100% vytížení procesoru,zavirovaný pc

Zpráva

amater1 · #1 Příspěvek od **amater1** » 27 úno 2010 00:07

Ahoj,mám zavirovaný pc a procesor jede na 100% ..Když mi antivir našel první viry tak sem je přesunul do truhly a od té doby jede procesor na 100 %..Nemužu se ani dostat k programu abych odstranil viry.. Počítač se mi nepodařilo spustit ani v nouzovém režimu..
Prosím pomožte..Přikládám log ..

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:34:07, on 1.1.2003
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\ICQ6Toolbar\ICQ Service.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\ICQ6.5\ICQ.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Documents and Settings\Marek\Nabídka Start\Programy\Po spuštění\etmin.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Marek\Plocha\Nová složka\hijackthis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com?o=14780&l=dis
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QIPBHO - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: etmin.exe
O4 - Startup: winesm32.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} (HidInputMonitorX Control) - file://C:\Documents and Settings\iveta\Dokumenty\Filmy\Disc_2009-02-21_-_01\components\hidinputmonitorx.ocx
O16 - DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} (A9Helper.A9) - file://C:\Documents and Settings\iveta\Dokumenty\Filmy\Disc_2009-02-21_-_01\components\A9.ocx
O16 - DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} (WMVHDRatingCtrl Class) - file://C:\Documents and Settings\iveta\Dokumenty\Filmy\Disc_2009-02-21_-_01\components\wmvhdrating.ocx
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/G ... meHost.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{27CFA719-DBC2-4A81-BE5D-32F6457AF4AF}: NameServer = 85.255.116.46,85.255.112.93
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.46 85.255.112.93
O17 - HKLM\System\CS1\Services\Tcpip\..\{27CFA719-DBC2-4A81-BE5D-32F6457AF4AF}: NameServer = 85.255.116.46,85.255.112.93
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.46 85.255.112.93
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - Unknown owner - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Sukoku Service - Unknown owner - C:\Documents and Settings\All Users\Data aplikací\Sukoku\sukoku119.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9774 bytes

Unlimited_Killer

Dobré ráno.

1) ComboFix

Stáhněte a uložte na Plochu ComboFix.
Ještě před spuštěním vypněte rezidentní štít antiviru, či antispywaru.
Spusťte ho s administrátorským oprávněním.
Po spuštění se Vám zobrazí licenční podmínky, klikněte na 'Ano'.
Budete také dotázáni na instalaci konzole pro zotavení, taktéž klikněte na 'Ano'.
Celý sken bude trvat tak 5-10 minut, v závislosti na tom, kolika soubory se bude CF prodírat.
Váš PC bude pravděpodobně restartován, tak se toho nelekněte.
Než úplně skončí sken, nic nedělejte, hlavně neklikejte do spuštěného okna s ComboFixem.
Po skončení skenu (či následném restartu) na Vás 'vypadne' log, který vkopírujete ve formě textu sem.
Pokud žádný log 'nevypadne', naleznete jej v umístění C:\ComboFix.txt

amater1 · #3 Příspěvek od **amater1** » 27 úno 2010 12:23

Ještě před startem pc se mi ukaže floppy disk (s) fail (40) ..A musím zmáčknout f1 abych spustil windows ..

ComboFix 10-02-26.03 - jUMpe´R 01.01.2003 20:28:22.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1279.860 [GMT 1:00]
Spuštěný z: c:\documents and settings\jUMpe´R\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100202-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Internet Saving Optimizer
c:\program files\Internet Saving Optimizer\3.7.0.4550\Data\config.md
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFAddOn.xpt
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\components\NPFFHelperComponent.js
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome.manifest
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.js
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\content\NPAddOn.xul
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\chrome\NPAddOn.jar
c:\program files\Internet Saving Optimizer\3.7.0.4550\FF\install.rdf
c:\program files\Internet Saving Optimizer\3.7.0.4550\NPIEAddOn.dll
c:\program files\Internet Saving Optimizer\3.7.0.4550\unins000.dat
c:\program files\Internet Saving Optimizer\3.7.0.4550\unins000.exe
c:\windows\$NtUninstallKB951748$\6to4svc.dll
c:\windows\system32\ieuinit.inf
c:\windows\system32\tmp69.tmp
c:\windows\UA000106.DLL

Nakažená kopie c:\windows\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ServicePackFiles\i386\msgsvc.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2002-12-01 do 2003-01-01 )))))))))))))))))))))))))))))))
.

2010-01-26 17:01 . 2010-01-26 17:01 -------- d-----w- c:\program files\Ventrilo
2010-01-16 02:46 . 2010-01-16 02:46 -------- d-----w- c:\program files\The Creative Assembly
2010-01-03 07:18 . 2002-12-31 23:32 -------- d-----w- c:\program files\GameSpy Arcade
2010-01-03 06:57 . 2010-01-03 06:57 -------- d-----w- c:\program files\Elaborate Bytes
2009-12-21 09:36 . 2009-02-04 13:17 90112 ----a-r- c:\windows\system32\CNC550O.dll
2009-12-21 09:36 . 2009-03-19 13:38 303104 ----a-w- c:\windows\system32\CNC550L.dll
2009-12-21 09:36 . 2009-03-13 08:31 1310720 ----a-w- c:\windows\system32\CNC550C.dll
2009-12-21 09:36 . 2009-03-13 08:31 110592 ----a-w- c:\windows\system32\CNC550I.dll
2009-12-21 09:36 . 2009-03-13 08:27 106496 ----a-w- c:\windows\system32\CNC550U.dll
2009-12-21 09:36 . 2008-08-25 17:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2009-12-21 09:36 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-21 09:36 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-26 10:02 . 2009-11-26 10:03 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\animations
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\stick figures
2009-10-02 10:37 . 2009-10-02 10:37 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-09-27 12:52 . 2010-01-03 07:00 -------- d-----w- c:\program files\Activision
2009-09-27 12:47 . 2009-09-27 12:47 -------- d-sh--w- c:\windows\ftpcache
2009-09-26 09:25 . 2009-09-26 09:25 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 16:22 . 2009-09-04 16:22 -------- d-----w- c:\program files\Sierra Entertainment
2009-08-24 05:24 . 2009-08-24 05:24 -------- d-----w- c:\program files\DoubleD
2009-08-21 10:24 . 2009-08-21 10:24 -------- d-----w- c:\windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2009-08-17 11:09 . 2004-08-17 13:49 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-08-17 11:09 . 2004-08-17 13:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-07-30 22:16 . 2009-10-05 08:54 -------- d-----w- C:\Download
2009-07-19 23:53 . 2002-12-31 23:24 -------- d-----w- c:\program files\Zoner
2009-07-11 12:18 . 2010-01-21 07:52 -------- d-----w- c:\program files\VDOWNLOADER
2009-07-11 12:15 . 2001-08-18 04:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-07-08 12:04 . 2009-12-24 14:21 -------- d-----w- c:\program files\MediaManager
2009-07-02 13:44 . 2009-07-02 13:44 -------- d-----w- c:\windows\system32\AGEIA
2009-07-02 13:31 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-07-02 13:31 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-07-02 13:31 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-07-02 13:31 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-05-25 12:16 . 2009-05-25 12:16 134312 ----a-w- c:\windows\system32\ElbyVCD.dll
2009-05-25 12:01 . 2009-05-25 12:01 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll
2009-05-22 23:08 . 2009-05-22 23:08 29696 ----a-w- c:\windows\system32\drivers\VClone.sys
2009-04-29 17:02 . 2009-04-29 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-29 17:02 . 2009-05-03 08:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-29 17:02 . 2009-05-03 08:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-29 17:02 . 2009-04-29 17:02 -------- d-----w- c:\program files\OpenAL
2009-04-09 08:39 . 2009-04-09 08:39 -------- d-----w- c:\program files\Alcohol Soft
2009-03-21 01:46 . 2009-03-21 01:46 -------- d-----w- c:\program files\own3d
2009-03-20 18:16 . 1998-11-18 15:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2009-03-20 18:16 . 1997-06-13 07:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2009-03-20 18:16 . 2009-03-20 18:16 -------- d-----w- c:\program files\Intel
2009-03-20 18:13 . 2009-03-20 18:13 -------- d-----w- c:\windows\system32\windows media
2009-03-20 18:13 . 2009-03-20 18:13 -------- d--h--w- c:\windows\msdownld.tmp
2009-03-09 15:09 . 2009-03-09 15:09 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-03-08 00:32 . 2009-03-08 00:32 -------- d-----w- c:\program files\Apple Software Update
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32f.dll
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32.dll
2009-03-08 00:27 . 2003-07-16 18:09 626688 ----a-w- c:\windows\system32\xvid.dll
2009-03-08 00:27 . 2009-03-08 00:29 -------- d-----w- c:\program files\MPEG4 Direct Maker
2009-02-21 10:35 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2009-02-21 08:57 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-02-21 08:57 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll
2009-02-21 08:57 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll
2009-02-21 08:57 . 2009-03-08 17:54 -------- d-----w- c:\windows\system32\MAGIX
2009-02-21 08:57 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2009-02-17 17:11 . 2009-02-17 17:11 24232 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2009-02-03 09:55 . 2009-04-04 10:15 -------- d-----w- c:\program files\Kopie - Wolfenstein - Enemy Territory
2009-02-01 23:41 . 2009-02-21 09:57 -------- d-----w- c:\program files\Sony
2009-02-01 23:21 . 2009-02-01 23:21 -------- d-----w- c:\program files\MSBuild
2009-02-01 23:17 . 2009-02-01 23:17 -------- d-----w- c:\windows\system32\XPSViewer
2009-02-01 23:16 . 2009-02-01 23:16 -------- d-----w- c:\program files\Reference Assemblies
2009-02-01 23:16 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-02-01 23:16 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-02-01 22:08 . 2009-08-20 20:39 -------- d-----w- c:\program files\Ulead Systems
2009-02-01 22:08 . 2009-03-21 15:23 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-01-30 01:37 . 2009-01-30 01:37 -------- d-----w- c:\program files\DebugMode
2009-01-25 21:42 . 2009-12-21 16:37 -------- d-----w- c:\program files\ICQ6.5
2009-01-25 16:33 . 2010-01-15 17:49 -------- d-----w- c:\documents and settings\iveta
2009-01-25 16:16 . 2009-03-04 10:43 -------- d-----w- c:\program files\ICQ6Toolbar
2009-01-16 16:24 . 2009-01-16 16:24 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-01-15 22:05 . 2009-01-15 22:05 -------- d-----w- C:\found.000
2008-12-31 22:48 . 2008-12-31 22:48 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2008-12-31 21:47 . 2008-12-31 21:47 45 ---h--w- c:\windows\dsez1009.dat
2008-12-21 21:00 . 2010-01-26 17:00 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2008-12-19 15:39 . 2008-12-19 15:39 81920 ----a-w- c:\windows\system32\frapsvid.dll
2008-12-04 07:28 . 2008-12-04 07:28 24344 ----a-w- c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 . 2008-11-26 06:55 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 . 2008-11-25 06:38 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2008-11-19 20:21 . 2008-11-19 20:22 -------- d-----w- c:\windows\system32\NtmsData
2008-11-15 13:24 . 2003-01-01 01:58 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2008-11-15 13:24 . 2009-09-30 09:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-11-15 13:24 . 2003-01-01 01:58 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2008-11-15 12:48 . 2008-11-15 17:38 674600 ----a-w- c:\windows\system32\pbsvc.exe
2008-11-15 10:09 . 2008-07-10 13:56 107864 ----a-w- c:\windows\system32\tsccvid.dll
2008-10-22 14:16 . 2008-10-22 14:16 -------- d-----w- c:\program files\Common Files\InterVideo
2008-10-22 14:14 . 2008-10-22 14:14 -------- d-----w- c:\program files\Windows Media Components
2008-10-22 12:54 . 2009-02-02 10:58 -------- d-----w- c:\program files\Sony Setup
2008-10-22 10:40 . 2008-10-22 10:43 -------- d-----w- c:\program files\Common Files\Nero
2008-10-22 10:40 . 2008-10-22 10:40 -------- d-----w- c:\program files\Nero
2008-10-21 12:41 . 2008-10-21 12:41 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2008-10-21 12:23 . 2008-10-21 12:23 -------- d-----w- c:\program files\SmartSound Software
2008-10-21 12:22 . 2004-07-02 14:28 89088 ----a-w- c:\windows\system32\atl71.dll
2008-10-21 12:22 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2008-10-21 12:18 . 2005-02-09 10:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2008-10-13 17:08 . 2008-10-13 17:08 -------- d-----w- c:\windows\SxsCaPendDel
2008-10-13 17:07 . 2003-05-21 22:50 344064 ----a-w- c:\windows\system32\msvcr70.dll
2008-10-13 17:07 . 2003-03-26 04:58 487424 ----a-w- c:\windows\system32\MSVCP70.DLL
2008-10-13 17:07 . 2002-01-05 13:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2008-10-13 17:07 . 2003-05-22 11:26 638976 ----a-w- c:\windows\system32\divx.dll
2008-10-13 17:07 . 2003-05-21 22:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2008-10-13 17:07 . 2003-05-21 22:50 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2008-10-13 17:07 . 2002-08-19 23:41 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2008-10-13 17:07 . 2008-10-13 11:01 -------- d-----w- c:\program files\Common Files\AVSMedia

