Preventivní kontrola po lan party

Damned · Příspěvekod **Damned** » 25 črc 2009 19:51

Předtím si tam měl jako AV ESET, teď McAfee. Který tedy používáš? Kdyby byl McAfee je on-line scaner, neměl by být ve Službách.

Pokud máš tedy 2 antiviry, jeden odinstaluj.

Reklama

Mous · Příspěvekod **Mous** » 25 črc 2009 19:55

už mam jenom McaFee, Eset byl trial, a eset už jsem odinstaloval před spuštěním druhého combofixu

Damned · Příspěvekod **Damned** » 25 črc 2009 20:08

Ten Fallout a MySQL Server 5.0 máš?

Mous · Příspěvekod **Mous** » 25 črc 2009 20:18

jj, ale ten sql server pujde časem prič, nemá co na něm běžet

Damned · Příspěvekod **Damned** » 25 črc 2009 20:31

Já jen že má nějakou divnou cestu (ten Fallout) v registru a spouštěl se z archívu v tempu.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

File::
c:\windows\35C03C043F1F42C2A989A757EE691F65.TMP
c:\windows\system32\DRIVERS\epfwtdir.sys

Folder::
c:\windows\35C03C043F1F42C2A989A757EE691F65.TMP
c:\program files\ESET

Driver::
epfwtdir;epfwtdir
epfwtdir

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Mous · Příspěvekod **Mous** » 25 črc 2009 21:24

ComboFix 09-07-24.01 - Mous 25.07.2009 20:52.11.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1490 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mous\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mous\Plocha\CFScript.txt
AV: McAfee VirusScan Enterprise *On-access scanning disabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!

FILE ::
"c:\windows\35C03C043F1F42C2A989A757EE691F65.TMP"
"c:\windows\system32\DRIVERS\epfwtdir.sys"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\ESET
c:\program files\ESET\Install\advheur.nup
c:\program files\ESET\Install\archs.nup
c:\program files\ESET\Install\engine.nup
c:\program files\ESET\Install\charon.nup
c:\program files\ESET\Install\main.dll
c:\program files\ESET\Install\mainlang.dll
c:\program files\ESET\Install\mfc42.dll
c:\program files\ESET\Install\mfc42u.dll
c:\program files\ESET\Install\msvcrt.dll
c:\program files\ESET\Install\ntbasecz.nup
c:\program files\ESET\Install\ntinetcz.nup
c:\program files\ESET\Install\ntstdcz.nup
c:\program files\ESET\Install\pwscan.nup
c:\program files\ESET\Install\readme.txt
c:\program files\ESET\Install\setup.exe
c:\program files\ESET\Install\setup.xml
c:\program files\ESET\Install\utilmod.nup
c:\windows\35C03C043F1F42C2A989A757EE691F65.TMP
c:\windows\35C03C043F1F42C2A989A757EE691F65.TMP\WiseCustomCalla.dll

.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_EPFWTDIR
-------\Service_epfwtdir

((((((((((((((((((((((((( Soubory vytvořené od 2009-06-25 do 2009-07-25 )))))))))))))))))))))))))))))))
.

2009-07-25 18:47 . 2009-07-25 18:47 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2009-07-25 18:40 . 2009-07-25 18:40 -------- d-----w- c:\program files\NVIDIA Corporation
2009-07-25 15:33 . 2007-10-25 13:06 1495552 ----a-w- c:\windows\system32\epoPGPsdk.dll
2009-07-25 15:33 . 2008-05-22 18:50 72936 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-07-25 15:33 . 2008-05-22 18:50 64232 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2009-07-25 15:33 . 2008-05-22 18:50 52104 ----a-w- c:\windows\system32\drivers\mfetdik.sys
2009-07-25 15:33 . 2008-05-22 18:50 33960 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-07-25 15:33 . 2008-05-22 18:50 174952 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-07-25 15:32 . 2009-07-25 15:32 -------- d-----w- c:\program files\Common Files\McAfee
2009-07-25 14:58 . 2009-07-25 14:58 -------- d-----w- c:\program files\Common Files\Cisco Systems
2009-07-25 14:57 . 2009-07-25 15:33 -------- d-----w- c:\program files\McAfee
2009-07-25 14:22 . 2009-07-25 14:22 -------- d-----w- c:\program files\Total Uninstall 5
2009-07-25 10:20 . 2009-07-25 10:20 -------- d-----w- C:\VideoSec
2009-07-20 22:31 . 2009-07-20 22:31 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-07-20 18:18 . 2009-07-25 18:23 -------- d-----w- c:\program files\Trine
2009-07-20 16:09 . 2009-07-20 16:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-20 16:08 . 2006-10-12 08:40 716800 ----a-w- c:\windows\SysInternals Bluescreen.scr
2009-07-19 17:57 . 2009-07-19 17:58 -------- d-----w- c:\program files\TmNationsForever
2009-07-19 17:51 . 2009-07-19 17:51 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-07-18 16:57 . 2009-07-18 16:57 -------- d-----w- c:\program files\softendo.com
2009-07-16 07:55 . 2009-07-16 07:56 -------- d-----w- c:\documents and settings\Mous\.borland
2009-07-16 07:41 . 2009-07-16 07:41 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-07-16 07:41 . 2009-07-16 07:41 -------- d-----w- c:\program files\Borland
2009-07-15 08:33 . 2009-07-15 08:33 -------- d-----w- c:\program files\OpenOffice.org 3
2009-07-15 07:22 . 2009-07-15 07:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-07-14 11:34 . 2009-07-14 11:34 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-07-14 11:34 . 2009-07-14 11:34 8085504 ----a-w- c:\windows\system32\nvdispsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-07-14 11:34 . 2009-07-14 11:34 4640768 ----a-w- c:\windows\system32\nvgamesr.dll
2009-07-14 11:34 . 2009-07-14 11:34 458752 ----a-w- c:\windows\system32\nvmccssr.dll
2009-07-14 11:34 . 2009-07-14 11:34 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-07-14 11:34 . 2009-07-14 11:34 2854912 ----a-w- c:\windows\system32\nvmoblsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-07-14 11:34 . 2009-07-14 11:34 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-07-14 11:34 . 2009-07-14 11:34 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-07-14 11:34 . 2009-07-14 11:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 11:34 . 2009-07-14 11:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-07-14 11:34 . 2009-07-14 11:34 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-07-14 07:41 . 2009-07-15 07:21 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-07-11 14:41 . 2009-07-11 14:41 -------- d-----w- c:\program files\Lavalys
2009-07-11 09:50 . 2009-07-11 20:00 -------- d-sh--w- C:\Boot
2009-07-04 10:22 . 2009-07-12 17:39 -------- d-----w- c:\windows\system32\oodag
2009-07-03 10:42 . 2009-07-03 10:42 -------- d-----w- c:\program files\OO Software
2009-06-29 15:22 . 2009-07-16 20:33 -------- d-----w- c:\program files\Gish
2009-06-29 12:58 . 2009-07-16 20:00 -------- d-----w- c:\program files\Bridge Building Game
2009-06-29 03:19 . 2009-06-29 03:19 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-06-28 16:27 . 2009-06-28 16:27 217664 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-06-28 16:27 . 2009-06-28 16:27 -------- d-----w- c:\program files\TrueCrypt
2009-06-28 16:14 . 2009-07-16 20:01 -------- d-----w- c:\program files\Hurrican
2009-06-28 15:22 . 2008-04-26 14:14 42672 ------w- c:\windows\system32\wbsys.dll
2009-06-28 15:19 . 2009-07-23 16:30 -------- d-----w- c:\program files\Samurize

