 54272 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-12-06 11:37 . 2004-08-17 14:49 54272 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-12-06 11:29 . 2009-12-06 11:29 -------- d-----w- c:\program files\IVT Corporation
2009-12-06 11:28 . 2007-07-20 14:38 81920 ----a-w- c:\windows\amcap.exe
2009-12-06 11:28 . 2005-12-20 13:39 94208 ------w- c:\windows\tsnpstd3.exe
2009-12-06 11:28 . 2005-09-05 14:55 339968 ----a-w- c:\windows\vsnpstd3.exe
2009-12-06 11:28 . 2005-12-08 10:09 8718848 ----a-w- c:\windows\system32\drivers\snpstd3.sys
2009-12-06 11:28 . 2006-03-03 18:58 53248 ----a-w- c:\windows\vsnpstd3.dll
2009-12-06 11:28 . 2006-03-03 18:58 53248 ------w- c:\windows\system32\vsnpstd3.dll
2009-12-06 11:28 . 2005-09-12 16:48 61440 ------w- c:\windows\system32\rsnpstd3.dll
2009-12-06 11:28 . 2004-12-08 17:40 20480 ------w- c:\windows\usnpstd3.exe
2009-12-06 11:28 . 2004-02-16 12:59 61440 ----a-w- c:\windows\system32\csnpstd3.dll
2009-12-06 11:28 . 2009-12-06 11:28 -------- d-----w- c:\program files\Common Files\snpstd3
2009-12-06 11:23 . 2002-08-02 15:04 3329 ----a-w- c:\windows\2K.reg
2009-12-06 11:23 . 2002-08-02 15:04 3323 ----a-w- c:\windows\MeXP.reg
2009-12-06 11:23 . 2002-08-02 15:04 3333 ----a-w- c:\windows\NT4_98.reg
2009-12-06 11:23 . 2001-09-06 19:45 233472 ----a-w- c:\windows\InstIt.exe
2009-12-06 11:23 . 2002-07-23 10:09 477184 ----a-w- c:\windows\mHotkey.exe
2009-12-06 11:23 . 2001-07-02 19:36 24576 ----a-w- c:\windows\HKNTDLL.dll
2009-12-06 11:19 . 2009-12-06 11:20 -------- d-----w- c:\windows\system32\URTTemp
2009-12-06 11:08 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-12-06 10:59 . 2009-12-19 11:22 -------- d-----w- c:\program files\PC-TV
2009-12-06 10:58 . 2004-06-20 08:28 10330 ----a-w- c:\windows\system32\drivers\DtvAudio.sys
2009-12-06 10:58 . 2004-02-26 02:27 26730 ----a-r- c:\windows\system32\drivers\DtvVideo.sys
2009-12-06 10:54 . 2002-04-19 12:52 32768 ----a-w- c:\windows\system32\Remove4010.exe
2009-12-06 10:54 . 2001-06-07 16:56 18120 ----a-w- c:\windows\system32\drivers\AstraPro.sys
2009-12-06 10:54 . 2002-04-19 06:18 167936 ----a-r- c:\windows\A5.dll
2009-12-06 10:54 . 2002-04-19 06:18 167936 ------w- c:\windows\Ausba5.dll
2009-12-06 10:54 . 2002-01-11 03:27 7168 ----a-r- c:\windows\system32\ProMicro.dll
2009-12-06 10:54 . 2001-10-19 08:33 45056 ----a-r- c:\windows\GetKey5.dll
2009-12-06 10:50 . 2009-12-06 10:50 -------- d-----w- C:\My Documents
2009-12-06 10:50 . 2001-01-16 14:21 53248 ------w- c:\windows\system32\hppapml0.dll
2009-12-06 10:50 . 2001-01-16 14:20 61440 ------w- c:\windows\system32\hppapml0.exe
2009-12-06 10:50 . 2001-01-16 14:11 94208 ------w- c:\windows\system32\hppapts0.dll
2009-12-06 10:50 . 2001-01-16 14:10 61440 ------w- c:\windows\system32\hppanet0.exe
2009-12-06 10:50 . 2001-01-08 13:26 73728 ------w- c:\windows\system32\hppadt40.dll
2009-12-06 10:50 . 2001-01-16 14:46 50576 ------w- c:\windows\system32\drivers\hppadt40.sys
2009-12-06 10:50 . 2001-01-16 14:44 17872 ------w- c:\windows\system32\drivers\hppausb0.sys
2009-12-06 10:50 . 2001-01-16 13:43 15792 ------w- c:\windows\system32\drivers\hppaprt0.sys
2009-12-06 10:50 . 2001-01-17 11:38 40960 ------w- c:\windows\system32\hppamon0.dll
2009-12-06 10:50 . 2000-07-31 11:00 317952 ------w- c:\windows\system32\roboex32.dll
2009-12-06 10:50 . 2001-01-05 07:38 58880 ------w- c:\windows\system32\hpdcmon.dll
2009-12-06 10:49 . 2009-12-06 10:49 -------- d-----w- c:\program files\Hewlett-Packard
2009-12-06 10:49 . 2001-08-17 20:47 12928 -c--a-w- c:\windows\system32\dllcache\dot4prt.sys
2009-12-06 10:49 . 2001-08-17 20:47 12928 ----a-w- c:\windows\system32\drivers\Dot4Prt.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-19 11:31 . 2001-10-25 14:00 73416 ----a-w- c:\windows\system32\perfc005.dat
2009-12-19 11:31 . 2001-10-25 14:00 398746 ----a-w- c:\windows\system32\perfh005.dat
2009-12-19 11:29 . 2009-12-05 19:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-12 20:10 . 2008-10-19 07:31 -------- d-----w- c:\program files\Fatworld
2009-12-08 20:21 . 2009-12-05 19:15 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-12-08 20:21 . 2009-12-05 19:15 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2009-12-08 20:19 . 2009-12-05 19:15 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2009-12-06 11:21 . 2009-12-05 19:33 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-05 22:32 . 2009-12-05 19:24 -------- d-----w- c:\program files\Totalcmd
2009-12-05 19:55 . 2009-12-05 19:53 -------- d-----w- c:\program files\AvRack
2009-12-05 19:53 . 2009-12-05 19:53 -------- d-----w- c:\program files\Realtek Sound Manager
2009-12-05 19:52 . 2009-12-05 19:52 -------- d-----w- c:\program files\AMD
2009-12-05 19:26 . 2009-12-05 19:26 -------- d-----w- c:\program files\ESET
2009-12-05 19:16 . 2009-12-05 19:16 -------- d-----w- c:\program files\microsoft frontpage
2009-12-05 19:12 . 2009-12-05 19:12 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2009-11-28 14:19 . 2006-10-01 16:35 -------- d-----w- c:\program files\ArtMoney
2009-11-26 18:26 . 2009-11-24 16:50 -------- d-----w- c:\program files\Traffic City 2
2009-09-30 02:20 . 2009-09-30 02:20 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2009-09-30 02:10 . 2009-09-30 02:10 204800 ----a-w- c:\windows\system32\atipdlxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\Oemdspif.dll
2009-09-30 02:10 . 2009-09-30 02:10 26112 ----a-w- c:\windows\system32\Ati2mdxx.exe
2009-09-30 02:10 . 2009-09-30 02:10 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2009-09-30 02:10 . 2009-09-30 02:10 155648 ----a-w- c:\windows\system32\ati2evxx.dll
2009-09-30 02:08 . 2009-09-30 02:08 602112 ----a-w- c:\windows\system32\ati2evxx.exe
2009-09-30 02:08 . 2009-09-30 02:08 307200 ----a-w- c:\windows\system32\atiiiexx.dll
2009-09-30 02:07 . 2009-09-30 02:07 53248 ----a-w- c:\windows\system32\ATIDDC.DLL
2009-09-30 02:07 . 2009-09-30 02:07 11845632 ----a-w- c:\windows\system32\atioglxx.dll
2009-09-30 01:46 . 2009-09-30 01:46 887724 ----a-w- c:\windows\system32\ativva6x.dat
2009-09-30 01:46 . 2009-09-30 01:46 3107788 ----a-w- c:\windows\system32\ativva5x.dat
2009-09-30 01:34 . 2009-09-30 01:34 49664 ----a-w- c:\windows\system32\amdpcom32.dll
2009-09-30 01:30 . 2009-09-30 01:30 475136 ----a-w- c:\windows\system32\atikvmag.dll
2009-09-30 01:28 . 2009-09-30 01:28 126976 ----a-w- c:\windows\system32\atiadlxx.dll
2009-09-30 01:28 . 2009-09-30 01:28 17408 ----a-w- c:\windows\system32\atitvo32.dll
2009-09-30 01:27 . 2009-09-30 01:27 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalrt.dll
2009-09-30 01:27 . 2009-09-30 01:27 45056 ----a-w- c:\windows\system32\aticalcl.dll
2009-09-30 01:26 . 2009-09-30 01:26 290816 ----a-w- c:\windows\system32\atiok3x2.dll
2009-09-30 01:26 . 2009-09-30 01:26 3227648 ----a-w- c:\windows\system32\aticaldd.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-12-19_20.15.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-12-05 23:07 . 2009-12-19 21:44 642560 c:\windows\system32\drivers\sptd.sys
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DU Meter"="c:\program files\DU Meter\DUMeter.exe" [2007-11-13 2585360]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2007-12-21 1443072]
"SoundMan"="SOUNDMAN.EXE" [2004-12-22 77824]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2004-06-11 83968]

