Prosim o kontrolu logu

[jaro3]

Zkus se přihlásit jako správce ( administrátor). Ostatní programy Ti jdou nainstalovat?

[Reklama]

[hllava]

CCleaner ano regcleaner naistaluju,ale nesputim...a javu mi vyhodí tu hlášku "Tato instalace je zakázaná zásadadami nastavenými spravcem systému."

[Radix]

Zkus tento program:
http://www.slunecnice.cz/sw/advanced-windowscare/

[jaro3]

Zkus program, co doporučuje Radix nebo:
Stáhni si Dial-a-fix
Fix Windows Installer - Opraví problémy při instalaci programů v podobě .msi souborů nebo programů
Klikni na službu a poté na Go.

Když to nepůjde, budou tam nejspíše ještě viry..
Vypni rez. ochranu u Avastu.
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah

[hllava]

ComboFix 09-01-21.04 - standa 2009-01-31 15:23:26.1 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.3327.3025 [GMT 1:00]
Spuštěný z: c:\documents and settings\standa\Plocha\stahy\ComboFix.exe
AV: avast! antivirus 4.8.1296 [VPS 090130-0] *On-access scanning enabled* (Updated)
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -
.

((((((((((((((((((((((((( Soubory vytvořené od 2008-12-28 do 2009-01-31 )))))))))))))))))))))))))))))))
.