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-25 01:34 . 2001-10-25 14:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 01:34 . 2001-10-25 14:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2009-03-20 18:10 . 2008-07-31 18:26 -------- d-----w- c:\program files\Common Files\InstallShield
2009-02-21 08:58 . 2009-02-21 08:58 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2008-08-10 14:05 . 2008-08-10 14:05 -------- d-----w- c:\program files\Common Files\LogiShared
2008-08-10 14:05 . 2008-08-10 14:05 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2008-08-10 14:05 . 2008-08-10 13:55 -------- d-----w- c:\program files\Logitech
2008-08-10 14:04 . 2008-08-10 14:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-08-10 13:56 . 2008-08-10 13:56 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\5ZL7LRZN.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\KZBXJX3H.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\2CQYAKX7.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\1NZL331J.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\37TNRZFD.DAT
2008-07-31 19:43 . 2008-07-31 18:17 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2008-07-31 19:43 . 2008-07-31 18:17 2724 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2008-07-31 19:40 . 2008-07-31 18:17 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2008-07-31 19:10 . 2008-07-31 19:10 737280 ----a-w- c:\windows\iun6002.exe
2008-07-31 18:57 . 2008-07-31 18:57 552 ----a-w- c:\windows\system32\d3d8caps.dat
2008-07-31 18:57 . 2008-07-31 18:57 -------- d-----w- c:\program files\SystemRequirementsLab
2008-07-31 18:42 . 2008-07-31 18:42 -------- d-----w- c:\program files\C-Media 3D Audio
2008-07-31 18:42 . 2008-07-31 18:36 4 ----a-w- c:\windows\system32\BSETUP.TMP
2008-07-31 18:18 . 2008-07-31 18:18 -------- d-----w- c:\program files\microsoft frontpage
2008-07-31 18:18 . 2008-07-31 18:18 558142 ----a-w- c:\windows\java\Packages\RP3313XR.ZIP
2008-07-31 18:18 . 2008-07-31 18:18 155995 ----a-w- c:\windows\java\Packages\QNXZTV9B.ZIP
2008-07-31 18:15 . 2008-07-31 18:15 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2008-07-07 20:32 . 2002-09-20 18:03 253952 ----a-w- c:\windows\system32\es.dll
2008-06-24 16:24 . 2002-09-20 18:04 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-24 14:06 . 2008-06-24 14:06 972072 ----a-w- c:\windows\UNNeroMediaHome.exe
2008-06-23 15:41 . 2002-09-20 18:05 660480 ----a-w- c:\windows\system32\wininet.dll
2008-06-20 17:42 . 2001-10-25 14:00 247296 ----a-w- c:\windows\system32\mswsock.dll
2008-06-20 10:45 . 2002-08-29 01:58 360320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2008-06-20 10:44 . 2002-08-29 02:01 138368 ----a-w- c:\windows\system32\drivers\afd.sys
2008-06-20 09:52 . 2002-08-29 01:37 225920 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2008-06-14 18:00 . 2008-07-31 19:40 272128 ------w- c:\windows\system32\drivers\bthport.sys
2008-06-08 07:37 . 2008-06-08 07:37 132904 ----a-w- c:\windows\system32\drivers\imagesrv.sys
2008-06-08 07:37 . 2008-06-08 07:37 11304 ----a-w- c:\windows\system32\drivers\imagedrv.sys
2008-06-06 12:54 . 2008-06-06 12:54 95600 ----a-w- c:\windows\system32\NeroCo.dll
2008-06-06 12:54 . 2008-06-06 12:54 972072 ----a-w- c:\windows\UNRecode.exe
2008-05-30 12:19 . 2008-07-31 19:31 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2008-05-30 12:18 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2008-05-30 12:17 . 2008-07-31 19:31 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2008-05-30 12:17 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2008-05-30 12:11 . 2008-07-31 19:31 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2008-05-30 12:01 . 2008-07-31 19:31 80896 ----a-w- c:\windows\system32\dxdllreg.exe
2008-05-08 12:28 . 2001-10-25 14:00 202752 ----a-w- c:\windows\system32\drivers\rmcast.sys
2008-05-07 05:16 . 2008-07-31 19:31 1290240 ----a-w- c:\windows\system32\quartz.dll
2008-04-28 13:53 . 2009-05-03 08:56 805400 ----a-r- c:\windows\system32\tmp6A.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2DA.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2D9.tmp
2008-04-11 18:51 . 2008-07-31 18:16 683520 ----a-w- c:\windows\system32\inetcomm.dll
2008-03-20 08:09 . 2002-09-20 17:41 1845248 ----a-w- c:\windows\system32\win32k.sys
2008-03-05 14:03 . 2008-07-31 19:31 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2008-03-05 14:03 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2008-03-05 14:00 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2008-03-05 13:56 . 2008-07-31 19:31 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2008-03-05 13:56 . 2008-07-31 19:31 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2008-02-20 06:51 . 2002-09-20 18:03 282624 ----a-w- c:\windows\system32\gdi32.dll
2008-02-20 05:38 . 2001-10-25 14:00 45568 ----a-w- c:\windows\system32\dnsrslvr.dll
2008-02-05 21:07 . 2008-07-31 19:31 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2007-12-18 14:43 . 2002-09-20 18:04 417792 ----a-w- c:\windows\system32\vbscript.dll
2007-12-18 09:51 . 2001-10-25 14:00 179584 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2007-12-04 18:41 . 2002-09-20 18:04 550912 ----a-w- c:\windows\system32\oleaut32.dll
2007-11-13 10:25 . 2002-03-25 20:02 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2007-11-07 09:29 . 2002-09-20 18:04 720896 ----a-w- c:\windows\system32\lsasrv.dll
2007-10-25 07:28 . 2002-09-20 18:05 222720 ----a-w- c:\windows\system32\wmasf.dll
2007-10-22 01:39 . 2008-07-31 19:31 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2007-10-22 01:37 . 2008-07-31 19:31 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2007-10-12 13:14 . 2008-07-31 19:31 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2007-10-12 13:14 . 2008-07-31 19:31 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2007-10-02 07:56 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2007-07-31 17:58 . 2009-02-21 08:58 618496 ----a-w- c:\windows\system32\DLLAV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 98304 ----a-w- c:\windows\system32\DLLCPY32.dll
2007-07-31 17:58 . 2009-02-21 08:58 36864 ----a-w- c:\windows\system32\DLLPNT32.dll
2007-07-31 17:58 . 2009-02-21 08:58 53248 ----a-w- c:\windows\system32\DLLIO32.dll
2007-07-31 17:58 . 2009-02-21 08:58 167936 ----a-w- c:\windows\system32\DLLDEV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 151552 ----a-w- c:\windows\system32\DLLDRV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 32768 ----a-w- c:\windows\system32\STRING32.dll
2007-07-31 17:58 . 2009-02-21 08:58 192512 ----a-w- c:\windows\system32\DLLRES32.dll
2007-07-30 17:19 . 2008-07-31 18:14 1712984 ----a-w- c:\windows\system32\wuaueng.dll
2007-07-30 17:19 . 2008-07-31 19:40 549720 ----a-w- c:\windows\system32\wuapi.dll
2007-07-30 17:19 . 2008-07-31 19:40 325976 ----a-w- c:\windows\system32\wucltui.dll
2007-07-30 17:19 . 2008-07-31 19:40 203096 ----a-w- c:\windows\system32\wuweb.dll
2007-07-30 17:19 . 2002-09-20 18:03 92504 ----a-w- c:\windows\system32\cdm.dll
2007-07-30 17:19 . 2008-07-31 18:14 53080 ----a-w- c:\windows\system32\wuauclt.exe
2007-07-30 17:19 . 2007-07-30 17:19 43352 ----a-w- c:\windows\system32\wups2.dll
2007-07-30 17:18 . 2008-07-31 19:40 33624 ----a-w- c:\windows\system32\wups.dll
2007-07-19 22:57 . 2008-07-31 19:31 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2007-07-19 16:14 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2007-07-09 13:11 . 2002-09-20 18:04 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2007-07-06 12:51 . 2002-09-20 18:04 95744 ----a-w- c:\windows\system32\mqsec.dll
2007-07-06 12:51 . 2002-09-20 18:04 489472 ----a-w- c:\windows\system32\mqutil.dll
2007-07-06 12:51 . 2002-09-20 18:04 660992 ----a-w- c:\windows\system32\mqqm.dll
2007-07-06 12:51 . 2002-09-20 18:04 177152 ----a-w- c:\windows\system32\mqrt.dll
2007-07-06 12:51 . 2002-09-20 18:04 16896 ----a-w- c:\windows\system32\mqise.dll
2007-07-06 12:51 . 2002-09-20 18:04 138240 ----a-w- c:\windows\system32\mqad.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CM-SmWizard"="c:\windows\System\SmWizard.exe" [2003-08-29 1454080]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\Marek\Nabˇdka Start\Programy\Po spuçtŘnˇ\
etmin.exe [2008-8-11 24064]
winesm32.exe [2004-8-17 29184]