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-25 19:09 . 2008-08-27 17:46 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2009-07-25 18:46 . 2007-09-10 15:46 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-25 14:30 . 2007-10-19 17:52 -------- d-----w- c:\program files\ElcomSoft
2009-07-25 14:25 . 2007-06-03 17:54 -------- d-----w- c:\program files\ASUS
2009-07-25 14:25 . 2007-06-03 17:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-25 12:58 . 2009-04-06 18:49 179792 ----a-w- c:\windows\system32\guard32.dll
2009-07-25 12:58 . 2009-04-06 18:49 132040 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-07-25 12:46 . 2009-01-06 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-22 20:26 . 2009-04-24 17:16 -------- d-----w- c:\program files\Pando Networks
2009-07-21 19:33 . 2005-02-27 19:02 -------- d-----w- c:\program files\Steam
2009-07-18 15:33 . 2008-06-07 10:14 -------- d-----w- c:\program files\Warcraft III
2009-07-18 11:29 . 2007-12-12 18:36 -------- d-----w- c:\program files\Ubisoft
2009-07-16 18:23 . 2007-11-25 19:02 22328 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-16 18:23 . 2007-11-25 19:01 103736 -c--a-w- c:\windows\system32\PnkBstrB.exe
2009-07-15 17:05 . 2007-08-30 18:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-07-14 18:54 . 2009-04-30 20:02 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-07-14 18:54 . 2009-04-30 20:02 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-07-14 18:54 . 2009-03-27 08:03 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-07-14 18:54 . 2007-12-05 00:41 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-07-14 18:54 . 2007-06-28 22:43 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-07-14 18:54 . 2007-06-03 17:53 485920 -c--a-w- c:\windows\system32\nvudisp.exe
2009-07-14 18:54 . 2005-02-23 23:32 7741664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-07-14 18:54 . 2005-02-23 23:32 5842816 ----a-w- c:\windows\system32\nv4_disp.dll
2009-07-14 18:54 . 2005-02-23 23:32 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-07-14 18:54 . 2005-02-23 23:32 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-07-14 18:54 . 2005-02-23 23:32 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-07-13 11:36 . 2009-01-06 14:08 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 11:36 . 2009-01-06 14:08 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 06:59 . 2007-06-30 10:07 -------- d-----w- c:\program files\Electronic Arts
2009-07-11 14:49 . 2009-06-01 16:20 -------- d-----w- c:\program files\Garena
2009-07-11 09:18 . 2009-04-15 20:13 -------- d-----w- c:\program files\BestGameEver
2009-07-10 17:35 . 2001-10-25 12:00 79040 ----a-w- c:\windows\system32\perfc005.dat
2009-07-10 17:35 . 2001-10-25 12:00 431998 ----a-w- c:\windows\system32\perfh005.dat
2009-07-10 05:01 . 2007-08-04 09:23 485920 -c--a-w- c:\windows\system32\NVUNINST.EXE
2009-07-06 10:52 . 2007-06-30 09:54 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-05 19:06 . 2007-10-20 15:24 -------- d-----w- c:\program files\Free Download Manager
2009-07-04 09:04 . 2009-04-06 18:49 86976 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-07-04 09:04 . 2009-04-06 18:49 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-07-01 18:09 . 2008-04-21 12:24 -------- d-----w- c:\program files\Kopie - WoW
2009-06-28 15:22 . 2008-04-04 15:31 -------- d-----w- c:\program files\Stardock
2009-06-28 15:19 . 2007-06-06 12:31 -------- d-----w- c:\program files\iTunes
2009-06-17 13:59 . 2009-06-17 13:58 -------- d-----w- c:\program files\Microsoft
2009-06-17 13:59 . 2009-06-17 13:57 -------- d-----w- c:\program files\Windows Live
2009-06-17 13:57 . 2009-06-17 13:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-17 13:51 . 2009-06-17 13:51 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-16 14:40 . 2004-08-17 14:49 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2001-10-25 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-13 13:05 . 2009-06-13 13:05 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-13 13:05 . 2008-11-12 14:01 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-13 13:00 . 2009-06-13 13:00 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-13 12:48 . 2008-11-12 14:01 -------- d-----w- c:\program files\Nokia
2009-06-13 09:29 . 2007-06-04 12:33 -------- d-----w- c:\program files\Activision
2009-06-11 14:30 . 2008-03-23 15:53 -------- d-----w- c:\program files\ICQ6 cz
2009-06-03 19:11 . 2004-08-17 14:49 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-06-01 17:24 . 2008-06-22 18:56 106200 -c--a-w- c:\windows\War3Unin.dat
2009-05-30 19:45 . 2007-06-30 10:01 -------- d-----w- c:\program files\Alcohol Soft
2009-05-29 17:59 . 2008-01-09 18:29 -------- d-----w- c:\program files\Guild Wars
2009-05-13 05:05 . 2004-08-17 14:49 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-11 15:54 . 2007-07-11 08:45 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-07 15:33 . 2004-08-17 14:49 346624 ----a-w- c:\windows\system32\localspl.dll
2009-06-24 14:12 . 2008-09-08 15:08 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-07-25_17.23.50 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-25 19:04 . 2009-07-25 19:04 16384 c:\windows\temp\Perflib_Perfdata_160.dat
- 2009-04-30 22:30 . 2009-04-30 22:30 81920 c:\windows\system32\nvwddi.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 81920 c:\windows\system32\nvwddi.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 663552 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvcuvid.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 143360 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvcod.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 806912 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvapi.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 122880 c:\windows\system32\nvrszht.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 122880 c:\windows\system32\nvrszht.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 229376 c:\windows\system32\nvrszhc.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 229376 c:\windows\system32\nvrszhc.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrstr.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrstr.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrsth.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrsth.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrssv.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrssv.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 258048 c:\windows\system32\nvrssl.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 258048 c:\windows\system32\nvrssl.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 258048 c:\windows\system32\nvrssk.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 258048 c:\windows\system32\nvrssk.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 266240 c:\windows\system32\nvrsru.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 266240 c:\windows\system32\nvrsru.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 266240 c:\windows\system32\nvrsptb.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 266240 c:\windows\system32\nvrsptb.