2009-01-31 15:13 . 2009-01-31 15:17 <DIR> d-------- c:\windows\system32\CatRoot2
2009-01-31 15:08 . 2009-01-31 15:08 <DIR> d-------- c:\program files\IObit
2009-01-31 15:08 . 2009-01-31 15:08 <DIR> d-------- c:\documents and settings\standa\Data aplikací\IObit
2009-01-31 15:02 . 2009-01-31 14:32 16,168,344 --a------ C:\jre-6u11-windows-i586-p(2).exe
2009-01-31 14:39 . 2009-01-31 14:39 <DIR> d-------- c:\program files\CCleaner
2009-01-31 14:35 . 2009-01-31 14:35 <DIR> d-------- c:\program files\RegCleaner
2009-01-31 13:28 . 2009-01-31 13:28 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Malwarebytes
2009-01-31 13:27 . 2009-01-31 13:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 13:27 . 2009-01-31 13:27 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-31 13:27 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-31 13:27 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-31 12:37 . 2009-01-31 12:37 <DIR> d-------- c:\program files\Trend Micro
2009-01-31 12:33 . 2009-01-31 12:33 <DIR> d-------- c:\program files\HD Tune
2009-01-31 11:53 . 2009-01-31 11:53 <DIR> d-------- c:\windows\LastGood
2009-01-31 11:53 . 2009-01-31 11:53 32 --a------ c:\windows\LuxeMate525.INI
2009-01-31 11:52 . 2009-01-31 11:52 <DIR> d-------- c:\program files\KYE
2009-01-31 11:52 . 2009-01-31 11:52 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\InstallShield
2009-01-31 11:52 . 2005-02-16 17:15 73,728 --a------ c:\windows\system32\ISUSPM.cpl
2009-01-31 11:52 . 2007-06-28 11:07 5,030 --a------ c:\windows\system32\SyCoinst.dll
2009-01-31 11:49 . 2009-01-31 11:49 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-31 11:49 . 2009-01-31 11:49 1,409 --a------ c:\windows\QTFont.for
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Plocha
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d--h----- c:\documents and settings\Administrator\Okolní tiskárny
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d--h----- c:\documents and settings\Administrator\Okolní síť
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Oblíbené položky
2009-01-31 11:45 . 2008-10-29 17:35 <DIR> d--h----- c:\documents and settings\Administrator\Šablony
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> dr------- c:\documents and settings\Administrator\Nabídka Start
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Dokumenty
2009-01-31 11:45 . 2009-01-31 15:03 <DIR> dr-h----- c:\documents and settings\Administrator\Data aplikací
2009-01-31 11:45 . 2009-01-31 11:45 <DIR> d-------- c:\documents and settings\Administrator
2009-01-30 21:17 . 2009-01-30 21:17 10 --a------ c:\windows\WININIT.INI
2009-01-30 21:11 . 2004-05-15 04:27 15,195 --a------ c:\windows\system32\delrad.exe
2009-01-30 21:08 . 2009-01-30 21:08 <DIR> d-------- c:\program files\MultiRes
2009-01-30 21:08 . 2009-01-30 21:08 472,576 --a------ c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2009-01-30 15:41 . 2009-01-30 15:41 132 --ah----- C:\aaw7boot.cmd
2009-01-30 14:54 . 2009-01-30 14:54 <DIR> d-------- c:\documents and settings\LocalService\Plocha
2009-01-30 14:52 . 2009-01-30 14:52 <DIR> d-------- c:\windows\LastGood.Tmp
2009-01-30 14:51 . 2009-01-30 15:55 <DIR> d-------- c:\program files\Lavasoft
2009-01-30 14:51 . 2009-01-30 15:55 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Lavasoft
2009-01-30 14:45 . 2009-01-30 14:46 <DIR> d-------- c:\program files\CSConfigurator
2009-01-29 11:31 . 2009-01-29 11:31 <DIR> d-------- C:\player
2009-01-26 14:57 . 2008-12-22 09:59 139,839 --a------ C:\mladas.jpg
2009-01-24 17:17 . 2009-01-31 01:58 <DIR> d-------- c:\program files\Steam
2009-01-18 18:54 . 2009-01-18 20:54 <DIR> d-------- C:\HHplamen
2009-01-11 21:58 . 2009-01-12 15:33 <DIR> d-------- C:\HLServer
2009-01-11 10:41 . 2009-01-11 10:44 <DIR> d-a------ c:\documents and settings\All Users\Data aplikací\TEMP
2009-01-11 10:40 . 2009-01-11 10:45 <DIR> d-------- c:\program files\Any Video Converter Professional
2009-01-11 10:40 . 2009-01-11 10:45 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Any Video Converter Professional
2009-01-10 21:45 . 2009-01-10 22:15 <DIR> d-------- c:\program files\QuickMediaConverter
2009-01-10 21:42 . 2009-01-10 21:43 <DIR> d-------- c:\program files\IVCsoft
2009-01-10 21:32 . 2009-01-10 21:36 <DIR> d-------- c:\program files\VSO
2009-01-10 21:32 . 2006-09-29 12:24 217,127 --a------ c:\windows\system32\drv43260.dll
2009-01-10 21:32 . 2006-09-29 12:25 208,935 --a------ c:\windows\system32\drv33260.dll
2009-01-10 21:32 . 2006-09-29 12:26 176,165 --a------ c:\windows\system32\drv23260.dll
2009-01-10 21:32 . 2002-12-10 02:20 102,439 --a------ c:\windows\system32\sipr3260.dll
2009-01-10 21:32 . 2007-03-18 20:37 65,602 --a------ c:\windows\system32\cook3260.dll
2009-01-10 21:31 . 2009-01-10 21:31 <DIR> d-------- c:\program files\Common Files\Download Manager
2009-01-10 13:07 . 2009-01-31 13:05 69 --a------ c:\windows\NeroDigital.ini
2009-01-10 12:16 . 2009-01-18 12:40 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Ahead
2009-01-10 12:16 . 2009-01-10 12:16 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Ahead
2009-01-10 12:15 . 2009-01-10 12:15 <DIR> d-------- c:\program files\Nero
2009-01-10 12:15 . 2009-01-10 12:16 <DIR> d-------- c:\program files\Common Files\Ahead
2009-01-10 12:15 . 2009-01-10 12:15 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Nero
2009-01-09 22:44 . 2009-01-09 22:44 <DIR> dr-h----- c:\documents and settings\standa\Data aplikací\SecuROM
2009-01-08 21:30 . 2009-01-08 21:30 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-01-08 21:28 . 2009-01-09 22:48 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-05 17:32 . 2009-01-05 17:32 <DIR> d-------- c:\program files\EA Games
2009-01-01 20:18 . 2009-01-01 20:18 <DIR> d-------- c:\program files\Hamachi
2008-12-25 11:03 . 2008-12-25 11:03 <DIR> d-------- c:\program files\Illustrate
2008-12-25 11:03 . 2008-12-25 11:03 167,936 --a------ c:\windows\system32\SpoonUninstall.exe
2008-12-25 11:03 . 2008-12-25 11:03 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP Nero Mp4 Codec.bmp
2008-12-25 11:03 . 2008-12-25 11:03 1,873 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP Nero Mp4 Codec.dat
2008-12-25 10:18 . 2008-05-27 10:41 122,152 --a------ c:\windows\system32\drivers\s0017mdm.sys
2008-12-25 10:18 . 2008-05-27 10:41 117,672 --a------ c:\windows\system32\drivers\s0017unic.sys
2008-12-25 10:18 . 2008-05-27 10:41 115,496 --a------ c:\windows\system32\drivers\s0017mgmt.sys
2008-12-25 10:18 . 2008-05-27 10:41 111,912 --a------ c:\windows\system32\drivers\s0017obex.sys
2008-12-25 10:18 . 2008-05-27 10:41 90,536 --a------ c:\windows\system32\drivers\s0017bus.sys
2008-12-25 10:18 . 2008-05-27 10:41 25,768 --a------ c:\windows\system32\drivers\s0017nd5.sys
2008-12-25 10:18 . 2008-05-27 10:41 15,016 --a------ c:\windows\system32\drivers\s0017mdfl.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017whnt.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017wh.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cmnt.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cm.sys
2008-12-25 10:18 . 2008-05-27 10:41 10,792 --a------ c:\windows\system32\drivers\s0017cr.sys
2008-12-24 23:57 . 2008-12-24 23:57 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Apple Computer
2008-12-24 22:58 . 2008-12-24 22:58 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Sony
2008-12-24 22:58 . 2008-12-24 22:58 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Sony
2008-12-24 22:53 . 2008-12-24 22:53 <DIR> d-------- c:\program files\Sony
2008-12-24 22:52 . 2008-12-24 22:52 <DIR> d-------- c:\program files\QuickTime
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\program files\Apple Software Update
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Apple Computer
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Apple
2008-12-24 22:47 . 2008-12-24 22:50 <DIR> d-------- c:\program files\Avanquest update
2008-12-24 22:47 . 2008-12-24 22:47 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\BVRP Software
2008-12-24 22:47 . 2007-12-10 14:22 110,632 --a------ c:\windows\system32\drivers\s3017mdm.sys
2008-12-24 22:47 . 2007-12-10 14:22 110,120 --a------ c:\windows\system32\drivers\s3017unic.sys
2008-12-24 22:47 . 2007-12-10 14:22 104,616 --a------ c:\windows\system32\drivers\s3017mgmt.sys
2008-12-24 22:47 . 2007-12-10 14:22 100,648 --a------ c:\windows\system32\drivers\s3017obex.sys
2008-12-24 22:47 . 2007-12-10 14:22 83,880 --a------ c:\windows\system32\drivers\s3017bus.sys
2008-12-24 22:47 . 2007-12-10 14:22 25,512 --a------ c:\windows\system32\drivers\s3017nd5.sys
2008-12-24 22:47 . 2007-12-10 14:22 15,016 --a------ c:\windows\system32\drivers\s3017mdfl.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017whnt.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017wh.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017cmnt.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017cm.sys
2008-12-24 22:47 . 2007-12-10 14:22 10,792 --a------ c:\windows\system32\drivers\s3017cr.sys
2008-12-24 22:46 . 2008-12-25 10:18 <DIR> d-------- c:\program files\Sony Ericsson
2008-12-24 22:46 . 2008-12-24 22:46 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2008-12-22 15:02 . 2009-01-30 12:31 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Hamachi
2008-12-22 15:02 . 2009-01-01 20:18 25,280 --a------ c:\windows\system32\drivers\hamachi.sys
2008-12-22 09:59 . 2009-01-24 19:47 <DIR> d-------- c:\documents and settings\standa\Data aplikací\gtk-2.0
2008-12-22 09:57 . 2008-12-22 09:57 <DIR> d-------- c:\documents and settings\standa\.thumbnails
2008-12-22 09:56 . 2008-12-22 09:56 <DIR> d-------- c:\program files\GIMP-2.0
2008-12-22 09:56 . 2009-01-24 19:48 <DIR> d-------- c:\documents and settings\standa\.gimp-2.6
2008-12-22 09:56 . 2008-12-22 09:56 <DIR> d-------- c:\documents and settings\standa\.gegl-0.0
2008-12-21 13:22 . 2009-01-29 15:45 <DIR> d-------- c:\program files\Teamspeak2_RC2
2008-12-21 13:22 . 2009-01-17 13:28 <DIR> d-------- c:\documents and settings\standa\Data aplikací\teamspeak2
2008-12-21 13:22 . 2008-12-21 13:22 34,064 --a------ c:\windows\system32\lhacm.acm
2008-12-20 17:49 . 2008-12-20 17:49 <DIR> d-------- c:\documents and settings\standa\Data aplikací\ICQ Toolbar
2008-12-12 19:24 . 2008-12-12 19:24 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Fallout3
2008-12-12 19:23 . 2008-12-12 19:23 <DIR> d-------- c:\windows\system32\xlive
2008-12-12 19:23 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\system32\D3DCompiler_33.dll
2008-12-12 19:23 . 2007-03-15 16:57 443,752 --a------ c:\windows\system32\d3dx10_33.dll
2008-12-09 16:50 . 2008-12-09 16:50 <DIR> d-------- c:\program files\Miranda IM
2008-12-09 16:50 . 2008-12-09 17:13 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Miranda