c:\documents and settings\jUMpeďR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
etmin.exe [2004-10-25 40448]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-10 692224]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2008-08-10 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Kopie - Wolfenstein - Enemy Territory\\ET-movie.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"c:\\Program Files\\QIP\\qip.exe"=

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.3.2009 16:09 717296]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31.7.2008 21:15 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1.8.2008 17:13 141312]
R1 Winhpfile;Winhpfile;c:\bwlfjxju\HPFile.sys [10.8.2008 15:29 16601]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31.7.2008 21:15 20560]
R2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [25.1.2009 17:16 222456]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S2 Sukoku Service;Sukoku Service;c:\documents and settings\All Users\Data aplikací\Sukoku\sukoku119.exe [22.9.2009 15:49 54760]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
.
Obsah adresáře 'Naplánované úlohy'

2010-01-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2003-01-01 c:\windows\Tasks\SpeedyPC Program Check.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-01 c:\windows\Tasks\SpeedyPC Startup.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-01 c:\windows\Tasks\SpeedyPC.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]
.
.
------- Doplňkový sken -------
.
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\jUMpe´R\Data aplikací\Mozilla\Firefox\Profiles\hao1w9lo.default\
FF - prefs.js: network.proxy.type - 2

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

BHO-{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - (no file)
BHO-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Cmaudio - cmicnfg.cpl

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2003-01-01 20:36
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys >>UNKNOWN [0x897991F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bfc3
\Driver\ACPI -> ACPI.sys @ 0xf7496cb8
\Driver\atapi -> prosync1.sys @ 0xf79916c1
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0004
ParseProcedure -> ntoskrnl.exe @ 0x8056f00e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0004
ParseProcedure -> ntoskrnl.exe @ 0x8056f00e
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7b3aba0
PacketIndicateHandler -> NDIS.sys @ 0xf7b47b21
SendHandler -> NDIS.sys @ 0xf7b2587b
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(1764)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\RunDll32.exe
c:\documents and settings\jUMpe´R\Nabídka Start\Programy\Po spuštění\etmin.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
.
**************************************************************************
.
Celkový čas: 2003-01-01 20:41:01 - počítač byl restartován
ComboFix-quarantined-files.txt 2003-01-01 19:40

Před spuštěním: Volných bajtů: 48 516 497 408
Po spuštění: Volných bajtů: 51 085 033 472

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

- - End Of File - - A9DAD95FB0C4F6639FADCD45A97895BB

Unlimited_Killer

Pokračujeme a omlouvám se za prodlevu → osobní důvody.

A jelikož jste dlouho čekal, bude dlouhý postup.

↓

1) Skript do ComboFix-u

Otevřete si Poznámkový blok [Start → Spustit → notepad → Enter].

Do něj vkopírujte následující text:

Kód: Vybrat vše

KillAll::

Folder::
c:\documents and settings\All Users\Data aplikací\Sukoku
c:\program files\ICQ6Toolbar

Driver::
Sukoku Service
ICQ Service

File::
c:\windows\Tasks\AppleSoftwareUpdate.job

Collect::
c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\winesm32.exe
c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\etmin.exe
c:\documents and settings\jUMpeďR\Nabídka Start\Programy\Po spuštění\etmin.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"=-

Reboot::

Uložte tento soubor na Plochu pod jménem CFScript (koncovka .txt).
Přetáhněte tento soubor nad ComboFix a pusťte ho.
I tento soubor, i ComboFix musí být na Ploše!
ComboFix se spustí a vykoná příkazy ze skriptu.
Počítač bude pravděpodobně restartován.
Po restartu na Vás vyskočí okno s logem, který mi vkopírujete sem ve formě textu.

2) VirusTotal

Otestujte na VirusTotal soubory:

Kód: Vybrat vše

c:\bwlfjxju\HPFile.sys
c:\windows\vtany.sys
c:\windows\xhunter1.sys
c:\program files\SpeedyPC\SpeedyPC.exe

Jednoduše tam vkopírujete cesty, co jsem napsal do code.
Jestliže Vám to napíše, že soubor byl již testován, nechte ho otestovat znovu.
Poté jsem vložíte linky (odkazy) na jednotlivé testy.

3) Odinstalace virtuálních mechanik

Odinstalujte všechny virtuální mechaniky - například Alcohol, DeamonTools atd.

4) Odinstalace SPTD

Přejděte na tento odkaz.
Zde si stáhněte verzi SPTD dle Vašeho operačního systému (XP/Vista/W7 - 32/64bit).
Stažený soubor dvojklikem spusťte.
Klikněte na prostřední tlačítko 'Uninstall'.
Restartujte PC.

5) MBR.exe

Stáhněte MBR.exe na Plochu.
Proklikejte se na Start → Spustit [Win+R] a zadejte či vkopírujte následující text:
Kód: Vybrat vše
```
"%userprofile%\plocha\mbr" -t
```
Nyní stiskněte 'Enter'.
Na Ploše by se měl vytvořit soubor MBR.log, jehož obsah mi sem vkopírujete ve formě textu.

6) GMER

Stáhněte GMER, rozbalte ho na Plochu a dvojklikem ho spusťte.
Několik sekund bude skenovat.
Až sken dokončí, klikněte na 'Save' - to vygeneruje první log, který mi vložíte ve formě textu sem.
Poté vytvořte druhý log, přičemž se budete řídit tímto návodem - tento log mi sem taktéž vložíte.

amater1 · #5 Příspěvek od **amater1** » 28 úno 2010 21:31

Děkuji,už sem myslel že se na mě zapomnělo ..Log dodám zitra dneska už se mi do toho nechce pouštět,je toho docela dost ..

Unlimited_Killer

Ano je.

A ještě jednou se omlouvám.

amater1 · #7 Příspěvek od **amater1** » 01 bře 2010 17:28

Log 1
ComboFix 10-02-28.04 - jUMpe´R 04.01.2003 1:29.2.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1279.896 [GMT 1:00]
Spuštěný z: c:\documents and settings\jUMpe´R\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\jUMpe´R\Plocha\CFScript.txt.txt
AV: avast! antivirus 4.8.1368 [VPS 100202-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"

file zipped: c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\etmin.exe
file zipped: c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\winesm32.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Data aplikací\Sukoku
c:\documents and settings\All Users\Data aplikací\Sukoku\sukoku119.exe
c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\etmin.exe
c:\documents and settings\Marek\Nabídka Start\Programy\Po spuštění\winesm32.exe
c:\program files\ICQ6Toolbar
c:\program files\ICQ6Toolbar\Icons.bmp
c:\program files\ICQ6Toolbar\ICQ Service.exe
c:\program files\ICQ6Toolbar\icq6Toolbar.ico
c:\program files\ICQ6Toolbar\ICQToolBar.dll
c:\program files\ICQ6Toolbar\ICQUnToolbar.exe
c:\program files\ICQ6Toolbar\logo_small.gif
c:\program files\ICQ6Toolbar\ServiceStarter.exe
c:\program files\ICQ6Toolbar\short.wav
c:\program files\ICQ6Toolbar\Thumbs.db
c:\program files\ICQ6Toolbar\Version.txt
c:\windows\Tasks\AppleSoftwareUpdate.job

Nakažená kopie c:\windows\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\msgsvc.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ICQ_SERVICE
-------\Legacy_SUKOKU_SERVICE
-------\Service_ICQ Service
-------\Service_Sukoku Service

((((((((((((((((((((((((( Soubory vytvořené od 2002-12-04 do 2003-01-04 )))))))))))))))))))))))))))))))
.

