Kontrola logu Vyřešeno

[B1shop]

Dobrý den,
ntb uz má pár let a nedávno se opravdu výrazně zpomalil. Řekl bych skokově.
Start výrazně pomalejší a občas se při startu i restartuje. Internetový prohlížeč se nebývale zadrhává a celkově se práce s NTB stala nepříjemnou.
Právě jsem proved čištění CCleanerem a defragmentaci.
Používám Firefox.

Dále přikládám log z HijackThis a prosím o kontrolu.
Děkuji.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:54:01, on 18.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\QIP 2010\qip.exe
C:\Program Files\uTorrent\utorrent.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\dmremote.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\DfrgNtfs.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\PinkThink\Plocha\off\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 6506 bytes

[Reklama]

[bledulka]

Ahoj,



**********************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt a info.txt,obsah vlož zde


*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log

[B1shop]

Log z RSIT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by PinkThink at 2012-02-19 10:59:17
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 50 GB (56%) free of 90 GB
Total RAM: 2039 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:59:24, on 19.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\PinkThink\Plocha\off\clean\RSIT.exe
C:\Program Files\trend micro\PinkThink.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 5855 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\DriverCure Startup.job
C:\WINDOWS\tasks\DriverCure.job
C:\WINDOWS\tasks\ParetoLogic Registration3.job
C:\WINDOWS\tasks\ParetoLogic Update Version3.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\PinkThink\Data aplikací\Mozilla\Firefox\Profiles\178ceun9.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\PinkThink\Data aplikací\Mozilla\Firefox\Profiles\178ceun9.default\searchplugins\
google-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll [2010-12-13 141184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"ATKOSD2"=C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [2008-09-02 8105984]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2011-10-02 134656]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2011-10-02 166912]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2011-10-02 134656]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-02 17508864]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2011-10-02 57344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-08-02 4910912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2011-10-09 421736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2011-10-02 205824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\QIP 2010\qip.exe"="C:\Program Files\QIP 2010\qip.exe:*:Enabled:QIP 2010"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Documents and Settings\PinkThink\Local Settings\Temp\Torrent2Exe\T2E.exe"="C:\Documents and Settings\PinkThink\Local Settings\Temp\Torrent2Exe\T2E.exe:*:Enabled:Torrent2Exe"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Winamp\winamp.exe"="C:\Program Files\Winamp\winamp.exe:*:Enabled:Winamp"
"C:\Program Files\NetSpot Device Installer\nsdi.exe"="C:\Program Files\NetSpot Device Installer\nsdi.exe:*:Enabled:NetSpot Device Installer"
"C:\WINDOWS\system32\CNAB4RPK.EXE"="C:\WINDOWS\system32\CNAB4RPK.EXE:*:Enabled:Canon LBP2900 RPC Server Process"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======List of files/folders created in the last 3 months======