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-31 10:52 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-31 10:52 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-31 09:48 2,782,208 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-01-30 19:30 --------- d-----w c:\documents and settings\standa\Data aplikací\Skype
2009-01-30 19:29 --------- d-----w c:\documents and settings\standa\Data aplikací\skypePM
2009-01-23 16:44 183,112 ----a-w c:\windows\system32\PnkBstrB.exe
2009-01-23 16:44 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-15 14:20 --------- d-----w c:\program files\Valve
2009-01-14 21:12 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-01-13 18:03 --------- d-----w c:\program files\stanik
2009-01-10 20:36 --------- d-----w c:\documents and settings\standa\Data aplikací\Vso
2009-01-09 21:32 12,067 ----atw c:\windows\system32\SIntf16.dll
2009-01-06 17:55 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2009-01-05 18:48 --------- d-----w c:\program files\Diablo II
2008-12-12 18:24 --------- d-----w c:\program files\Bethesda Softworks
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 19:41 --------- d-----w c:\program files\QIP
2008-12-06 21:10 --------- d-----w c:\program files\GamePark
2008-12-05 20:43 --------- d-----w c:\documents and settings\standa\Data aplikací\Autodesk
2008-12-05 20:43 --------- d-----w c:\documents and settings\All Users\Data aplikací\Autodesk
2008-11-30 21:01 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-30 10:11 --------- d-----w c:\program files\Skype
2008-11-30 10:11 --------- d-----w c:\program files\Common Files\Skype
2008-11-28 18:58 --------- d-----w c:\program files\AutoCAD 2009
2008-11-28 14:18 --------- d-----w c:\program files\Common Files\Autodesk Shared
2008-11-28 14:04 --------- d-----w c:\program files\MSBuild
2008-11-28 14:02 --------- d-----w c:\program files\Reference Assemblies
2008-11-28 14:00 --------- d-----w c:\program files\Microsoft Works
2008-11-28 13:59 --------- d-----w c:\program files\Microsoft.NET
2008-11-28 13:58 --------- d-----w c:\program files\Microsoft Visual Studio 8
2008-11-28 13:50 87,608 ----a-w c:\documents and settings\standa\Data aplikací\inst.exe
2008-11-28 13:50 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-11-28 13:50 47,360 ----a-w c:\documents and settings\standa\Data aplikací\pcouffin.sys
2008-11-28 13:50 --------- d-----w c:\program files\DVDFab 5
2008-11-16 18:51 281,146 ----a-w c:\windows\Counter-Strike Source Update 13 Uninstaller.exe
2008-11-09 18:09 737,280 ----a-w c:\windows\iun6002.exe
2008-11-02 19:27 8,972 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
2008-11-02 19:27 2,378 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2008-10-31 13:29 94,208 ----a-w c:\windows\DIIUnin.exe
2008-10-31 13:29 2,829 ----a-w c:\windows\DIIUnin.pif
2008-10-30 20:50 32 ----a-w c:\documents and settings\All Users\Data aplikací\ezsid.dat
2008-10-29 19:07 6,656 ----a-w c:\windows\system32\haspvdd.dll
2008-10-28 16:41 14,303,392 ----a-w c:\windows\system32\xlive.dll
2008-10-28 16:41 13,643,936 ----a-w c:\windows\system32\xlivefnt.dll
2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:33 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Steam"="c:\program files\steam\steam.exe" [2009-01-24 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Diamondback"="c:\program files\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"LuxeMate525"="c:\program files\KYE\LUXEMATE525\LuxeMateLoader.exe" [2007-09-10 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\standa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-01-01 625952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\stanik\\gamesky\\csko\\hl.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Diablo II\\Game.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Diablo II\\Diablo II.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\HLServer\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\hlavaone\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\hlavaone\\condition zero\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [2008-10-29 13225]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-29 111184]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-10-29 93696]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2008-12-25 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2008-12-25 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2008-12-25 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2008-12-25 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2008-12-25 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2008-12-25 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2008-12-25 117672]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2008-12-24 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2008-12-24 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2008-12-24 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2008-12-24 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2008-12-24 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2008-12-24 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2008-12-24 110120]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-29 20560]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93a97461-db47-11dd-ba8e-001fc68b389d}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL system.exe
\Shell\Explore\command - E:\system.exe
\Shell\Open\command - E:\system.exe
.
Obsah adresáře 'Naplánované úlohy'