2010-01-26 17:01 . 2010-01-26 17:01 -------- d-----w- c:\program files\Ventrilo
2010-01-16 02:46 . 2010-01-16 02:46 -------- d-----w- c:\program files\The Creative Assembly
2010-01-03 07:18 . 2002-12-31 23:32 -------- d-----w- c:\program files\GameSpy Arcade
2010-01-03 06:57 . 2010-01-03 06:57 -------- d-----w- c:\program files\Elaborate Bytes
2009-12-21 09:36 . 2009-02-04 13:17 90112 ----a-r- c:\windows\system32\CNC550O.dll
2009-12-21 09:36 . 2009-03-19 13:38 303104 ----a-w- c:\windows\system32\CNC550L.dll
2009-12-21 09:36 . 2009-03-13 08:31 1310720 ----a-w- c:\windows\system32\CNC550C.dll
2009-12-21 09:36 . 2009-03-13 08:31 110592 ----a-w- c:\windows\system32\CNC550I.dll
2009-12-21 09:36 . 2009-03-13 08:27 106496 ----a-w- c:\windows\system32\CNC550U.dll
2009-12-21 09:36 . 2008-08-25 17:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2009-12-21 09:36 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-21 09:36 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-26 10:02 . 2009-11-26 10:03 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\animations
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\stick figures
2009-10-02 10:37 . 2009-10-02 10:37 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-09-27 12:52 . 2010-01-03 07:00 -------- d-----w- c:\program files\Activision
2009-09-27 12:47 . 2009-09-27 12:47 -------- d-sh--w- c:\windows\ftpcache
2009-09-26 09:25 . 2009-09-26 09:25 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 16:22 . 2009-09-04 16:22 -------- d-----w- c:\program files\Sierra Entertainment
2009-08-24 05:24 . 2009-08-24 05:24 -------- d-----w- c:\program files\DoubleD
2009-08-21 10:24 . 2009-08-21 10:24 -------- d-----w- c:\windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2009-08-17 11:09 . 2004-08-17 13:49 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-08-17 11:09 . 2004-08-17 13:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-07-30 22:16 . 2009-10-05 08:54 -------- d-----w- C:\Download
2009-07-19 23:53 . 2002-12-31 23:24 -------- d-----w- c:\program files\Zoner
2009-07-11 12:18 . 2010-01-21 07:52 -------- d-----w- c:\program files\VDOWNLOADER
2009-07-11 12:15 . 2001-08-18 04:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-07-08 12:04 . 2009-12-24 14:21 -------- d-----w- c:\program files\MediaManager
2009-07-02 13:44 . 2009-07-02 13:44 -------- d-----w- c:\windows\system32\AGEIA
2009-07-02 13:31 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-07-02 13:31 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-07-02 13:31 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-07-02 13:31 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-05-25 12:16 . 2009-05-25 12:16 134312 ----a-w- c:\windows\system32\ElbyVCD.dll
2009-05-25 12:01 . 2009-05-25 12:01 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll
2009-05-22 23:08 . 2009-05-22 23:08 29696 ----a-w- c:\windows\system32\drivers\VClone.sys
2009-04-29 17:02 . 2009-04-29 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-29 17:02 . 2009-05-03 08:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-29 17:02 . 2009-05-03 08:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-29 17:02 . 2009-04-29 17:02 -------- d-----w- c:\program files\OpenAL
2009-04-09 08:39 . 2009-04-09 08:39 -------- d-----w- c:\program files\Alcohol Soft
2009-03-21 01:46 . 2009-03-21 01:46 -------- d-----w- c:\program files\own3d
2009-03-20 18:16 . 1998-11-18 15:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2009-03-20 18:16 . 1997-06-13 07:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2009-03-20 18:16 . 2009-03-20 18:16 -------- d-----w- c:\program files\Intel
2009-03-20 18:13 . 2009-03-20 18:13 -------- d-----w- c:\windows\system32\windows media
2009-03-20 18:13 . 2009-03-20 18:13 -------- d--h--w- c:\windows\msdownld.tmp
2009-03-09 15:09 . 2009-03-09 15:09 717296 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-03-08 00:32 . 2009-03-08 00:32 -------- d-----w- c:\program files\Apple Software Update
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32f.dll
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32.dll
2009-03-08 00:27 . 2003-07-16 18:09 626688 ----a-w- c:\windows\system32\xvid.dll
2009-03-08 00:27 . 2009-03-08 00:29 -------- d-----w- c:\program files\MPEG4 Direct Maker
2009-02-21 10:35 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2009-02-21 08:57 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-02-21 08:57 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll
2009-02-21 08:57 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll
2009-02-21 08:57 . 2009-03-08 17:54 -------- d-----w- c:\windows\system32\MAGIX
2009-02-21 08:57 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2009-02-17 17:11 . 2009-02-17 17:11 24232 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
2009-02-03 09:55 . 2009-04-04 10:15 -------- d-----w- c:\program files\Kopie - Wolfenstein - Enemy Territory
2009-02-01 23:41 . 2009-02-21 09:57 -------- d-----w- c:\program files\Sony
2009-02-01 23:21 . 2009-02-01 23:21 -------- d-----w- c:\program files\MSBuild
2009-02-01 23:17 . 2009-02-01 23:17 -------- d-----w- c:\windows\system32\XPSViewer
2009-02-01 23:16 . 2009-02-01 23:16 -------- d-----w- c:\program files\Reference Assemblies
2009-02-01 23:16 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-02-01 23:16 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-02-01 22:08 . 2009-08-20 20:39 -------- d-----w- c:\program files\Ulead Systems
2009-02-01 22:08 . 2009-03-21 15:23 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-01-30 01:37 . 2009-01-30 01:37 -------- d-----w- c:\program files\DebugMode
2009-01-25 21:42 . 2009-12-21 16:37 -------- d-----w- c:\program files\ICQ6.5
2009-01-25 16:33 . 2010-01-15 17:49 -------- d-----w- c:\documents and settings\iveta
2009-01-16 16:24 . 2009-01-16 16:24 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-01-15 22:05 . 2009-01-15 22:05 -------- d-----w- C:\found.000
2008-12-31 22:48 . 2008-12-31 22:48 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2008-12-31 21:47 . 2008-12-31 21:47 45 ---h--w- c:\windows\dsez1009.dat
2008-12-21 21:00 . 2003-01-03 04:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2008-12-19 15:39 . 2008-12-19 15:39 81920 ----a-w- c:\windows\system32\frapsvid.dll
2008-12-04 07:28 . 2008-12-04 07:28 24344 ----a-w- c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 . 2008-11-26 06:55 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 . 2008-11-25 06:38 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2008-11-19 20:21 . 2008-11-19 20:22 -------- d-----w- c:\windows\system32\NtmsData
2008-11-15 13:24 . 2003-01-01 01:58 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2008-11-15 13:24 . 2009-09-30 09:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-11-15 13:24 . 2003-01-01 01:58 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2008-11-15 12:48 . 2008-11-15 17:38 674600 ----a-w- c:\windows\system32\pbsvc.exe
2008-11-15 10:09 . 2008-07-10 13:56 107864 ----a-w- c:\windows\system32\tsccvid.dll
2008-10-22 14:16 . 2008-10-22 14:16 -------- d-----w- c:\program files\Common Files\InterVideo
2008-10-22 14:14 . 2008-10-22 14:14 -------- d-----w- c:\program files\Windows Media Components
2008-10-22 12:54 . 2009-02-02 10:58 -------- d-----w- c:\program files\Sony Setup
2008-10-22 10:40 . 2008-10-22 10:43 -------- d-----w- c:\program files\Common Files\Nero
2008-10-22 10:40 . 2008-10-22 10:40 -------- d-----w- c:\program files\Nero
2008-10-21 12:41 . 2008-10-21 12:41 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2008-10-21 12:23 . 2008-10-21 12:23 -------- d-----w- c:\program files\SmartSound Software
2008-10-21 12:22 . 2004-07-02 14:28 89088 ----a-w- c:\windows\system32\atl71.dll
2008-10-21 12:22 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2008-10-21 12:18 . 2005-02-09 10:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2008-10-13 17:08 . 2008-10-13 17:08 -------- d-----w- c:\windows\SxsCaPendDel
2008-10-13 17:07 . 2003-05-21 22:50 344064 ----a-w- c:\windows\system32\msvcr70.dll
2008-10-13 17:07 . 2003-03-26 04:58 487424 ----a-w- c:\windows\system32\MSVCP70.DLL
2008-10-13 17:07 . 2002-01-05 13:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2008-10-13 17:07 . 2003-05-22 11:26 638976 ----a-w- c:\windows\system32\divx.dll
2008-10-13 17:07 . 2003-05-21 22:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2008-10-13 17:07 . 2003-05-21 22:50 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2008-10-13 17:07 . 2002-08-19 23:41 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2008-10-13 17:07 . 2008-10-13 11:01 -------- d-----w- c:\program files\Common Files\AVSMedia
2008-10-13 13:43 . 2008-10-13 13:43 -------- d-----w- c:\documents and settings\Marek\.gimp-2.4