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 270336 c:\windows\system32\nvrspt.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 270336 c:\windows\system32\nvrspt.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrspl.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrspl.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrsno.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrsno.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 274432 c:\windows\system32\nvrsnl.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 274432 c:\windows\system32\nvrsnl.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 262144 c:\windows\system32\nvrsko.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 262144 c:\windows\system32\nvrsko.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 270336 c:\windows\system32\nvrsja.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 270336 c:\windows\system32\nvrsja.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 278528 c:\windows\system32\nvrsit.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 278528 c:\windows\system32\nvrsit.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 258048 c:\windows\system32\nvrshu.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 258048 c:\windows\system32\nvrshu.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 331776 c:\windows\system32\nvrshe.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 331776 c:\windows\system32\nvrshe.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 282624 c:\windows\system32\nvrsfr.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 282624 c:\windows\system32\nvrsfr.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 249856 c:\windows\system32\nvrsfi.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 249856 c:\windows\system32\nvrsfi.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 274432 c:\windows\system32\nvrsesm.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 274432 c:\windows\system32\nvrsesm.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 282624 c:\windows\system32\nvrses.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 282624 c:\windows\system32\nvrses.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 245760 c:\windows\system32\nvrseng.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 245760 c:\windows\system32\nvrseng.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 282624 c:\windows\system32\nvrsel.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 282624 c:\windows\system32\nvrsel.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 278528 c:\windows\system32\nvrsde.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 278528 c:\windows\system32\nvrsde.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 253952 c:\windows\system32\nvrsda.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 253952 c:\windows\system32\nvrsda.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 245760 c:\windows\system32\nvrscs.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 245760 c:\windows\system32\nvrscs.dll
- 2009-04-30 22:30 . 2009-04-30 22:30 331776 c:\windows\system32\nvrsar.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 331776 c:\windows\system32\nvrsar.dll
+ 2009-07-25 18:47 . 2009-07-25 18:48 200704 c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP\WiseCustomCalla.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 9994240 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvoglnt.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 1579630 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvdata.bin
+ 2009-07-25 18:39 . 2009-04-30 20:02 1314816 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvcuvenc.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 1720320 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nvcuda.dll
+ 2009-07-25 18:39 . 2009-04-30 20:02 8055584 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nv4_mini.sys
+ 2009-07-25 18:39 . 2009-04-30 20:02 5896320 c:\windows\system32\ReinstallBackups\0002\DriverFiles\nv4_disp.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 3674112 c:\windows\system32\nvwssr.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 3170304 c:\windows\system32\nvwss.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 4616192 c:\windows\system32\nvvitvsr.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 4026368 c:\windows\system32\nvvitvs.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 2505248 c:\windows\system32\nvcpluir.dll
+ 2009-07-14 11:35 . 2009-07-14 11:35 2173472 c:\windows\system32\nvcplui.exe
+ 2005-02-23 23:32 . 2009-07-14 18:54 7741664 c:\windows\system32\dllcache\nv4_mini.sys
+ 2009-07-25 18:39 . 2009-04-30 20:02 20878144 c:\windows\system32\ReinstallBackups\0002\DriverFiles\NvCplSetupEng.exe
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2008-02-27 26624]
"Google Update"="c:\documents and settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-10-23 133104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"UFDtoGOLaunch"="c:\documents and settings\Mous\Data aplikací\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe" [2008-11-13 172032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"mspwr"="c:\windows\system32\PuXpMan2.exe" [2005-09-29 110592]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\cfp.exe" [2009-07-04 1793808]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-02-25 2553088]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-07-13 414992]
"COMODO Internet Security"="c:\program files\Comodo\Firewall\cfp.exe" [2009-07-04 1793808]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-05-22 111952]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-05-17 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mous\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Client Default.lnk - c:\program files\Samurize\Client.exe [2007-4-7 2010624]
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2007-8-27 624416]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-4-4 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-09-17 06:05 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0crcnat.exe\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Avant Browser\\avant.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\STRONG+\\StrongDC.exe"=
"c:\\Program Files\\STRONG (Mous)\\StrongDC.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Program Files\\Doom 3\\Doom3.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"=
"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\ProxyShell\\ProxyShell Hide IP\\proxyshell.exe"=
"c:\\Documents and Settings\\Mous\\cgq.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=
"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=
"c:\\Program Files\\ICQ6 cz\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\XBlades\\xblades.exe"=
"c:\\Program Files\\XBlades\\launcher.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:UDP"= 80:UDP:127.0.0.1
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3306:TCP"= 3306:TCP:MySQL Server
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"57927:TCP"= 57927:TCP:Pando Media Booster
"57927:UDP"= 57927:UDP:Pando Media Booster