2009-01-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\standa\Data aplikací\Mozilla\Firefox\Profiles\ely1w9vv.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-31 15:23:34
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1123561945-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:40,41,41,15,56,d8,8f,9f,85,f7,3e,26,32,c2,9e,8f,dc,e6,62,b8,bc,
73,52,2b,95,92,c2,f4,8c,58,cd,3e,bc,57,37,01,5d,d6,bb,4f,be,65,b2,8c,e1,5b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(652)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-01-31 15:25:15
ComboFix-quarantined-files.txt 2009-01-31 14:25:13
ComboFix2.txt 2009-01-31 14:17:32

Před spuštěním: Volných bajtů: 433 319 837 696
Po spuštění: Volných bajtů: 433,293,852,672

308 --- E O F --- 2009-01-14 21:12:51

[hllava]

Delám to v nouzovém režimu,protože se nemohu dostat normálně do winXP a kamarad poradil,abych skusil toto,ale nefunguje to asi jsem mrhal vaším časem...promin te.

[jaro3]

Je zajímavé , že ten Combofix je v poslední době vždy REŽIM S OMEZENOU FUNKČNOSTÍ ....
Takže se do normálního režimu nedostaneš? Nebo se to týká jen Combofixu?
Potřebuji toto:
Toto otestuj na Virustotal
c:\windows\system32\SyCoinst.dll
c:\windows\WININIT.INI
c:\windows\system32\delrad.exe
C:\aaw7boot.cmd
c:\windows\iun6002.exe
Vlož sem pak odkazy výsledků.

Toto znáš: C:\HHplamen ??

[hllava]

ano znám já tu složku založil hapka a horáček strážci plamene...

http://www.virustotal.com/cs/analisis/2 ... b21ee9bb37
http://www.virustotal.com/cs/reanalisis ... b4633958c3
http://www.virustotal.com/cs/analisis/3 ... 6d69568b50
http://www.virustotal.com/cs/analisis/1 ... c3751979bd
http://www.virustotal.com/cs/reanalisis ... e9c0f8bf3e

[hllava]

A do norlmáního režimu se nedostanu...já nechci přeinstalovavat win nevim ani jak se to dělá a nechci ztratit svých 400GB,když z toho je pomalu 50GB do školy a ty už nikde neseženu...nevim co se stalo,včera večer normálně vypnul a dnes ráno nešel.

[jaro3]

Tak to nevím , jesti toto půjde v nouz. režimu:
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
C:\aaw7boot.cmd
c:\windows\iun6002.exe

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93a97461-db47-11dd-ba8e-001fc68b389d}]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

[hllava]

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29:07, on 31.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program Files\Razer\Diamondback 3G\razerhid.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LuxeMate525] C:\PROGRAM FILES\KYE\LUXEMATE525\LuxeMateLoader.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 5537 bytes
z HJT



ComboFix 09-01-21.04 - standa 2009-01-31 17:24:46.1 - NTFSx86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1250.1.1029.18.3327.2916 [GMT 1:00]
Spuštěný z: c:\documents and settings\standa\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\standa\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1296 [VPS 090130-0] *On-access scanning enabled* (Updated)
.
- REŽIM S OMEZENOU FUNKČNOSTÍ -

FILE ::
C:\aaw7boot.cmd
c:\windows\iun6002.exe
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\aaw7boot.cmd
c:\windows\iun6002.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2008-12-28 do 2009-01-31 )))))))))))))))))))))))))))))))
.