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-25 01:34 . 2001-10-25 14:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 01:34 . 2001-10-25 14:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2009-08-06 18:24 . 2008-07-31 19:40 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2008-07-31 19:40 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2008-07-31 19:40 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2008-07-31 18:14 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2002-09-20 18:03 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2008-07-31 19:40 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2008-07-31 18:14 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 18:23 . 2003-01-02 07:39 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2003-01-02 07:39 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-03-20 18:10 . 2008-07-31 18:26 -------- d-----w- c:\program files\Common Files\InstallShield
2009-02-21 08:58 . 2009-02-21 08:58 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2008-08-10 14:05 . 2008-08-10 14:05 -------- d-----w- c:\program files\Common Files\LogiShared
2008-08-10 14:05 . 2008-08-10 14:05 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2008-08-10 14:05 . 2008-08-10 13:55 -------- d-----w- c:\program files\Logitech
2008-08-10 14:04 . 2008-08-10 14:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-08-10 13:56 . 2008-08-10 13:56 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\5ZL7LRZN.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\KZBXJX3H.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\2CQYAKX7.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\1NZL331J.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\37TNRZFD.DAT
2008-07-31 19:43 . 2008-07-31 18:17 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2008-07-31 19:43 . 2008-07-31 18:17 2724 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2008-07-31 19:40 . 2008-07-31 18:17 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2008-07-31 19:10 . 2008-07-31 19:10 737280 ----a-w- c:\windows\iun6002.exe
2008-07-31 18:57 . 2008-07-31 18:57 552 ----a-w- c:\windows\system32\d3d8caps.dat
2008-07-31 18:57 . 2008-07-31 18:57 -------- d-----w- c:\program files\SystemRequirementsLab
2008-07-31 18:42 . 2008-07-31 18:42 -------- d-----w- c:\program files\C-Media 3D Audio
2008-07-31 18:42 . 2008-07-31 18:36 4 ----a-w- c:\windows\system32\BSETUP.TMP
2008-07-31 18:18 . 2008-07-31 18:18 -------- d-----w- c:\program files\microsoft frontpage
2008-07-31 18:18 . 2008-07-31 18:18 558142 ----a-w- c:\windows\java\Packages\RP3313XR.ZIP
2008-07-31 18:18 . 2008-07-31 18:18 155995 ----a-w- c:\windows\java\Packages\QNXZTV9B.ZIP
2008-07-31 18:15 . 2008-07-31 18:15 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2008-07-07 20:32 . 2002-09-20 18:03 253952 ------w- c:\windows\system32\es.dll
2008-06-24 16:24 . 2002-09-20 18:04 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-24 14:06 . 2008-06-24 14:06 972072 ----a-w- c:\windows\UNNeroMediaHome.exe
2008-06-23 15:41 . 2002-09-20 18:05 660480 ------w- c:\windows\system32\wininet.dll
2008-06-20 17:42 . 2001-10-25 14:00 247296 ------w- c:\windows\system32\mswsock.dll
2008-06-20 10:45 . 2002-08-29 01:58 360320 ------w- c:\windows\system32\drivers\tcpip.sys
2008-06-20 10:44 . 2002-08-29 02:01 138368 ----a-w- c:\windows\system32\drivers\afd.sys
2008-06-20 09:52 . 2002-08-29 01:37 225920 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2008-06-14 18:00 . 2008-07-31 19:40 272128 ------w- c:\windows\system32\drivers\bthport.sys
2008-06-08 07:37 . 2008-06-08 07:37 132904 ----a-w- c:\windows\system32\drivers\imagesrv.sys
2008-06-08 07:37 . 2008-06-08 07:37 11304 ----a-w- c:\windows\system32\drivers\imagedrv.sys
2008-06-06 12:54 . 2008-06-06 12:54 95600 ----a-w- c:\windows\system32\NeroCo.dll
2008-06-06 12:54 . 2008-06-06 12:54 972072 ----a-w- c:\windows\UNRecode.exe
2008-05-30 12:19 . 2008-07-31 19:31 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2008-05-30 12:18 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2008-05-30 12:17 . 2008-07-31 19:31 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2008-05-30 12:17 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2008-05-30 12:11 . 2008-07-31 19:31 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2008-05-30 12:01 . 2008-07-31 19:31 80896 ----a-w- c:\windows\system32\dxdllreg.exe
2008-05-29 08:28 . 2003-01-03 04:20 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2008-05-08 12:28 . 2001-10-25 14:00 202752 ----a-w- c:\windows\system32\drivers\rmcast.sys
2008-05-07 05:16 . 2008-07-31 19:31 1290240 ----a-w- c:\windows\system32\quartz.dll
2008-04-28 13:53 . 2009-05-03 08:56 805400 ----a-r- c:\windows\system32\tmp6A.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2DA.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2D9.tmp
2008-04-11 18:51 . 2008-07-31 18:16 683520 ----a-w- c:\windows\system32\inetcomm.dll
2008-03-20 08:09 . 2002-09-20 17:41 1845248 ----a-w- c:\windows\system32\win32k.sys
2008-03-05 14:03 . 2008-07-31 19:31 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2008-03-05 14:03 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2008-03-05 14:00 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2008-03-05 13:56 . 2008-07-31 19:31 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2008-03-05 13:56 . 2008-07-31 19:31 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2008-02-20 06:51 . 2002-09-20 18:03 282624 ----a-w- c:\windows\system32\gdi32.dll
2008-02-20 05:38 . 2001-10-25 14:00 45568 ----a-w- c:\windows\system32\dnsrslvr.dll
2008-02-05 21:07 . 2008-07-31 19:31 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2007-12-18 14:43 . 2002-09-20 18:04 417792 ----a-w- c:\windows\system32\vbscript.dll
2007-12-18 09:51 . 2001-10-25 14:00 179584 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2007-12-04 18:41 . 2002-09-20 18:04 550912 ----a-w- c:\windows\system32\oleaut32.dll
2007-11-13 10:25 . 2002-03-25 20:02 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2007-11-07 09:29 . 2002-09-20 18:04 720896 ----a-w- c:\windows\system32\lsasrv.dll
2007-10-25 07:28 . 2002-09-20 18:05 222720 ----a-w- c:\windows\system32\wmasf.dll
2007-10-22 01:39 . 2008-07-31 19:31 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2007-10-22 01:37 . 2008-07-31 19:31 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2007-10-12 13:14 . 2008-07-31 19:31 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2007-10-12 13:14 . 2008-07-31 19:31 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2007-10-02 07:56 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2007-07-31 17:58 . 2009-02-21 08:58 618496 ----a-w- c:\windows\system32\DLLAV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 98304 ----a-w- c:\windows\system32\DLLCPY32.dll
2007-07-31 17:58 . 2009-02-21 08:58 36864 ----a-w- c:\windows\system32\DLLPNT32.dll
2007-07-31 17:58 . 2009-02-21 08:58 53248 ----a-w- c:\windows\system32\DLLIO32.dll
2007-07-31 17:58 . 2009-02-21 08:58 167936 ----a-w- c:\windows\system32\DLLDEV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 151552 ----a-w- c:\windows\system32\DLLDRV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 32768 ----a-w- c:\windows\system32\STRING32.dll
2007-07-31 17:58 . 2009-02-21 08:58 192512 ----a-w- c:\windows\system32\DLLRES32.dll
2007-07-19 22:57 . 2008-07-31 19:31 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2007-07-19 16:14 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2007-07-09 13:11 . 2002-09-20 18:04 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2007-07-06 12:51 . 2002-09-20 18:04 95744 ----a-w- c:\windows\system32\mqsec.dll
2007-07-06 12:51 . 2002-09-20 18:04 489472 ----a-w- c:\windows\system32\mqutil.dll
2007-07-06 12:51 . 2002-09-20 18:04 660992 ----a-w- c:\windows\system32\mqqm.dll
.

((((((((((((((((((((((((((((( SnapShot@2003-01-01_19.36.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-01-04 00:39 . 2003-01-04 00:39 16384 c:\windows\Temp\Perflib_Perfdata_770.dat
+ 2003-01-04 00:24 . 2003-01-04 00:24 16384 c:\windows\Temp\Perflib_Perfdata_72c.dat
+ 2003-01-01 23:58 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2003-01-01 23:58 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2008-07-31 19:40 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-07-31 18:14 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2002-09-20 18:03 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2003-01-03 04:20 . 2003-01-03 04:20 355584 c:\windows\system32\TuneUpDefragService.exe
+ 2008-07-31 19:40 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2008-07-31 19:40 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-07-31 19:40 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2008-07-31 18:14 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2003-01-03 04:20 . 2003-01-03 04:20 1670144 c:\windows\Installer\4a1f79.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CM-SmWizard"="c:\windows\System\SmWizard.exe" [2003-08-29 1454080]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-05-26 85160]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\jUMpeďR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
etmin.exe [2004-10-25 40448]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-10 692224]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2008-08-10 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Kopie - Wolfenstein - Enemy Territory\\ET-movie.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"c:\\Program Files\\QIP\\qip.exe"=

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [9.3.2009 16:09 717296]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31.7.2008 21:15 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1.8.2008 17:13 141312]
R1 Winhpfile;Winhpfile;c:\bwlfjxju\HPFile.sys [10.8.2008 15:29 16601]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31.7.2008 21:15 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2003-01-04 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2003-01-01 c:\windows\Tasks\SpeedyPC Program Check.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-04 c:\windows\Tasks\SpeedyPC Startup.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-01 c:\windows\Tasks\SpeedyPC.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]
.
.
------- Doplňkový sken -------
.
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\jUMpe´R\Data aplikací\Mozilla\Firefox\Profiles\hao1w9lo.default\
FF - prefs.js: network.proxy.type - 2

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

AddRemove-ICQToolbar - c:\program files\ICQ6Toolbar\ICQUnToolbar.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2003-01-04 01:40
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys >>UNKNOWN [0x8972B1F8]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf764bfc3
\Driver\ACPI -> ACPI.sys @ 0xf7496cb8
\Driver\atapi -> prosync1.sys @ 0xf79916c1
IoDeviceObjectType -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0004
ParseProcedure -> ntoskrnl.exe @ 0x8056f00e
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntoskrnl.exe @ 0x805a0004
ParseProcedure -> ntoskrnl.exe @ 0x8056f00e
NDIS: VIA Rhine II Fast Ethernet Adapter -> SendCompleteHandler -> NDIS.sys @ 0xf7b3aba0
PacketIndicateHandler -> NDIS.sys @ 0xf7b47b21
SendHandler -> NDIS.sys @ 0xf7b2587b
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2492)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\documents and settings\jUMpe´R\Nabídka Start\Programy\Po spuštění\etmin.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
.
**************************************************************************
.
Celkový čas: 2003-01-04 01:44:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2003-01-04 00:44
ComboFix2.txt 2003-01-01 19:41

Před spuštěním: Volných bajtů: 49 896 300 544
Po spuštění: Volných bajtů: 50 567 888 896

- - End Of File - - D5663931FB7A52EF35EB13071B7A4BE7

amater1 · #8 Příspěvek od **amater1** » 01 bře 2010 18:54

2.) http://www.virustotal.com/cs/analisis/7 ... 1267461054

http://www.virustotal.com/vt/cs/recepci ... 27abf3dcb0

http://www.virustotal.com/vt/cs/recepci ... c7d9680735

http://www.virustotal.com/cs/analisis/4 ... 1267462816

5.) Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys atapi.sys viaide.sys PCIIDEX.SYS
kernel: MBR read successfully
user & kernel MBR OK

amater1 · #9 Příspěvek od **amater1** » 01 bře 2010 19:59

6.)GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2003-01-04 03:21:00
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JUMPER~1\LOCALS~1\Temp\pxtdapow.sys

---- System - GMER 1.0.15 ----

SSDT \??\C:\bwlfjxju\HPFile.sys (Windows/Windows) ZwQueryDirectoryFile [0xF7944518]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

Ten druhej log ještě pořád jede ale už je to nějaká doba ..