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [6.4.2009 20:49 132040]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [6.4.2009 20:49 25160]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1.2.2008 17:24 41456]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.1.2009 16:08 211216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.1.2009 16:08 19096]
R3 ncfvsbus;NCF Virtual Serial Bus Enumerator;c:\windows\system32\drivers\ncfvsbus.sys [3.9.2008 14:59 25088]
S2 gupdate1c9861fd4020982;Google Update Service (gupdate1c9861fd4020982);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2009 18:52 133104]
S2 sfrem02;FrontLine Drivers Auto Removal (v2);c:\windows\system32\sfrem02.exe svc --> c:\windows\system32\sfrem02.exe svc [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.6.2009 14:49 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [13.6.2009 14:49 8320]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\DRIVERS\wlanNDS.sys --> c:\windows\system32\DRIVERS\wlanNDS.sys [?]
S4 FAH@C:+Program Files+Fallout 3+FAH.exe;FAH@C:+Program Files+Fallout 3+FAH.exe;c:\program files\Fallout 3\FAH.exe -svcstart --> c:\program files\Fallout 3\FAH.exe -svcstart [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-07-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 15:02]

2009-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 16:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tiscali.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - c:\program files\Free Download Manager\FUM\fumiebtn.dll
FF - ProfilePath - c:\documents and settings\Mous\Data aplikací\Mozilla\Firefox\Profiles\q5s4rbic.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.tiscali.cz/home/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-25 21:07
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
"ServiceDll"="c:\windows\system32\es.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FAH@C:+Program Files+Fallout 3+FAH.exe]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="4EA62B2D878693E4F513F19ADFD2E508F3D636C5ED10C9A0A48B9895A3DE6CF0D97D6E5F7E5274E72A3F061E5B6E85864C11F9FA5DF3DF0B049111A265FA88F427C7B47417E385D627F1EEF3F00EA1F2AFAD8217EFE8D2ACD76A06D9CB4E9BCDDCAF1DA9B5B0860E7431371FB414357E29B063020CDEF4AE4937B2272C746E36E415AC9240215E805EB84AF640D5DC6F05D3927A19B83DC9474E384D617CF37EEF894A16A39115B174F8F9292F9DDB9FD303EB8F854D454F833898624A6B3E0B70FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D14078EDD5E5BE2F6E667A2D97226D213B555A24F91909D8D9D9F55DBFCAC951FE42D02B1AD1AFD43171DFB65D01FA0CCAD344FA4D31613F6F199FB1B356857157F5375E7B513424611D1F8184D3C3A46259133C2F1DAC344E84A3224356DE0CE00A92BD2253EB9D00E278F840C3E99941D5DF15B7665BCE6C879B74F0931EC3AC23DA118ADA36C69200C1BB707DB35F7FD8464073D4002F6EDB583DD95AFAB66B7DC0B4057CD59B7EB2D2A238953F752C03797BEF77789AEC5D140730EE7C00863994FB6FB4E6F0A2A02811CB2E3BEA7F36DCAE02B1DBFEE55644816FC5BC5745ECD084CCA37944FA840185C76D35CA2B95DF4302E4703B734C5AF33409145A9559283374621A21EC86499801D6B959149863BD22F10A5328B163C97899540460847458D452865AD8030660B43F526E56B28FCD3301470279CB565795E73A990C98F03CBF26A1E5D58A690E0D6C5BBB600C749A102751D083A4CD96E1A416A6D045227D3CD0C822C6C8F604B9B2E76BB77AFE40DD1DADA66CAC2FA71E793DE6BB23A5069A836BABEEFF750F7AB09EE55D9EC49CD1AEBCDF74A485FE34B0655386637D1B42A91645FA82F12F8EFB12E03C0CE227DABD60A1A48CECE0819B69329C3FBB1424D51117A6CC987C12A8A31EC59EC4F9CAB4E9E4AE70CC7057C4851358180AA0260A543A02C20C72E6DF66BDBE71EE60B138787ABDFFAFB66F1E0B979EDFE2B4987C9F786E7CD20F8225F433C4181B090AEBB39057B584F1C4CAC6D35E7F655CFB776980634330FC583B090235076A8D71E2999419AA75DF8B05880CBE3ABFEB1BC6D081BBAF5C799A05DA34493A3806DD811066F30ADF3B598987B46E9A3B470B5701BE6B97B33DBDD56BCF91C729BC5A439C9434476926B51A3D94F972BB36F93471AAF81716BDCF49893C2120E13B69FEB2B12714EEF9AFEB20BB79BCF6F7820BF43DB76C8BF4C6D9D50BF2EE8B3F9BA75E0D6E5C9F428150573723C668CB5F2A6477994B3B4402B6613B63F397CAEB9A793B267BB4058DDDEEB984F05673AFCD2CABA662C81B160F8EB932875A4D6375AE5654B4022D9F7053F65C1"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