2009-01-31 15:13 . 2009-01-31 17:23 <DIR> d-------- c:\windows\system32\CatRoot2
2009-01-31 15:08 . 2009-01-31 15:08 <DIR> d-------- c:\program files\IObit
2009-01-31 15:08 . 2009-01-31 15:08 <DIR> d-------- c:\documents and settings\standa\Data aplikací\IObit
2009-01-31 15:02 . 2009-01-31 14:32 16,168,344 --a------ C:\jre-6u11-windows-i586-p(2).exe
2009-01-31 14:39 . 2009-01-31 14:39 <DIR> d-------- c:\program files\CCleaner
2009-01-31 14:35 . 2009-01-31 14:35 <DIR> d-------- c:\program files\RegCleaner
2009-01-31 13:28 . 2009-01-31 13:28 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Malwarebytes
2009-01-31 13:27 . 2009-01-31 13:27 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-31 13:27 . 2009-01-31 13:27 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2009-01-31 13:27 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-31 13:27 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-31 12:37 . 2009-01-31 12:37 <DIR> d-------- c:\program files\Trend Micro
2009-01-31 12:33 . 2009-01-31 12:33 <DIR> d-------- c:\program files\HD Tune
2009-01-31 11:53 . 2009-01-31 11:53 <DIR> d-------- c:\windows\LastGood
2009-01-31 11:53 . 2009-01-31 11:53 32 --a------ c:\windows\LuxeMate525.INI
2009-01-31 11:52 . 2009-01-31 11:52 <DIR> d-------- c:\program files\KYE
2009-01-31 11:52 . 2009-01-31 11:52 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\InstallShield
2009-01-31 11:52 . 2005-02-16 17:15 73,728 --a------ c:\windows\system32\ISUSPM.cpl
2009-01-31 11:52 . 2007-06-28 11:07 5,030 --a------ c:\windows\system32\SyCoinst.dll
2009-01-31 11:49 . 2009-01-31 17:16 54,156 --ah----- c:\windows\QTFont.qfn
2009-01-31 11:49 . 2009-01-31 11:49 1,409 --a------ c:\windows\QTFont.for
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Plocha
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d--h----- c:\documents and settings\Administrator\Okolní tiskárny
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d--h----- c:\documents and settings\Administrator\Okolní síť
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Oblíbené položky
2009-01-31 11:45 . 2008-10-29 17:35 <DIR> d--h----- c:\documents and settings\Administrator\Šablony
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> dr------- c:\documents and settings\Administrator\Nabídka Start
2009-01-31 11:45 . 2008-10-29 18:30 <DIR> d-------- c:\documents and settings\Administrator\Dokumenty
2009-01-31 11:45 . 2009-01-31 15:03 <DIR> dr-h----- c:\documents and settings\Administrator\Data aplikací
2009-01-31 11:45 . 2009-01-31 16:52 <DIR> d-------- c:\documents and settings\Administrator
2009-01-30 21:17 . 2009-01-30 21:17 10 --a------ c:\windows\WININIT.INI
2009-01-30 21:11 . 2004-05-15 04:27 15,195 --a------ c:\windows\system32\delrad.exe
2009-01-30 21:08 . 2009-01-30 21:08 <DIR> d-------- c:\program files\MultiRes
2009-01-30 21:08 . 2009-01-30 21:08 472,576 --a------ c:\windows\Radeon Omega Drivers v4.8.442 Uninstall.exe
2009-01-30 14:54 . 2009-01-30 14:54 <DIR> d-------- c:\documents and settings\LocalService\Plocha
2009-01-30 14:52 . 2009-01-30 14:52 <DIR> d-------- c:\windows\LastGood.Tmp
2009-01-30 14:51 . 2009-01-30 15:55 <DIR> d-------- c:\program files\Lavasoft
2009-01-30 14:51 . 2009-01-30 15:55 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Lavasoft
2009-01-30 14:45 . 2009-01-30 14:46 <DIR> d-------- c:\program files\CSConfigurator
2009-01-29 11:31 . 2009-01-29 11:31 <DIR> d-------- C:\player
2009-01-26 14:57 . 2008-12-22 09:59 139,839 --a------ C:\mladas.jpg
2009-01-24 17:17 . 2009-01-31 01:58 <DIR> d-------- c:\program files\Steam
2009-01-18 18:54 . 2009-01-18 20:54 <DIR> d-------- C:\HHplamen
2009-01-11 21:58 . 2009-01-12 15:33 <DIR> d-------- C:\HLServer
2009-01-11 10:41 . 2009-01-11 10:44 <DIR> d-a------ c:\documents and settings\All Users\Data aplikací\TEMP
2009-01-11 10:40 . 2009-01-11 10:45 <DIR> d-------- c:\program files\Any Video Converter Professional
2009-01-11 10:40 . 2009-01-31 16:40 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Any Video Converter Professional
2009-01-10 21:45 . 2009-01-10 22:15 <DIR> d-------- c:\program files\QuickMediaConverter
2009-01-10 21:42 . 2009-01-10 21:43 <DIR> d-------- c:\program files\IVCsoft
2009-01-10 21:32 . 2009-01-10 21:36 <DIR> d-------- c:\program files\VSO
2009-01-10 21:32 . 2006-09-29 12:24 217,127 --a------ c:\windows\system32\drv43260.dll
2009-01-10 21:32 . 2006-09-29 12:25 208,935 --a------ c:\windows\system32\drv33260.dll
2009-01-10 21:32 . 2006-09-29 12:26 176,165 --a------ c:\windows\system32\drv23260.dll
2009-01-10 21:32 . 2002-12-10 02:20 102,439 --a------ c:\windows\system32\sipr3260.dll
2009-01-10 21:32 . 2007-03-18 20:37 65,602 --a------ c:\windows\system32\cook3260.dll
2009-01-10 21:31 . 2009-01-10 21:31 <DIR> d-------- c:\program files\Common Files\Download Manager
2009-01-10 13:07 . 2009-01-31 13:05 69 --a------ c:\windows\NeroDigital.ini
2009-01-10 12:16 . 2009-01-18 12:40 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Ahead
2009-01-10 12:16 . 2009-01-10 12:16 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Ahead
2009-01-10 12:15 . 2009-01-10 12:15 <DIR> d-------- c:\program files\Nero
2009-01-10 12:15 . 2009-01-10 12:16 <DIR> d-------- c:\program files\Common Files\Ahead
2009-01-10 12:15 . 2009-01-10 12:15 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Nero
2009-01-09 22:44 . 2009-01-09 22:44 <DIR> dr-h----- c:\documents and settings\standa\Data aplikací\SecuROM
2009-01-08 21:30 . 2009-01-08 21:30 107,888 --a------ c:\windows\system32\CmdLineExt.dll
2009-01-08 21:28 . 2009-01-09 22:48 <DIR> d-------- c:\program files\Microsoft Games for Windows - LIVE
2009-01-05 17:32 . 2009-01-05 17:32 <DIR> d-------- c:\program files\EA Games
2009-01-01 20:18 . 2009-01-01 20:18 <DIR> d-------- c:\program files\Hamachi
2008-12-25 11:03 . 2008-12-25 11:03 <DIR> d-------- c:\program files\Illustrate
2008-12-25 11:03 . 2008-12-25 11:03 167,936 --a------ c:\windows\system32\SpoonUninstall.exe
2008-12-25 11:03 . 2008-12-25 11:03 27,958 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP Nero Mp4 Codec.bmp
2008-12-25 11:03 . 2008-12-25 11:03 1,873 --a------ c:\windows\system32\SpoonUninstall-dBpowerAMP Nero Mp4 Codec.dat
2008-12-25 10:18 . 2008-05-27 10:41 122,152 --a------ c:\windows\system32\drivers\s0017mdm.sys
2008-12-25 10:18 . 2008-05-27 10:41 117,672 --a------ c:\windows\system32\drivers\s0017unic.sys
2008-12-25 10:18 . 2008-05-27 10:41 115,496 --a------ c:\windows\system32\drivers\s0017mgmt.sys
2008-12-25 10:18 . 2008-05-27 10:41 111,912 --a------ c:\windows\system32\drivers\s0017obex.sys
2008-12-25 10:18 . 2008-05-27 10:41 90,536 --a------ c:\windows\system32\drivers\s0017bus.sys
2008-12-25 10:18 . 2008-05-27 10:41 25,768 --a------ c:\windows\system32\drivers\s0017nd5.sys
2008-12-25 10:18 . 2008-05-27 10:41 15,016 --a------ c:\windows\system32\drivers\s0017mdfl.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017whnt.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017wh.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cmnt.sys
2008-12-25 10:18 . 2008-05-27 10:41 12,200 --a------ c:\windows\system32\drivers\s0017cm.sys
2008-12-25 10:18 . 2008-05-27 10:41 10,792 --a------ c:\windows\system32\drivers\s0017cr.sys
2008-12-24 23:57 . 2008-12-24 23:57 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Apple Computer
2008-12-24 22:58 . 2008-12-24 22:58 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Sony
2008-12-24 22:58 . 2008-12-24 22:58 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Sony
2008-12-24 22:53 . 2008-12-24 22:53 <DIR> d-------- c:\program files\Sony
2008-12-24 22:52 . 2008-12-24 22:52 <DIR> d-------- c:\program files\QuickTime
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\program files\Apple Software Update
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Apple Computer
2008-12-24 22:51 . 2008-12-24 22:51 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Apple
2008-12-24 22:47 . 2008-12-24 22:50 <DIR> d-------- c:\program files\Avanquest update
2008-12-24 22:47 . 2008-12-24 22:47 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\BVRP Software
2008-12-24 22:47 . 2007-12-10 14:22 110,632 --a------ c:\windows\system32\drivers\s3017mdm.sys
2008-12-24 22:47 . 2007-12-10 14:22 110,120 --a------ c:\windows\system32\drivers\s3017unic.sys
2008-12-24 22:47 . 2007-12-10 14:22 104,616 --a------ c:\windows\system32\drivers\s3017mgmt.sys
2008-12-24 22:47 . 2007-12-10 14:22 100,648 --a------ c:\windows\system32\drivers\s3017obex.sys
2008-12-24 22:47 . 2007-12-10 14:22 83,880 --a------ c:\windows\system32\drivers\s3017bus.sys
2008-12-24 22:47 . 2007-12-10 14:22 25,512 --a------ c:\windows\system32\drivers\s3017nd5.sys
2008-12-24 22:47 . 2007-12-10 14:22 15,016 --a------ c:\windows\system32\drivers\s3017mdfl.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017whnt.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017wh.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017cmnt.sys
2008-12-24 22:47 . 2007-12-10 14:22 12,200 --a------ c:\windows\system32\drivers\s3017cm.sys
2008-12-24 22:47 . 2007-12-10 14:22 10,792 --a------ c:\windows\system32\drivers\s3017cr.sys
2008-12-24 22:46 . 2008-12-25 10:18 <DIR> d-------- c:\program files\Sony Ericsson
2008-12-24 22:46 . 2008-12-24 22:46 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Sony Ericsson
2008-12-22 15:02 . 2009-01-30 12:31 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Hamachi
2008-12-22 15:02 . 2009-01-01 20:18 25,280 --a------ c:\windows\system32\drivers\hamachi.sys
2008-12-22 09:59 . 2009-01-24 19:47 <DIR> d-------- c:\documents and settings\standa\Data aplikací\gtk-2.0
2008-12-22 09:57 . 2008-12-22 09:57 <DIR> d-------- c:\documents and settings\standa\.thumbnails
2008-12-22 09:56 . 2008-12-22 09:56 <DIR> d-------- c:\program files\GIMP-2.0
2008-12-22 09:56 . 2009-01-24 19:48 <DIR> d-------- c:\documents and settings\standa\.gimp-2.6
2008-12-22 09:56 . 2008-12-22 09:56 <DIR> d-------- c:\documents and settings\standa\.gegl-0.0
2008-12-21 13:22 . 2009-01-29 15:45 <DIR> d-------- c:\program files\Teamspeak2_RC2
2008-12-21 13:22 . 2009-01-17 13:28 <DIR> d-------- c:\documents and settings\standa\Data aplikací\teamspeak2
2008-12-21 13:22 . 2008-12-21 13:22 34,064 --a------ c:\windows\system32\lhacm.acm
2008-12-20 17:49 . 2008-12-20 17:49 <DIR> d-------- c:\documents and settings\standa\Data aplikací\ICQ Toolbar
2008-12-12 19:24 . 2008-12-12 19:24 <DIR> d-------- c:\documents and settings\All Users\Data aplikací\Fallout3
2008-12-12 19:23 . 2008-12-12 19:23 <DIR> d-------- c:\windows\system32\xlive
2008-12-12 19:23 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\system32\D3DCompiler_33.dll
2008-12-12 19:23 . 2007-03-15 16:57 443,752 --a------ c:\windows\system32\d3dx10_33.dll
2008-12-09 16:50 . 2008-12-09 16:50 <DIR> d-------- c:\program files\Miranda IM
2008-12-09 16:50 . 2008-12-09 17:13 <DIR> d-------- c:\documents and settings\standa\Data aplikací\Miranda
2008-12-09 15:17 . 2008-12-09 20:28 <DIR> d-------- c:\program files\QIP Infium