c:\documents and settings\admin\Nabˇdka Start\Programy\Po spuçtŘnˇ\
FreeRapid 0.83u1.lnk - c:\documents and settings\admin\Plocha\mash\FreeRapid\frd.exe [2009-12-6 35840]
mHotkey.lnk - c:\windows\mHotkey.exe [2009-12-6 477184]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^admin^Nabídka Start^Programy^Po spuštění^mHotkey.lnk]
path=c:\documents and settings\admin\Nabídka Start\Programy\Po spuštění\mHotkey.lnk
backup=c:\windows\pss\mHotkey.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^ScanPanel.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\ScanPanel.lnk
backup=c:\windows\pss\ScanPanel.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Server4PC.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Server4PC.lnk
backup=c:\windows\pss\Server4PC.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinManager.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\WinManager.lnk
backup=c:\windows\pss\WinManager.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-09-04 11:08 935288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-10-03 03:08 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2004-08-17 13:49 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CHotkey]
2002-07-23 10:09 477184 ----a-w- c:\windows\mHotkey.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
2007-08-16 11:24 167368 ----a-w- c:\program files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FixCamera]
2007-07-11 15:09 20480 ----a-w- c:\windows\FixCamera.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gibo SMS]
2006-12-01 16:23 962560 ----a-w- c:\program files\Gibo SMS\gd\GiboSMS.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2007-12-19 14:48 172280 ----a-w- c:\program files\ICQ6\ICQ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2std]
2007-09-28 15:32 344064 ----a-w- c:\windows\vsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2005-09-05 14:55 339968 ----a-w- c:\windows\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-03-14 02:43 83608 ----a-w- c:\program files\Java\jre1.6.0_01\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnp2std]
2007-05-12 10:19 270336 ----a-w- c:\windows\tsnp2std.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tsnpstd3]
2005-12-20 13:39 94208 ------w- c:\windows\tsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2006-06-21 17:14 35328 ----a-w- c:\program files\Winamp\winampa.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\GetWare\\WebCam Live\\WebCam.exe"=
"c:\\Documents and Settings\\admin\\Data aplikací\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\TechniSat DVB\\bin\\Server4PC.exe"=