Unlimited_Killer

Druhý bývá na dlouho. A prostřední 2 odkazy na VT nefungují, prosím, zkuste je otestovat znovu.

amater1 · #11 Příspěvek od **amater1** » 01 bře 2010 20:16

Jo u těch dvou to nic nenašlo ,žadný soubor ..

Unlimited_Killer

amater1 · #13 Příspěvek od **amater1** » 02 bře 2010 15:40

Tady je druhej log.Omlouvám se,že je to tak pozdě ale jednou se to přerušilo tak sem to musel udělat znova ..

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2003-01-04 07:36:28
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\JUMPER~1\LOCALS~1\Temp\pxtdapow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB7CAD6B8]
SSDT \??\C:\bwlfjxju\HPFile.sys (Windows/Windows) ZwCreateFile [0xF79439BC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB7CAD574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB7CADA52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB7CAD14C]
SSDT \??\C:\bwlfjxju\HPFile.sys (Windows/Windows) ZwOpenFile [0xF7943CE6]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB7CAD64E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB7CAD08C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB7CAD0F0]
SSDT \??\C:\bwlfjxju\HPFile.sys (Windows/Windows) ZwQueryDirectoryFile [0xF7944518]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB7CAD76E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB7CAD72E]
SSDT \??\C:\bwlfjxju\HPFile.sys (Windows/Windows) ZwSetInformationFile [0xF7943FBC]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB7CAD8AE]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xBA2CF380, 0x21F24D, 0xE8000020]
? C:\DOCUME~1\JUMPER~1\LOCALS~1\Temp\mbr.sys Systém nemůže nalézt uvedený soubor. !

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[944] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003C0002
IAT C:\WINDOWS\system32\services.exe[944] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003C0000

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\prodrv06 \Device\ProDrv06 E1A0A008
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-17 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1494798

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x02 0x97 0x0A 0x44 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x71 0x69 0x14 0x42 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x82 0x80 0x99 0xBE ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x71 0x69 0x14 0x42 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32@cd042efbbd7f7af1647644e76e06692b 0xE2 0x63 0x26 0xF1 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32@bca643cdc5c2726b20d2ecedcc62c59b 0x6A 0x9C 0xD6 0x61 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32@2c81e34222e8052573023a60d06dd016 0xFF 0x7C 0x85 0xE0 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32@2582ae41fb52324423be06337561aa48 0x86 0x8C 0x21 0x01 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32@caaeda5fd7a9ed7697d9686d4b818472 0xCD 0x44 0xCD 0xB9 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32@a4a1bcf2cc2b8bc3716b74b2b4522f5d 0xB0 0x18 0xED 0xA7 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32@4d370831d2c43cd13623e232fed27b7b 0x97 0x20 0x4E 0x9A ...
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32@1d68fe701cdea33e477eb204b76f993d 0x83 0x6C 0x56 0x8B ...
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32@1fac81b91d8e3c5aa4b0a51804d844a3 0xB2 0x46 0x9A 0xE2 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32@f5f62a6129303efb32fbe080bb27835b 0x37 0xA4 0xAA 0xC3 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32@fd4e2e1a3940b94dceb5a6a021f2e3c6 0x2A 0xB7 0xCC 0xB5 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@ C:\WINDOWS\system32\OLE32.DLL
Reg HKLM\SOFTWARE\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32@8a8aec57dd6508a385616fbc86791ec2 0xFA 0xEA 0x66 0x7F ...

---- Files - GMER 1.0.15 ----

File C:\Documents and Settings\iveta\Dokumenty\ICQ\467092867\ReceivedFiles\455457196 ..masel.\Ulead Video studio 10 Plus.iso 3854336 bytes

---- EOF - GMER 1.0.15 ----

Unlimited_Killer

Prosím nový ComboFix log.

amater1 · #15 Příspěvek od **amater1** » 02 bře 2010 22:19

Log

ComboFix 10-03-02.02 - jUMpe´R 05.01.2003 6:21.5.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.420.1029.18.1279.991 [GMT 1:00]
Spuštěný z: c:\documents and settings\jUMpe´R\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100202-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

-- Předchozí spuštění --

Nakažená kopie c:\windows\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\msgsvc.dll

--------

Nakažená kopie c:\windows\system32\msgsvc.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\ERDNT\cache\msgsvc.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2002-12-05 do 2003-01-05 )))))))))))))))))))))))))))))))
.