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-31 10:52 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-31 10:52 --------- d-----w c:\program files\Common Files\InstallShield
2009-01-31 09:48 2,782,208 ----a-w c:\windows\system32\drivers\ati2mtag.sys
2009-01-30 19:30 --------- d-----w c:\documents and settings\standa\Data aplikací\Skype
2009-01-30 19:29 --------- d-----w c:\documents and settings\standa\Data aplikací\skypePM
2009-01-23 16:44 183,112 ----a-w c:\windows\system32\PnkBstrB.exe
2009-01-23 16:44 138,184 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2009-01-15 14:20 --------- d-----w c:\program files\Valve
2009-01-14 21:12 --------- d-----w c:\documents and settings\All Users\Data aplikací\Microsoft Help
2009-01-13 18:03 --------- d-----w c:\program files\stanik
2009-01-10 20:36 --------- d-----w c:\documents and settings\standa\Data aplikací\Vso
2009-01-09 21:32 12,067 ----atw c:\windows\system32\SIntf16.dll
2009-01-06 17:55 66,872 ----a-w c:\windows\system32\PnkBstrA.exe
2009-01-05 18:48 --------- d-----w c:\program files\Diablo II
2008-12-12 18:24 --------- d-----w c:\program files\Bethesda Softworks
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 19:41 --------- d-----w c:\program files\QIP
2008-12-06 21:10 --------- d-----w c:\program files\GamePark
2008-12-05 20:43 --------- d-----w c:\documents and settings\standa\Data aplikací\Autodesk
2008-12-05 20:43 --------- d-----w c:\documents and settings\All Users\Data aplikací\Autodesk
2008-11-30 21:01 --------- d-----w c:\program files\Microsoft CAPICOM 2.1.0.2
2008-11-30 10:11 --------- d-----w c:\program files\Skype
2008-11-30 10:11 --------- d-----w c:\program files\Common Files\Skype
2008-11-28 18:58 --------- d-----w c:\program files\AutoCAD 2009
2008-11-28 14:18 --------- d-----w c:\program files\Common Files\Autodesk Shared
2008-11-28 14:04 --------- d-----w c:\program files\MSBuild
2008-11-28 14:02 --------- d-----w c:\program files\Reference Assemblies
2008-11-28 14:00 --------- d-----w c:\program files\Microsoft Works
2008-11-28 13:59 --------- d-----w c:\program files\Microsoft.NET
2008-11-28 13:58 --------- d-----w c:\program files\Microsoft Visual Studio 8
2008-11-28 13:50 87,608 ----a-w c:\documents and settings\standa\Data aplikací\inst.exe
2008-11-28 13:50 47,360 ----a-w c:\windows\system32\drivers\pcouffin.sys
2008-11-28 13:50 47,360 ----a-w c:\documents and settings\standa\Data aplikací\pcouffin.sys
2008-11-28 13:50 --------- d-----w c:\program files\DVDFab 5
2008-11-16 18:51 281,146 ----a-w c:\windows\Counter-Strike Source Update 13 Uninstaller.exe
2008-11-02 19:27 8,972 ----a-w c:\windows\pchealth\helpctr\Config\Cntstore.bin
2008-11-02 19:27 2,378 ----a-w c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2008-10-31 13:29 94,208 ----a-w c:\windows\DIIUnin.exe
2008-10-31 13:29 2,829 ----a-w c:\windows\DIIUnin.pif
2008-10-30 20:50 32 ----a-w c:\documents and settings\All Users\Data aplikací\ezsid.dat
2008-10-29 19:07 6,656 ----a-w c:\windows\system32\haspvdd.dll
2008-10-28 16:41 14,303,392 ----a-w c:\windows\system32\xlive.dll
2008-10-28 16:41 13,643,936 ----a-w c:\windows\system32\xlivefnt.dll
2008-10-23 12:42 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-10-16 20:33 826,368 ----a-w c:\windows\system32\wininet.dll
2008-10-16 13:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 13:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 13:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 13:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 13:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 13:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 13:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 13:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 13:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 13:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-10-03 10:04 247,326 ----a-w c:\windows\system32\strmdll.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Steam"="c:\program files\steam\steam.exe" [2009-01-24 1410296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2008-11-26 81000]
"Diamondback"="c:\program files\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"LuxeMate525"="c:\program files\KYE\LUXEMATE525\LuxeMateLoader.exe" [2007-09-10 45056]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\standa\Nabˇdka Start\Programy\Po spuçtŘnˇ\
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2009-01-01 625952]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codec"= l3codecp.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli scecli