- - - - - - - > 'explorer.exe'(344)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Comodo\Firewall\cmdagent.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\windows\ATKKBService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\McAfee\Common Framework\FrameworkService.exe
c:\program files\McAfee\VirusScan Enterprise\mcshield.exe
c:\program files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
c:\program files\McAfee\VirusScan Enterprise\vstskmgr.exe
c:\program files\McAfee\Common Framework\naPrdMgr.exe
c:\windows\system32\oodag.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
c:\windows\system32\rundll32.exe
c:\program files\McAfee\Common Framework\Mctray.exe
c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
.
**************************************************************************
.
Celkový čas: 2009-07-25 21:14 - počítač byl restartován
ComboFix-quarantined-files.txt 2009-07-25 19:14
ComboFix2.txt 2009-07-25 17:26

Před spuštěním: Volných bajtů: 13 539 082 240
Po spuštění: Volných bajtů: 13 468 073 984

529 --- E O F --- 2009-07-20 22:32

Mous · Příspěvekod **Mous** » 25 črc 2009 21:25

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:25:14, on 25.7.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\windows\system32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\windows\system32\svchost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\windows\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
C:\WINDOWS\system32\PuXpMan2.exe
C:\Program Files\Notebook Hardware Control\nhc.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\Comodo\Firewall\cfp.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\system32\ctfmon.exe
C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Documents and Settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Documents and Settings\Mous\Data aplikací\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe
C:\Program Files\Samurize\Client.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\windows\explorer.exe
C:\Documents and Settings\Mous\Plocha\přídavky\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://127.0.0.1:9000/proxy.pac
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
O4 - HKLM\..\Run: [mspwr] C:\WINDOWS\system32\PuXpMan2.exe
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\Comodo\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [OEXPRESS] C:\Documents and Settings\All Users\Data aplikací\LangSoft\OETRN.EXE
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [UFDtoGOLaunch] C:\Documents and Settings\Mous\Data aplikací\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Documents and Settings\All Users\Data aplikací\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6 cz\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6 cz\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - C:\Program Files\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftup ... 0937853578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0937802765
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Google Update Service (gupdate1c9861fd4020982) (gupdate1c9861fd4020982) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:\windows\system32\sfrem02.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: USBest Service Zero (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE (file missing)

--
End of file - 13875 bytes

Damned · Příspěvekod **Damned** » 25 črc 2009 21:40

Log z HJT je v pořádku.
Ale ještě jedno složka.

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený zeleně:

Folder::
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Mous · Příspěvekod **Mous** » 25 črc 2009 22:19

ComboFix 09-07-24.01 - Mous 25.07.2009 22:07.12.1 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1473 [GMT 2:00]
Spuštěný z: c:\documents and settings\Mous\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Mous\Plocha\CFScript.txt
AV: McAfee VirusScan Enterprise *On-access scanning enabled* (Updated) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.

((((((((((((((((((((((((( Soubory vytvořené od 2009-06-25 do 2009-07-25 )))))))))))))))))))))))))))))))
.