2012-02-19 10:58:10 ----D---- C:\Program Files\trend micro
2012-02-19 10:58:09 ----D---- C:\rsit
2012-02-18 22:03:16 ----D---- C:\Program Files\Common Files\Java
2012-02-18 21:40:24 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-18 21:40:23 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-18 21:40:23 ----A---- C:\WINDOWS\system32\java.exe
2012-02-18 21:34:56 ----D---- C:\Program Files\Java
2012-02-18 19:55:41 ----D---- C:\Program Files\CCleaner
2012-02-18 19:24:12 ----D---- C:\WINDOWS\pss
2012-02-18 19:03:39 ----D---- C:\WINDOWS\SxsCaPendDel
2012-02-18 18:51:29 ----SHD---- C:\Config.Msi
2012-02-18 15:49:56 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\QIP
2012-02-17 16:50:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-17 16:48:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2647516$
2012-02-17 16:42:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-16 17:06:34 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-13 20:33:48 ----D---- C:\Program Files\Google
2012-02-13 19:29:46 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\PriceGong
2012-02-13 19:29:06 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\Google
2012-02-13 19:27:25 ----D---- C:\Documents and Settings\All Users\Data aplikací\Google
2012-01-13 03:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-12 17:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-12 17:59:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-12 17:51:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-12 17:49:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-12 17:44:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-04 14:33:00 ----N---- C:\WINDOWS\UniFISH.exe
2012-01-03 13:36:45 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\DVDVideoSoft
2012-01-03 13:24:31 ----D---- C:\Program Files\Conduit
2012-01-03 13:24:11 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\DVDVideoSoftIEHelpers
2012-01-02 23:44:56 ----D---- C:\WINDOWS\system32\appmgmt
2011-12-15 22:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2011-12-15 22:17:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2011-12-15 22:13:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2011-12-15 22:12:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2011-12-15 22:12:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2011-12-15 22:11:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2618444$
2011-12-15 22:10:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2011-12-15 22:10:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2011-12-03 16:28:09 ----A---- C:\WINDOWS\system32\ptpusb.dll
2011-12-03 16:28:08 ----A---- C:\WINDOWS\system32\ptpusd.dll
2011-12-03 16:28:07 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys
2011-11-29 19:35:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2570791$
2011-11-29 19:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$
2011-11-29 19:28:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2011-11-29 19:28:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2011-11-29 19:28:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2011-11-29 19:28:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$
2011-11-29 19:28:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2011-11-29 19:27:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$
2011-11-29 19:24:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2011-11-29 19:24:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$
2011-11-29 19:24:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2011-11-29 19:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$
2011-11-29 19:23:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$
2011-11-29 19:23:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2011-11-29 19:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$
2011-11-29 19:23:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2011-11-29 19:23:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2011-11-29 19:22:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$
2011-11-29 19:22:43 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$
2011-11-29 19:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2011-11-29 19:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2011-11-29 19:22:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2011-11-29 19:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-11-29 19:21:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$
2011-11-29 19:21:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2011-11-29 19:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$
2011-11-29 19:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2011-11-29 19:20:34 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2011-11-29 19:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2567053$
2011-11-29 19:20:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2011-11-29 19:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2011-11-29 19:19:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-11-29 19:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2011-11-29 19:15:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2011-11-29 19:15:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2508272$
2011-11-29 19:15:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2011-11-29 19:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2011-11-29 19:14:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2011-11-29 19:14:43 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2011-11-29 19:14:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$
2011-11-29 19:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2011-11-29 19:14:08 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2011-11-29 19:13:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2011-11-29 19:13:45 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$
2011-11-29 19:13:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2586448$
2011-11-29 19:13:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2011-11-29 19:12:57 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$
2011-11-29 19:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-11-29 19:12:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2544521$
2011-11-29 19:12:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$
2011-11-29 19:12:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$
2011-11-29 19:12:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
2011-11-29 19:11:55 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2011-11-29 19:11:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$
2011-11-29 19:11:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$
2011-11-28 00:10:56 ----D---- C:\Program Files\ESRI
2011-11-28 00:09:59 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESRI
2011-11-28 00:00:04 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2011-11-27 23:59:40 ----D---- C:\Program Files\Common Files\Macrovision Shared
2011-11-27 23:48:57 ----D---- C:\Program Files\Common Files\AnswerWorks 4.0
2011-11-27 23:44:04 ----D---- C:\Python26
2011-11-27 23:44:01 ----D---- C:\Program Files\Common Files\Data Dynamics
2011-11-27 23:43:46 ----D---- C:\Program Files\Common Files\Tom Sawyer Software
2011-11-27 23:43:46 ----D---- C:\Program Files\Common Files\ArcGIS
2011-11-27 23:43:07 ----D---- C:\Program Files\ArcGIS
2011-11-27 23:35:03 ----D---- C:\WINDOWS\Prefetch
2011-11-27 23:27:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2011-11-27 23:26:38 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2011-11-27 23:25:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2011-11-27 23:25:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2011-11-27 23:24:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2011-11-27 23:23:10 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2011-11-27 23:22:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2011-11-27 23:21:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2011-11-27 23:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2011-11-27 23:19:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2011-11-27 23:18:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2011-11-27 23:18:11 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2011-11-27 23:17:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2011-11-27 23:16:43 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2011-11-27 23:15:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2011-11-27 23:15:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2011-11-27 23:14:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2011-11-27 23:13:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2011-11-27 23:12:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2011-11-27 23:12:00 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2011-11-27 23:11:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2011-11-27 23:10:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2011-11-27 23:09:38 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2011-11-27 23:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2011-11-27 23:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2011-11-27 23:07:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2011-11-27 23:06:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2011-11-27 23:05:36 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2011-11-27 23:04:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2011-11-27 23:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2011-11-27 23:03:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2011-11-27 23:02:17 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2011-11-27 23:01:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2011-11-27 23:00:42 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2011-11-27 22:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2011-11-27 22:58:49 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2011-11-27 22:58:04 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2011-11-27 22:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$
2011-11-27 22:56:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2011-11-27 22:55:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2011-11-27 22:54:39 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2011-11-27 22:53:49 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2011-11-27 22:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2011-11-27 22:52:13 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2011-11-27 22:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2011-11-27 22:50:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2011-11-27 22:49:23 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2011-11-27 22:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2011-11-27 22:47:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2011-11-27 22:46:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2011-11-27 22:45:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2011-11-27 22:45:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2011-11-27 22:44:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2011-11-27 22:43:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2011-11-27 22:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2011-11-27 22:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2011-11-27 22:40:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2011-11-27 22:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2011-11-27 22:39:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2011-11-27 22:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2011-11-27 22:33:18 ----N---- C:\WINDOWS\system32\smtpapi.dll
2011-11-27 22:33:18 ----N---- C:\WINDOWS\system32\rwnh.dll
2011-11-27 22:33:18 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2011-11-27 22:33:18 ----N---- C:\WINDOWS\system32\comsdupd.exe
2011-11-27 22:33:16 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2011-11-27 22:33:16 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2011-11-27 22:33:16 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2011-11-27 22:33:16 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2011-11-27 22:33:16 ----N---- C:\WINDOWS\system32\aaclient.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\credssp.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\azroles.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2011-11-27 22:33:15 ----N---- C:\WINDOWS\system32\ati3duag.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eapsvc.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eapqec.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eappprxy.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eapphost.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eappgnui.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eappcfg.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\eapolqec.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3ui.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3svc.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3msm.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dot3api.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dimsroam.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2011-11-27 22:33:14 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2011-11-27 22:33:13 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2011-11-27 22:33:13 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\mmcperf.exe
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\mmcex.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\kmsvc.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\kbdpash.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2011-11-27 22:33:12 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\napstat.exe
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\napmontr.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\napipsec.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2011-11-27 22:33:11 ----N---- C:\WINDOWS\system32\mssha.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\s3gnb.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\rasqec.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\qutil.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\qagent.dll
2011-11-27 22:33:10 ----N---- C:\WINDOWS\system32\onex.dll
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\slserv.exe
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\slrundll.exe
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\slgen.dll
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\slextspk.dll
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\slcoinst.dll
2011-11-27 22:33:09 ----N---- C:\WINDOWS\system32\setupn.exe
2011-11-27 22:33:08 ----N---- C:\WINDOWS\system32\tspkg.dll
2011-11-27 22:33:08 ----N---- C:\WINDOWS\system32\tsgqec.dll
2011-11-27 22:33:07 ----N---- C:\WINDOWS\system32\wlanapi.dll
2011-11-27 22:33:06 ----N---- C:\WINDOWS\system32\xmllite.dll
2011-11-27 22:33:06 ----N---- C:\WINDOWS\slrundll.exe
2011-11-27 22:33:05 ----D---- C:\WINDOWS\system32\cs-cz
2011-11-27 22:33:05 ----D---- C:\WINDOWS\l2schemas
2011-11-27 22:33:04 ----D---- C:\WINDOWS\system32\cs
2011-11-27 22:33:04 ----D---- C:\WINDOWS\system32\bits
2011-11-27 22:28:20 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2011-11-27 22:28:20 ----D---- C:\WINDOWS\network diagnostic
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2011-11-27 22:28:19 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2011-11-27 22:28:18 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2011-11-27 22:28:17 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2011-11-27 22:28:16 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2011-11-27 22:28:15 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2011-11-27 22:28:15 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2011-11-27 22:28:15 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2011-11-27 22:28:15 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2011-11-27 22:28:14 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2011-11-27 22:28:13 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2011-11-27 22:28:12 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2011-11-27 22:28:12 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2011-11-27 22:28:12 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2011-11-27 22:26:20 ----A---- C:\WINDOWS\002867_.tmp
2011-11-27 22:22:56 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2011-11-27 20:38:13 ----D---- C:\Program Files\Microsoft SQL Server
2011-11-27 18:42:25 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\Download Manager
2011-11-27 18:34:29 ----D---- C:\f5fa48a839b732ff211bba38976b
2011-11-26 21:00:20 ----D---- C:\WINDOWS\Sun