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\stanik\\gamesky\\csko\\hl.exe"=
"c:\\Program Files\\Miranda IM\\miranda32.exe"=
"c:\\Program Files\\Diablo II\\Game.exe"=
"c:\\Program Files\\Sony Ericsson\\Sony Ericsson Media Manager\\MediaManager.exe"=
"c:\\Program Files\\Diablo II\\Diablo II.exe"=
"c:\\Program Files\\Valve\\hlds.exe"=
"c:\\HLServer\\hlds.exe"=
"c:\\Program Files\\Steam\\steamapps\\hlavaone\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\hlavaone\\condition zero\\hl.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2008-04-14 69120]
R3 Razerlow;Diamondback 3G USB Filter Driver;c:\windows\system32\drivers\DB3G.sys [2008-10-29 13225]
S1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-10-29 111184]
S3 ATICDSDr;ATICDSDr;\??\c:\docume~1\standa\LOCALS~1\Temp\ATICDSDr.sys --> c:\docume~1\standa\LOCALS~1\Temp\ATICDSDr.sys [?]
S3 AtiHdmiService;ATI Function Driver for HDMI Service;c:\windows\system32\drivers\AtiHdmi.sys [2008-10-29 93696]
S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2008-12-25 90536]
S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2008-12-25 15016]
S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2008-12-25 122152]
S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2008-12-25 115496]
S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2008-12-25 25768]
S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2008-12-25 111912]
S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2008-12-25 117672]
S3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\drivers\s3017bus.sys [2008-12-24 83880]
S3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\drivers\s3017mdfl.sys [2008-12-24 15016]
S3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\drivers\s3017mdm.sys [2008-12-24 110632]
S3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s3017mgmt.sys [2008-12-24 104616]
S3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\drivers\s3017nd5.sys [2008-12-24 25512]
S3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\drivers\s3017obex.sys [2008-12-24 100648]
S3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\drivers\s3017unic.sys [2008-12-24 110120]
S4 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-10-29 20560]