2009-07-25 19:28 . 2009-07-25 19:29 -------- d-----w- c:\windows\LastGood
2009-07-25 18:40 . 2009-07-25 18:40 -------- d-----w- c:\program files\NVIDIA Corporation
2009-07-25 15:33 . 2007-10-25 13:06 1495552 ----a-w- c:\windows\system32\epoPGPsdk.dll
2009-07-25 15:33 . 2008-05-22 18:50 72936 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-07-25 15:33 . 2008-05-22 18:50 64232 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2009-07-25 15:33 . 2008-05-22 18:50 52104 ----a-w- c:\windows\system32\drivers\mfetdik.sys
2009-07-25 15:33 . 2008-05-22 18:50 33960 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-07-25 15:33 . 2008-05-22 18:50 174952 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2009-07-25 15:32 . 2009-07-25 15:32 -------- d-----w- c:\program files\Common Files\McAfee
2009-07-25 14:58 . 2009-07-25 14:58 -------- d-----w- c:\program files\Common Files\Cisco Systems
2009-07-25 14:57 . 2009-07-25 15:33 -------- d-----w- c:\program files\McAfee
2009-07-25 14:22 . 2009-07-25 14:22 -------- d-----w- c:\program files\Total Uninstall 5
2009-07-25 10:20 . 2009-07-25 10:20 -------- d-----w- C:\VideoSec
2009-07-20 22:31 . 2009-07-20 22:31 -------- d-sh--w- c:\documents and settings\Default User\IETldCache
2009-07-20 18:18 . 2009-07-25 18:23 -------- d-----w- c:\program files\Trine
2009-07-20 16:09 . 2009-07-20 16:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-20 16:08 . 2006-10-12 08:40 716800 ----a-w- c:\windows\SysInternals Bluescreen.scr
2009-07-19 17:57 . 2009-07-19 17:58 -------- d-----w- c:\program files\TmNationsForever
2009-07-19 17:51 . 2009-07-19 17:51 -------- d-----w- c:\program files\DAMN NFO Viewer
2009-07-18 16:57 . 2009-07-18 16:57 -------- d-----w- c:\program files\softendo.com
2009-07-16 07:55 . 2009-07-16 07:56 -------- d-----w- c:\documents and settings\Mous\.borland
2009-07-16 07:41 . 2009-07-16 07:41 -------- d-----w- c:\program files\Common Files\Borland Shared
2009-07-16 07:41 . 2009-07-16 07:41 -------- d-----w- c:\program files\Borland
2009-07-15 08:33 . 2009-07-15 08:33 -------- d-----w- c:\program files\OpenOffice.org 3
2009-07-15 07:22 . 2009-07-15 07:22 -------- d-----w- c:\program files\DAEMON Tools Lite
2009-07-14 11:34 . 2009-07-14 11:34 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-07-14 11:34 . 2009-07-14 11:34 8085504 ----a-w- c:\windows\system32\nvdispsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-07-14 11:34 . 2009-07-14 11:34 4640768 ----a-w- c:\windows\system32\nvgamesr.dll
2009-07-14 11:34 . 2009-07-14 11:34 458752 ----a-w- c:\windows\system32\nvmccssr.dll
2009-07-14 11:34 . 2009-07-14 11:34 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-07-14 11:34 . 2009-07-14 11:34 2854912 ----a-w- c:\windows\system32\nvmoblsr.dll
2009-07-14 11:34 . 2009-07-14 11:34 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-07-14 11:34 . 2009-07-14 11:34 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-07-14 11:34 . 2009-07-14 11:34 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-07-14 11:34 . 2009-07-14 11:34 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-07-14 11:34 . 2009-07-14 11:34 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-07-14 11:34 . 2009-07-14 11:34 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-07-14 07:41 . 2009-07-15 07:21 -------- d-----w- c:\program files\DAEMON Tools Pro
2009-07-11 14:41 . 2009-07-11 14:41 -------- d-----w- c:\program files\Lavalys
2009-07-11 09:50 . 2009-07-11 20:00 -------- d-sh--w- C:\Boot
2009-07-04 10:22 . 2009-07-12 17:39 -------- d-----w- c:\windows\system32\oodag
2009-07-03 10:42 . 2009-07-03 10:42 -------- d-----w- c:\program files\OO Software
2009-06-29 15:22 . 2009-07-16 20:33 -------- d-----w- c:\program files\Gish
2009-06-29 12:58 . 2009-07-16 20:00 -------- d-----w- c:\program files\Bridge Building Game
2009-06-29 03:19 . 2009-06-29 03:19 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-06-28 16:27 . 2009-06-28 16:27 217664 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2009-06-28 16:27 . 2009-06-28 16:27 -------- d-----w- c:\program files\TrueCrypt
2009-06-28 16:14 . 2009-07-16 20:01 -------- d-----w- c:\program files\Hurrican
2009-06-28 15:22 . 2008-04-26 14:14 42672 ------w- c:\windows\system32\wbsys.dll
2009-06-28 15:19 . 2009-07-23 16:30 -------- d-----w- c:\program files\Samurize