R1 hwinterface;hwinterface;c:\windows\system32\drivers\hwinterface.sys [19.12.2009 16:23 3026]
R2 DUMeterSvc;DU Meter Service;c:\program files\DU Meter\DUMeterSvc.exe [5.12.2009 23:49 1382672]
R2 ekrn;Eset Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [21.12.2007 8:21 468224]
R3 DtvAudio;DtvAudio;c:\windows\system32\drivers\DtvAudio.sys [6.12.2009 11:58 10330]
R3 DtvVideo;DtvVideo;c:\windows\system32\drivers\DtvVideo.sys [6.12.2009 11:58 26730]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6.12.2009 0:07 642560]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.12.2009 19:41 135664]
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {D2C71639-133A-49B4-8D7B-81873FBCA642} = 192.168.5.1
FF - ProfilePath - c:\documents and settings\admin\Data aplikací\Mozilla\Firefox\Profiles\o4bkulsl.default\
FF - prefs.js: browser.search.selectedEngine - Wikipedie (cs)
FF - prefs.js: browser.startup.homepage -
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-19 22:55
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DUMeterSvc]
"ImagePath"="c:\program files\DU Meter\DUMeterSvc.exe /startedbyscm:E1F6D4BE-40E33354-DUMeterService"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(1048)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-12-19 22:56:18
ComboFix-quarantined-files.txt 2009-12-19 21:56
ComboFix2.txt 2009-12-19 20:16

Před spuštěním: 7 398 834 176
Po spuštění: 7 798 562 816

- - End Of File - - 61EB0BA75FE87B6C2C1809802BC4F7FC

jasanek · #13 Příspěvek od **jasanek** » 20 pro 2009 04:11

Ještě bych měl jeden dotaz. Když chci spustit Daemona napíše mi toto: "virtual scsi driver not detected" nevěděli byste co s tím. Díky.

#14 Příspěvek od **Roli** » 20 pro 2009 17:03

Nyní přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.

Na opravu Daemona,

stáhni Defogger a spusť ho

jsou tam dvě tlačítka :

Disable - pro vypnutí

Re-enable - pro zapnutí

Obrázek

Zkus nejdříve službu vypnout >> restart PC

pak ji opět přes Defogger zapni >> a znovu restart PC.

Mělo by to zabrat.

Pak dej vědět jestli je ještě nejaký problém s PC.

jasanek · #15 Příspěvek od **jasanek** » 20 pro 2009 18:07

Pomohlo a vše se zdá být už OK. Díky moc.

VIRY.CZ

Wigon.MM a siszyd32.exe prosím o pomoc

Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM prosímo pomoc

Re: Wigon.MM prosímo pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc

Re: Wigon.MM a siszyd32.exe prosím o pomoc