2010-01-26 17:01 . 2010-01-26 17:01 -------- d-----w- c:\program files\Ventrilo
2010-01-16 02:46 . 2010-01-16 02:46 -------- d-----w- c:\program files\The Creative Assembly
2010-01-03 07:18 . 2002-12-31 23:32 -------- d-----w- c:\program files\GameSpy Arcade
2010-01-03 06:57 . 2010-01-03 06:57 -------- d-----w- c:\program files\Elaborate Bytes
2009-12-21 09:36 . 2009-02-04 13:17 90112 ----a-r- c:\windows\system32\CNC550O.dll
2009-12-21 09:36 . 2009-03-19 13:38 303104 ----a-w- c:\windows\system32\CNC550L.dll
2009-12-21 09:36 . 2009-03-13 08:31 1310720 ----a-w- c:\windows\system32\CNC550C.dll
2009-12-21 09:36 . 2009-03-13 08:31 110592 ----a-w- c:\windows\system32\CNC550I.dll
2009-12-21 09:36 . 2009-03-13 08:27 106496 ----a-w- c:\windows\system32\CNC550U.dll
2009-12-21 09:36 . 2008-08-25 17:02 15872 ----a-w- c:\windows\system32\CNHMCA.dll
2009-12-21 09:36 . 2004-08-03 21:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-12-21 09:36 . 2004-08-03 21:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-12-21 09:32 . 2004-08-03 22:01 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-11-26 10:02 . 2009-11-26 10:03 -------- d-----w- c:\program files\TuneUp Utilities 2010
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\animations
2009-11-17 10:22 . 2009-11-17 10:22 -------- d-----w- c:\program files\stick figures
2009-10-02 10:37 . 2009-10-02 10:37 -------- d-----w- c:\documents and settings\LocalService\Plocha
2009-09-27 12:52 . 2010-01-03 07:00 -------- d-----w- c:\program files\Activision
2009-09-27 12:47 . 2009-09-27 12:47 -------- d-sh--w- c:\windows\ftpcache
2009-09-26 09:25 . 2009-09-26 09:25 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-04 16:22 . 2009-09-04 16:22 -------- d-----w- c:\program files\Sierra Entertainment
2009-08-24 05:24 . 2009-08-24 05:24 -------- d-----w- c:\program files\DoubleD
2009-08-21 10:24 . 2009-08-21 10:24 -------- d-----w- c:\windows\65F1CF6331E0450B96F34A88BE7361A6.TMP
2009-08-17 11:09 . 2004-08-17 13:49 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:49 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-08-17 11:09 . 2004-08-17 13:45 14848 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-08-17 11:09 . 2004-08-17 13:45 14848 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-07-30 22:16 . 2009-10-05 08:54 -------- d-----w- C:\Download
2009-07-19 23:53 . 2002-12-31 23:24 -------- d-----w- c:\program files\Zoner
2009-07-11 12:18 . 2010-01-21 07:52 -------- d-----w- c:\program files\VDOWNLOADER
2009-07-11 12:15 . 2001-08-18 04:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-07-11 12:15 . 2001-08-18 04:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-07-11 12:15 . 2001-08-17 20:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-07-11 12:15 . 2001-08-17 20:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-07-08 12:04 . 2009-12-24 14:21 -------- d-----w- c:\program files\MediaManager
2009-07-02 13:44 . 2009-07-02 13:44 -------- d-----w- c:\windows\system32\AGEIA
2009-07-02 13:31 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2009-07-02 13:31 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2009-07-02 13:31 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2009-07-02 13:31 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2009-07-02 13:31 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2009-05-22 23:08 . 2009-05-22 23:08 29696 ----a-w- c:\windows\system32\drivers\VClone.sys
2009-04-29 17:02 . 2009-04-29 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-04-29 17:02 . 2009-05-03 08:56 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2009-04-29 17:02 . 2009-05-03 08:56 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2009-04-29 17:02 . 2009-04-29 17:02 -------- d-----w- c:\program files\OpenAL
2009-04-09 08:39 . 2009-04-09 08:39 -------- d-----w- c:\program files\Alcohol Soft
2009-03-21 01:46 . 2009-03-21 01:46 -------- d-----w- c:\program files\own3d
2009-03-20 18:16 . 1998-11-18 15:33 144384 ----a-w- c:\windows\system32\Iacenc.dll
2009-03-20 18:16 . 1997-06-13 07:56 56832 ----a-w- c:\windows\system32\Iyvu9_32.dll
2009-03-20 18:16 . 2009-03-20 18:16 -------- d-----w- c:\program files\Intel
2009-03-20 18:13 . 2009-03-20 18:13 -------- d-----w- c:\windows\system32\windows media
2009-03-20 18:13 . 2009-03-20 18:13 -------- d--h--w- c:\windows\msdownld.tmp
2009-03-08 00:32 . 2009-03-08 00:32 -------- d-----w- c:\program files\Apple Software Update
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32f.dll
2009-03-08 00:27 . 2000-12-19 08:36 414272 ----a-w- c:\windows\system32\DivXc32.dll
2009-03-08 00:27 . 2003-07-16 18:09 626688 ----a-w- c:\windows\system32\xvid.dll
2009-03-08 00:27 . 2009-03-08 00:29 -------- d-----w- c:\program files\MPEG4 Direct Maker
2009-02-21 10:35 . 2007-04-27 09:43 120200 ----a-w- c:\windows\system32\DLLDEV32i.dll
2009-02-21 08:57 . 2002-09-20 23:33 1089536 ----a-w- c:\windows\system32\ROBOEX32.DLL
2009-02-21 08:57 . 1999-01-28 13:44 49152 ----a-w- c:\windows\system32\INETWH32.dll
2009-02-21 08:57 . 1998-10-15 16:28 85504 ----a-w- c:\windows\system32\HtmlWH.dll
2009-02-21 08:57 . 2009-03-08 17:54 -------- d-----w- c:\windows\system32\MAGIX
2009-02-21 08:57 . 2008-04-15 15:14 700416 ----a-w- c:\windows\system32\mgxoschk.dll
2009-02-03 09:55 . 2009-04-04 10:15 -------- d-----w- c:\program files\Kopie - Wolfenstein - Enemy Territory
2009-02-01 23:41 . 2009-02-21 09:57 -------- d-----w- c:\program files\Sony
2009-02-01 23:21 . 2009-02-01 23:21 -------- d-----w- c:\program files\MSBuild
2009-02-01 23:17 . 2009-02-01 23:17 -------- d-----w- c:\windows\system32\XPSViewer
2009-02-01 23:16 . 2009-02-01 23:16 -------- d-----w- c:\program files\Reference Assemblies
2009-02-01 23:16 . 2006-10-14 15:43 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-02-01 23:16 . 2006-06-29 12:07 14048 ------w- c:\windows\system32\spmsg2.dll
2009-02-01 22:08 . 2009-08-20 20:39 -------- d-----w- c:\program files\Ulead Systems
2009-02-01 22:08 . 2009-03-21 15:23 -------- d-----w- c:\program files\Common Files\Ulead Systems
2009-01-30 01:37 . 2009-01-30 01:37 -------- d-----w- c:\program files\DebugMode
2009-01-25 21:42 . 2009-12-21 16:37 -------- d-----w- c:\program files\ICQ6.5
2009-01-25 16:33 . 2010-01-15 17:49 -------- d-----w- c:\documents and settings\iveta
2009-01-16 16:24 . 2009-01-16 16:24 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-01-15 22:05 . 2009-01-15 22:05 -------- d-----w- C:\found.000
2008-12-31 22:48 . 2008-12-31 22:48 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2008-12-31 21:47 . 2008-12-31 21:47 45 ---h--w- c:\windows\dsez1009.dat
2008-12-21 21:00 . 2003-01-03 04:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2008-12-19 15:39 . 2008-12-19 15:39 81920 ----a-w- c:\windows\system32\frapsvid.dll
2008-12-04 07:28 . 2008-12-04 07:28 24344 ----a-w- c:\windows\system32\PhysXDevice.dll
2008-11-26 06:55 . 2008-11-26 06:55 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2008-11-25 06:38 . 2008-11-25 06:38 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2008-11-19 20:21 . 2008-11-19 20:22 -------- d-----w- c:\windows\system32\NtmsData
2008-11-15 13:24 . 2003-01-01 01:58 138328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2008-11-15 13:24 . 2009-09-30 09:48 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2008-11-15 13:24 . 2003-01-01 01:58 214816 ----a-w- c:\windows\system32\PnkBstrB.exe
2008-11-15 12:48 . 2008-11-15 17:38 674600 ----a-w- c:\windows\system32\pbsvc.exe
2008-11-15 10:09 . 2008-07-10 13:56 107864 ----a-w- c:\windows\system32\tsccvid.dll
2008-10-22 14:16 . 2008-10-22 14:16 -------- d-----w- c:\program files\Common Files\InterVideo
2008-10-22 14:14 . 2008-10-22 14:14 -------- d-----w- c:\program files\Windows Media Components
2008-10-22 12:54 . 2009-02-02 10:58 -------- d-----w- c:\program files\Sony Setup
2008-10-22 10:40 . 2008-10-22 10:43 -------- d-----w- c:\program files\Common Files\Nero
2008-10-22 10:40 . 2008-10-22 10:40 -------- d-----w- c:\program files\Nero
2008-10-21 12:41 . 2008-10-21 12:41 -------- d-----w- c:\documents and settings\All Users\Data aplikac
2008-10-21 12:23 . 2008-10-21 12:23 -------- d-----w- c:\program files\SmartSound Software
2008-10-21 12:22 . 2004-07-02 14:28 89088 ----a-w- c:\windows\system32\atl71.dll
2008-10-21 12:22 . 2004-07-02 14:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2008-10-21 12:18 . 2005-02-09 10:59 14165 ----a-w- c:\windows\system32\drivers\Pclepci.sys
2008-10-13 17:08 . 2008-10-13 17:08 -------- d-----w- c:\windows\SxsCaPendDel
2008-10-13 17:07 . 2003-05-21 22:50 344064 ----a-w- c:\windows\system32\msvcr70.dll
2008-10-13 17:07 . 2003-03-26 04:58 487424 ----a-w- c:\windows\system32\MSVCP70.DLL
2008-10-13 17:07 . 2002-01-05 13:48 974848 ----a-w- c:\windows\system32\mfc70.dll
2008-10-13 17:07 . 2003-05-22 11:26 638976 ----a-w- c:\windows\system32\divx.dll
2008-10-13 17:07 . 2003-05-21 22:50 24576 ----a-w- c:\windows\system32\msxml3a.dll
2008-10-13 17:07 . 2003-05-21 22:50 261632 ----a-w- c:\windows\system32\mcdvd_32.dll
2008-10-13 17:07 . 2002-08-19 23:41 413760 ----a-w- c:\windows\system32\mpg4c32.dll
2008-10-13 17:07 . 2008-10-13 11:01 -------- d-----w- c:\program files\Common Files\AVSMedia
2008-10-13 13:43 . 2008-10-13 13:43 -------- d-----w- c:\documents and settings\Marek\.gimp-2.4
2008-10-12 13:32 . 2008-10-12 13:32 -------- d-s---w- c:\documents and settings\Marek\UserData
2008-10-07 07:13 . 2008-10-07 07:13 197912 ----a-w- c:\windows\system32\physxcudart_20.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelTraditionalChinese.dll
2008-10-07 07:13 . 2008-10-07 07:13 58648 ----a-w- c:\windows\system32\AgCPanelSwedish.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-25 01:34 . 2001-10-25 14:00 76516 ----a-w- c:\windows\system32\perfc005.dat
2009-10-25 01:34 . 2001-10-25 14:00 424082 ----a-w- c:\windows\system32\perfh005.dat
2009-08-06 18:24 . 2008-07-31 19:40 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 18:24 . 2008-07-31 19:40 209632 ----a-w- c:\windows\system32\wuweb.dll
2009-08-06 18:24 . 2008-07-31 19:40 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 18:24 . 2007-07-30 17:19 44768 ----a-w- c:\windows\system32\wups2.dll
2009-08-06 18:24 . 2008-07-31 18:14 53472 ------w- c:\windows\system32\wuauclt.exe
2009-08-06 18:24 . 2002-09-20 18:03 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 18:23 . 2008-07-31 19:40 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 18:23 . 2008-07-31 18:14 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 18:23 . 2003-01-02 07:39 215920 ----a-w- c:\windows\system32\muweb.dll
2009-08-06 18:23 . 2003-01-02 07:39 274288 ----a-w- c:\windows\system32\mucltui.dll
2009-03-20 18:10 . 2008-07-31 18:26 -------- d-----w- c:\program files\Common Files\InstallShield
2009-02-21 08:58 . 2009-02-21 08:58 -------- d-----w- c:\program files\Common Files\MAGIX Shared
2008-08-10 14:05 . 2008-08-10 14:05 -------- d-----w- c:\program files\Common Files\LogiShared
2008-08-10 14:05 . 2008-08-10 14:05 127034 ------r- c:\windows\bwUnin-8.1.1.50-8876480SL.exe
2008-08-10 14:05 . 2008-08-10 13:55 -------- d-----w- c:\program files\Logitech
2008-08-10 14:04 . 2008-08-10 14:04 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-08-10 13:56 . 2008-08-10 13:56 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\5ZL7LRZN.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\KZBXJX3H.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\2CQYAKX7.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\1NZL331J.DAT
2008-08-10 13:00 . 2008-08-10 13:00 2678 ----a-w- c:\windows\java\Packages\Data\37TNRZFD.DAT
2008-07-31 19:43 . 2008-07-31 18:17 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2008-07-31 19:43 . 2008-07-31 18:17 2724 ----a-w- c:\windows\PCHealth\HelpCtr\PackageStore\SkuStore.bin
2008-07-31 19:40 . 2008-07-31 18:17 8972 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cntstore.bin
2008-07-31 19:10 . 2008-07-31 19:10 737280 ----a-w- c:\windows\iun6002.exe
2008-07-31 18:57 . 2008-07-31 18:57 552 ----a-w- c:\windows\system32\d3d8caps.dat
2008-07-31 18:57 . 2008-07-31 18:57 -------- d-----w- c:\program files\SystemRequirementsLab
2008-07-31 18:42 . 2008-07-31 18:42 -------- d-----w- c:\program files\C-Media 3D Audio
2008-07-31 18:42 . 2008-07-31 18:36 4 ----a-w- c:\windows\system32\BSETUP.TMP
2008-07-31 18:18 . 2008-07-31 18:18 -------- d-----w- c:\program files\microsoft frontpage
2008-07-31 18:18 . 2008-07-31 18:18 558142 ----a-w- c:\windows\java\Packages\RP3313XR.ZIP
2008-07-31 18:18 . 2008-07-31 18:18 155995 ----a-w- c:\windows\java\Packages\QNXZTV9B.ZIP
2008-07-31 18:15 . 2008-07-31 18:15 21812 ----a-w- c:\windows\system32\emptyregdb.dat
2008-07-07 20:32 . 2002-09-20 18:03 253952 ------w- c:\windows\system32\es.dll
2008-06-24 16:24 . 2002-09-20 18:04 74240 ----a-w- c:\windows\system32\mscms.dll
2008-06-24 14:06 . 2008-06-24 14:06 972072 ----a-w- c:\windows\UNNeroMediaHome.exe
2008-06-23 15:41 . 2002-09-20 18:05 660480 ------w- c:\windows\system32\wininet.dll
2008-06-20 17:42 . 2001-10-25 14:00 247296 ------w- c:\windows\system32\mswsock.dll
2008-06-20 10:45 . 2002-08-29 01:58 360320 ------w- c:\windows\system32\drivers\tcpip.sys
2008-06-20 10:44 . 2002-08-29 02:01 138368 ----a-w- c:\windows\system32\drivers\afd.sys
2008-06-20 09:52 . 2002-08-29 01:37 225920 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2008-06-14 18:00 . 2008-07-31 19:40 272128 ------w- c:\windows\system32\drivers\bthport.sys
2008-06-08 07:37 . 2008-06-08 07:37 132904 ----a-w- c:\windows\system32\drivers\imagesrv.sys
2008-06-08 07:37 . 2008-06-08 07:37 11304 ----a-w- c:\windows\system32\drivers\imagedrv.sys
2008-06-06 12:54 . 2008-06-06 12:54 95600 ----a-w- c:\windows\system32\NeroCo.dll
2008-06-06 12:54 . 2008-06-06 12:54 972072 ----a-w- c:\windows\UNRecode.exe
2008-05-30 12:19 . 2008-07-31 19:31 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2008-05-30 12:18 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2008-05-30 12:17 . 2008-07-31 19:31 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2008-05-30 12:17 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2008-05-30 12:11 . 2008-07-31 19:31 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2008-05-30 12:11 . 2008-07-31 19:31 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2008-05-30 12:01 . 2008-07-31 19:31 80896 ----a-w- c:\windows\system32\dxdllreg.exe
2008-05-29 08:28 . 2003-01-03 04:20 28416 ----a-w- c:\windows\system32\uxtuneup.dll
2008-05-08 12:28 . 2001-10-25 14:00 202752 ----a-w- c:\windows\system32\drivers\rmcast.sys
2008-05-07 05:16 . 2008-07-31 19:31 1290240 ----a-w- c:\windows\system32\quartz.dll
2008-04-28 13:53 . 2009-05-03 08:56 805400 ----a-r- c:\windows\system32\tmp6A.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2DA.tmp
2008-04-28 13:53 . 2009-04-29 17:02 805400 ----a-r- c:\windows\system32\tmp2D9.tmp
2008-04-11 18:51 . 2008-07-31 18:16 683520 ----a-w- c:\windows\system32\inetcomm.dll
2008-03-20 08:09 . 2002-09-20 17:41 1845248 ----a-w- c:\windows\system32\win32k.sys
2008-03-05 14:03 . 2008-07-31 19:31 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2008-03-05 14:03 . 2008-07-31 19:31 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2008-03-05 14:00 . 2008-07-31 19:31 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2008-03-05 13:56 . 2008-07-31 19:31 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2008-03-05 13:56 . 2008-07-31 19:31 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2008-02-20 06:51 . 2002-09-20 18:03 282624 ----a-w- c:\windows\system32\gdi32.dll
2008-02-20 05:38 . 2001-10-25 14:00 45568 ----a-w- c:\windows\system32\dnsrslvr.dll
2008-02-05 21:07 . 2008-07-31 19:31 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2007-12-18 14:43 . 2002-09-20 18:04 417792 ----a-w- c:\windows\system32\vbscript.dll
2007-12-18 09:51 . 2001-10-25 14:00 179584 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2007-12-04 18:41 . 2002-09-20 18:04 550912 ----a-w- c:\windows\system32\oleaut32.dll
2007-11-13 10:25 . 2002-03-25 20:02 20480 ----a-w- c:\windows\system32\drivers\secdrv.sys.bak
2007-11-07 09:29 . 2002-09-20 18:04 720896 ----a-w- c:\windows\system32\lsasrv.dll
2007-10-25 07:28 . 2002-09-20 18:05 222720 ----a-w- c:\windows\system32\wmasf.dll
2007-10-22 01:39 . 2008-07-31 19:31 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2007-10-22 01:37 . 2008-07-31 19:31 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2007-10-12 13:14 . 2008-07-31 19:31 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2007-10-12 13:14 . 2008-07-31 19:31 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2007-10-02 07:56 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2007-07-31 17:58 . 2009-02-21 08:58 618496 ----a-w- c:\windows\system32\DLLAV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 98304 ----a-w- c:\windows\system32\DLLCPY32.dll
2007-07-31 17:58 . 2009-02-21 08:58 36864 ----a-w- c:\windows\system32\DLLPNT32.dll
2007-07-31 17:58 . 2009-02-21 08:58 53248 ----a-w- c:\windows\system32\DLLIO32.dll
2007-07-31 17:58 . 2009-02-21 08:58 167936 ----a-w- c:\windows\system32\DLLDEV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 151552 ----a-w- c:\windows\system32\DLLDRV32.dll
2007-07-31 17:58 . 2009-02-21 08:58 32768 ----a-w- c:\windows\system32\STRING32.dll
2007-07-31 17:58 . 2009-02-21 08:58 192512 ----a-w- c:\windows\system32\DLLRES32.dll
2007-07-19 22:57 . 2008-07-31 19:31 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2007-07-19 16:14 . 2008-07-31 19:31 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2007-07-19 16:14 . 2008-07-31 19:31 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2007-07-09 13:11 . 2002-09-20 18:04 584192 ----a-w- c:\windows\system32\rpcrt4.dll
2007-07-06 12:51 . 2002-09-20 18:04 95744 ----a-w- c:\windows\system32\mqsec.dll
2007-07-06 12:51 . 2002-09-20 18:04 489472 ----a-w- c:\windows\system32\mqutil.dll
2007-07-06 12:51 . 2002-09-20 18:04 660992 ----a-w- c:\windows\system32\mqqm.dll
.