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-25 19:57 . 2007-09-10 15:46 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-25 19:09 . 2008-08-27 17:46 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys
2009-07-25 14:30 . 2007-10-19 17:52 -------- d-----w- c:\program files\ElcomSoft
2009-07-25 14:25 . 2007-06-03 17:54 -------- d-----w- c:\program files\ASUS
2009-07-25 14:25 . 2007-06-03 17:53 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-25 12:58 . 2009-04-06 18:49 179792 ----a-w- c:\windows\system32\guard32.dll
2009-07-25 12:58 . 2009-04-06 18:49 132040 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-07-25 12:46 . 2009-01-06 14:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-22 20:26 . 2009-04-24 17:16 -------- d-----w- c:\program files\Pando Networks
2009-07-21 19:33 . 2005-02-27 19:02 -------- d-----w- c:\program files\Steam
2009-07-18 15:33 . 2008-06-07 10:14 -------- d-----w- c:\program files\Warcraft III
2009-07-18 11:29 . 2007-12-12 18:36 -------- d-----w- c:\program files\Ubisoft
2009-07-16 18:23 . 2007-11-25 19:02 22328 -c--a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-07-16 18:23 . 2007-11-25 19:01 103736 -c--a-w- c:\windows\system32\PnkBstrB.exe
2009-07-15 17:05 . 2007-08-30 18:57 -------- d-----w- c:\program files\Teamspeak2_RC2
2009-07-14 18:54 . 2009-04-30 20:02 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-07-14 18:54 . 2009-04-30 20:02 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-07-14 18:54 . 2009-03-27 08:03 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-07-14 18:54 . 2007-12-05 00:41 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-07-14 18:54 . 2007-06-28 22:43 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-07-14 18:54 . 2007-06-03 17:53 485920 -c--a-w- c:\windows\system32\nvudisp.exe
2009-07-14 18:54 . 2005-02-23 23:32 7741664 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-07-14 18:54 . 2005-02-23 23:32 5842816 ----a-w- c:\windows\system32\nv4_disp.dll
2009-07-14 18:54 . 2005-02-23 23:32 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-07-14 18:54 . 2005-02-23 23:32 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-07-14 18:54 . 2005-02-23 23:32 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-07-13 11:36 . 2009-01-06 14:08 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-13 11:36 . 2009-01-06 14:08 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-13 06:59 . 2007-06-30 10:07 -------- d-----w- c:\program files\Electronic Arts
2009-07-11 14:49 . 2009-06-01 16:20 -------- d-----w- c:\program files\Garena
2009-07-11 09:18 . 2009-04-15 20:13 -------- d-----w- c:\program files\BestGameEver
2009-07-10 17:35 . 2001-10-25 12:00 79040 ----a-w- c:\windows\system32\perfc005.dat
2009-07-10 17:35 . 2001-10-25 12:00 431998 ----a-w- c:\windows\system32\perfh005.dat
2009-07-10 05:01 . 2007-08-04 09:23 485920 -c--a-w- c:\windows\system32\NVUNINST.EXE
2009-07-06 10:52 . 2007-06-30 09:54 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-05 19:06 . 2007-10-20 15:24 -------- d-----w- c:\program files\Free Download Manager
2009-07-04 09:04 . 2009-04-06 18:49 86976 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-07-04 09:04 . 2009-04-06 18:49 25160 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-07-01 18:09 . 2008-04-21 12:24 -------- d-----w- c:\program files\Kopie - WoW
2009-06-28 15:22 . 2008-04-04 15:31 -------- d-----w- c:\program files\Stardock
2009-06-28 15:19 . 2007-06-06 12:31 -------- d-----w- c:\program files\iTunes
2009-06-17 13:59 . 2009-06-17 13:58 -------- d-----w- c:\program files\Microsoft
2009-06-17 13:59 . 2009-06-17 13:57 -------- d-----w- c:\program files\Windows Live
2009-06-17 13:57 . 2009-06-17 13:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-17 13:51 . 2009-06-17 13:51 -------- d-----w- c:\program files\Common Files\Windows Live
2009-06-16 14:40 . 2004-08-17 14:49 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-16 14:40 . 2001-10-25 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-13 13:05 . 2009-06-13 13:05 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-13 13:05 . 2008-11-12 14:01 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-13 13:00 . 2009-06-13 13:00 -------- d-----w- c:\program files\PC Connectivity Solution
2009-06-13 12:48 . 2008-11-12 14:01 -------- d-----w- c:\program files\Nokia
2009-06-13 09:29 . 2007-06-04 12:33 -------- d-----w- c:\program files\Activision
2009-06-11 14:30 . 2008-03-23 15:53 -------- d-----w- c:\program files\ICQ6 cz
2009-06-03 19:11 . 2004-08-17 14:49 1293824 ----a-w- c:\windows\system32\quartz.dll
2009-06-01 17:24 . 2008-06-22 18:56 106200 -c--a-w- c:\windows\War3Unin.dat
2009-05-30 19:45 . 2007-06-30 10:01 -------- d-----w- c:\program files\Alcohol Soft
2009-05-29 17:59 . 2008-01-09 18:29 -------- d-----w- c:\program files\Guild Wars
2009-05-13 05:05 . 2004-08-17 14:49 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-11 15:54 . 2007-07-11 08:45 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2009-05-07 15:33 . 2004-08-17 14:49 346624 ----a-w- c:\windows\system32\localspl.dll
2009-06-24 14:12 . 2008-09-08 15:08 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((( SnapShot_2009-07-25_19.07.15 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-25 19:28 . 2009-07-14 18:54 151552 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcod.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 868352 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvapi.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 151552 c:\windows\LastGood\system32\nvcodins.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 151552 c:\windows\LastGood\system32\nvcod.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 868352 c:\windows\LastGood\system32\nvapi.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 1597690 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvdata.bin
+ 2009-07-25 19:28 . 2009-07-14 18:54 2189856 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcuvid.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 1706528 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcuvenc.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 2002944 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvcuda.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 7741664 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_mini.sys
+ 2009-07-25 19:28 . 2009-07-14 18:54 5842816 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nv4_disp.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 1597690 c:\windows\LastGood\system32\nvdata.bin
+ 2009-07-25 19:29 . 2009-07-14 18:54 2189856 c:\windows\LastGood\system32\nvcuvid.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 1706528 c:\windows\LastGood\system32\nvcuvenc.dll
+ 2009-07-25 19:29 . 2009-07-14 18:54 2002944 c:\windows\LastGood\system32\nvcuda.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 5842816 c:\windows\LastGood\system32\nv4_disp.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 7741664 c:\windows\LastGood\system32\DRIVERS\nv4_mini.sys
+ 2009-07-25 19:56 . 2009-07-25 19:56 1500160 c:\windows\Installer\18146d.msi
+ 2009-07-25 19:28 . 2009-07-14 18:54 10457088 c:\windows\system32\ReinstallBackups\0004\DriverFiles\nvoglnt.dll
+ 2009-07-25 19:28 . 2009-07-14 18:54 44229952 c:\windows\system32\ReinstallBackups\0004\DriverFiles\NvCplSetupInt.exe
+ 2009-07-25 19:29 . 2009-07-14 18:54 10457088 c:\windows\LastGood\system32\nvoglnt.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2008-01-16 15:52 80384 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
"OEXPRESS"="c:\documents and settings\All Users\Data aplikací\LangSoft\OETRN.EXE" [2008-02-27 26624]
"Google Update"="c:\documents and settings\Mous\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" [2008-10-23 133104]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"UFDtoGOLaunch"="c:\documents and settings\Mous\Data aplikací\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe" [2008-11-13 172032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2008-03-20 83240]
"mspwr"="c:\windows\system32\PuXpMan2.exe" [2005-09-29 110592]
"NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632]
"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\cfp.exe" [2009-07-04 1793808]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2009-02-25 2553088]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-07-13 414992]
"COMODO Internet Security"="c:\program files\Comodo\Firewall\cfp.exe" [2009-07-04 1793808]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2008-05-22 111952]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\UdaterUI.exe" [2007-10-25 136512]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-05-17 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Mous\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Client Default.lnk - c:\program files\Samurize\Client.exe [2007-4-7 2010624]
hamachi.lnk - c:\program files\Hamachi\hamachi.exe [2007-8-27 624416]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDock\ObjectDock.exe [2008-4-4 3450608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2008-09-17 06:05 210168 ----a-w- c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0crcnat.exe\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Avant Browser\\avant.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\STRONG+\\StrongDC.exe"=
"c:\\Program Files\\STRONG (Mous)\\StrongDC.exe"=
"c:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"c:\\Program Files\\Doom 3\\Doom3.exe"=
"c:\\Program Files\\Activision\\Call of Duty 2\\CoD2MP_s.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Call of Duty\\CoDUOMP.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Electronic Arts\\The Battle for Middle-earth (tm) II\\game.dat"=
"c:\\Program Files\\Electronic Arts\\The Lord of the Rings, The Rise of the Witch-king\\game.dat"=
"c:\\Program Files\\Flagship Studios\\Hellgate London\\Launcher.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8.exe"=
"c:\\Program Files\\Microsoft Games\\Zoo Tycoon 2\\zt.exe"=
"c:\\Program Files\\Warcraft III\\Frozen Throne.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\ProxyShell\\ProxyShell Hide IP\\proxyshell.exe"=
"c:\\Documents and Settings\\Mous\\cgq.exe"=
"c:\\Program Files\\Curse\\CurseClient.exe"=
"c:\\Program Files\\Electronic Arts\\BattleForge\\Bootstrapper.exe"=
"c:\\Program Files\\Electronic Arts\\BattleForge\\BattleForge.exe"=
"c:\\Program Files\\ICQ6 cz\\ICQ6.5\\ICQ.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\XBlades\\xblades.exe"=
"c:\\Program Files\\XBlades\\launcher.exe"=
"c:\\Program Files\\McAfee\\Common Framework\\FrameworkService.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"80:UDP"= 80:UDP:127.0.0.1
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"3306:TCP"= 3306:TCP:MySQL Server
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"57927:TCP"= 57927:TCP:Pando Media Booster
"57927:UDP"= 57927:UDP:Pando Media Booster