--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - ATICDSDR

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\Launch.exe
.
Obsah adresáře 'Naplánované úlohy'

2009-01-30 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\standa\Data aplikací\Mozilla\Firefox\Profiles\ely1w9vv.default\
FF - prefs.js: browser.startup.homepage - hxxp://seznam.cz/
FF - component: c:\program files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-31 17:24:53
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1123561945-1417001333-1004\Software\SecuROM\License information*]
"datasecu"=hex:40,41,41,15,56,d8,8f,9f,85,f7,3e,26,32,c2,9e,8f,dc,e6,62,b8,bc,
73,52,2b,95,92,c2,f4,8c,58,cd,3e,bc,57,37,01,5d,d6,bb,4f,be,65,b2,8c,e1,5b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(668)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2009-01-31 17:25:45
ComboFix-quarantined-files.txt 2009-01-31 16:25:43
ComboFix2.txt 2009-01-31 14:25:16
ComboFix3.txt 2009-01-31 14:17:32

Před spuštěním: Volných bajtů: 433 273 597 952
Po spuštění: Volných bajtů: 433,259,573,248

318 --- E O F --- 2009-01-14 21:12:51



z ComboFic

[jaro3]

Odstraň z naplánovaných úloh : Ad-Aware Update

V HJT fixni:

Kód: Vybrat vše

O3 - Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

Žádnou nákazu tam nevidím, možná je poškozen systém.
Stáhni si SREng -klikni pravým na odkaz a vyber uložit cíl...
Nebo zde:
http://www.kztechs.com/eng/download.html

- rozbal na plochu a spusť ho
- "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, ulož log na plochu a cely obsah logu zkopiruj sem.