((((((((((((((((((((((((((((( SnapShot@2003-01-01_19.36.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-01-05 05:31 . 2003-01-05 05:31 16384 c:\windows\Temp\Perflib_Perfdata_6f0.dat
+ 2003-01-05 05:09 . 2003-01-05 05:09 16384 c:\windows\Temp\Perflib_Perfdata_6ec.dat
+ 2003-01-01 23:58 . 2009-08-06 18:24 44768 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.4.7600.226\wups2.dll
+ 2003-01-01 23:58 . 2009-08-06 18:24 35552 c:\windows\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll
+ 2008-07-31 19:40 . 2009-08-06 18:24 35552 c:\windows\system32\dllcache\wups.dll
+ 2008-07-31 18:14 . 2009-08-06 18:24 53472 c:\windows\system32\dllcache\wuauclt.exe
+ 2002-09-20 18:03 . 2009-08-06 18:24 96480 c:\windows\system32\dllcache\cdm.dll
+ 2003-01-03 04:20 . 2003-01-03 04:20 355584 c:\windows\system32\TuneUpDefragService.exe
+ 2008-07-31 19:40 . 2009-08-06 18:24 209632 c:\windows\system32\dllcache\wuweb.dll
+ 2008-07-31 19:40 . 2009-08-06 18:24 327896 c:\windows\system32\dllcache\wucltui.dll
+ 2008-07-31 19:40 . 2009-08-06 18:23 575704 c:\windows\system32\dllcache\wuapi.dll
+ 2008-07-31 18:14 . 2009-08-06 18:23 1929952 c:\windows\system32\dllcache\wuaueng.dll
+ 2003-01-03 04:20 . 2003-01-03 04:20 1670144 c:\windows\Installer\4a1f79.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CM-SmWizard"="c:\windows\System\SmWizard.exe" [2003-08-29 1454080]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-03-09 86016]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]
"NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-06-19 570664]
"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-17 15360]

c:\documents and settings\jUMpeďR\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
etmin.exe [2004-10-25 40448]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-8-10 692224]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{DAE0285D-0788-4E87-985E-01DF2EDE4ACD}"= "c:\windows\system32\Wshxt.dll" [2008-08-10 53248]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UVS10 Preload"=c:\program files\Ulead Systems\Ulead VideoStudio 10\uvPL.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\TmNationsForever\\TmForever.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"=
"c:\\Program Files\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Kopie - Wolfenstein - Enemy Territory\\ET-movie.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"c:\\Program Files\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"c:\\Program Files\\QIP\\qip.exe"=

R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [31.7.2008 21:15 114768]
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [1.8.2008 17:13 141312]
R1 Winhpfile;Winhpfile;c:\bwlfjxju\HPFile.sys [10.8.2008 15:29 16601]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [31.7.2008 21:15 20560]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [30.10.2009 15:05 1021256]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe --> c:\program files\MAGIX\Common\Database\bin\fbserver.exe [?]
S3 vtany;vtany;\??\c:\windows\vtany.sys --> c:\windows\vtany.sys [?]
S3 xhunter1;xhunter1;\??\c:\windows\xhunter1.sys --> c:\windows\xhunter1.sys [?]
S4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys --> c:\windows\system32\Drivers\sptd.sys [?]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'

2003-01-05 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 08:09]

2003-01-01 c:\windows\Tasks\SpeedyPC Program Check.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-05 c:\windows\Tasks\SpeedyPC Startup.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]

2003-01-01 c:\windows\Tasks\SpeedyPC.job
- c:\program files\SpeedyPC\SpeedyPC.exe [2010-02-17 20:09]
.
.
------- Doplňkový sken -------
.
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\jUMpe´R\Data aplikací\Mozilla\Firefox\Profiles\hao1w9lo.default\
FF - prefs.js: network.proxy.type - 2

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2003-01-05 06:34
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'explorer.exe'(2592)
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\IoctlSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\documents and settings\jUMpe´R\Nabídka Start\Programy\Po spuštění\etmin.exe
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
.
**************************************************************************
.
Celkový čas: 2003-01-05 06:38:11 - počítač byl restartován
ComboFix-quarantined-files.txt 2003-01-05 05:38

Před spuštěním: Volných bajtů: 50 433 896 448
Po spuštění: Volných bajtů: 50 393 632 768

- - End Of File - - 444A64E53EF105064BBBEB1F96828E54

VIRY.CZ

100% vytížení procesoru,zavirovaný pc

100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc

Re: 100% vytížení procesoru,zavirovaný pc