R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [6.4.2009 20:49 132040]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [6.4.2009 20:49 25160]
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};c:\program files\CyberLink\PowerDVD8\000.fcl [1.2.2008 17:24 41456]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6.1.2009 16:08 211216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6.1.2009 16:08 19096]
R3 ncfvsbus;NCF Virtual Serial Bus Enumerator;c:\windows\system32\drivers\ncfvsbus.sys [3.9.2008 14:59 25088]
S2 gupdate1c9861fd4020982;Google Update Service (gupdate1c9861fd4020982);c:\program files\Google\Update\GoogleUpdate.exe [3.2.2009 18:52 133104]
S2 sfrem02;FrontLine Drivers Auto Removal (v2);c:\windows\system32\sfrem02.exe svc --> c:\windows\system32\sfrem02.exe svc [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [13.6.2009 14:49 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [13.6.2009 14:49 8320]
S3 WLAN; Wireless LAN Driver;c:\windows\system32\DRIVERS\wlanNDS.sys --> c:\windows\system32\DRIVERS\wlanNDS.sys [?]
S4 FAH@C:+Program Files+Fallout 3+FAH.exe;FAH@C:+Program Files+Fallout 3+FAH.exe;c:\program files\Fallout 3\FAH.exe -svcstart --> c:\program files\Fallout 3\FAH.exe -svcstart [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Obsah adresáře 'Naplánované úlohy'

2009-07-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-03 15:02]

2009-07-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-03 16:52]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.tiscali.cz/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\documents and settings\All Users\Data aplikací\LangSoft\WebIE.dll
IE: {{FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - c:\program files\Free Download Manager\FUM\fumiebtn.dll
FF - ProfilePath - c:\documents and settings\Mous\Data aplikací\Mozilla\Firefox\Profiles\q5s4rbic.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.tiscali.cz/home/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&o ... &gfns=1&q=
FF - prefs.js: network.proxy.type - 2
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-25 22:15
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
"ServiceDll"="c:\windows\system32\es.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FAH@C:+Program Files+Fallout 3+FAH.exe]

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.0\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD8\000.fcl"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll

- - - - - - - > 'explorer.exe'(3796)
c:\program files\Stardock\ObjectDock\DockShellHook.dll
c:\documents and settings\All Users\Data aplikací\LangSoft\TrnOEH.dll
c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
c:\program files\Samurize\plugins\KeyMouseCount.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2009-07-25 22:19
ComboFix-quarantined-files.txt 2009-07-25 20:18
ComboFix2.txt 2009-07-25 19:14
ComboFix3.txt 2009-07-25 17:26

Před spuštěním: Volných bajtů: 13 064 257 536
Po spuštění: Volných bajtů: 13 050 187 776

414 --- E O F --- 2009-07-20 22:32

Damned · Příspěvekod **Damned** » 25 črc 2009 22:36

Já tam už nic nevidím.

Odinstaluj ComboFix.
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix[mezera]/u

takže jestli nejsou problémy,tak vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,SDFixu,Avengeru,MWAVu atd.-stáhneš->spustíš

(pozn.Pokud máš AVG, před stažením T-Cleaneru a po dobu čištění deaktivuj AVG, následně T-Cleaner smaž
a zapni si AVG.)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni select all found,
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
pak klik empty selected.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache,
cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer,
Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
Kdyby něco, tak se zastav.
Označ topic za vyřešený (zelená fajfka) a měj se. :bigups:

Mous · Příspěvekod **Mous** » 25 črc 2009 22:38

a když používám Google Crome tak co ???

a ještě dotaz to to máš předepsané nebo to píšeš pořád stejně každému ???

Preventivní kontrola po lan party Vyřešeno

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party

Re: Preventivní kontrola po lan party Vyřešeno

Kdo je online