======List of files/folders modified in the last 3 months======

2012-02-19 10:58:10 ----RD---- C:\Program Files
2012-02-19 10:58:07 ----D---- C:\WINDOWS\Temp
2012-02-19 10:39:53 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-19 10:22:08 ----D---- C:\WINDOWS
2012-02-19 01:19:49 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-19 01:18:42 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\uTorrent
2012-02-18 22:42:10 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\Winamp
2012-02-18 22:03:26 ----SHD---- C:\WINDOWS\Installer
2012-02-18 22:03:16 ----D---- C:\Program Files\Common Files
2012-02-18 21:40:28 ----D---- C:\WINDOWS\system32
2012-02-18 21:35:59 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-18 21:06:26 ----SD---- C:\WINDOWS\Tasks
2012-02-18 20:14:03 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\DAEMON Tools Lite
2012-02-18 20:02:28 ----D---- C:\WINDOWS\Logs
2012-02-18 20:02:28 ----D---- C:\WINDOWS\Debug
2012-02-18 20:02:27 ----D---- C:\WINDOWS\Minidump
2012-02-18 19:29:10 ----ASH---- C:\boot.ini
2012-02-18 19:29:10 ----A---- C:\WINDOWS\win.ini
2012-02-18 19:29:10 ----A---- C:\WINDOWS\system.ini
2012-02-18 19:24:01 ----D---- C:\Program Files\Mozilla Firefox
2012-02-18 19:07:50 ----D---- C:\WINDOWS\system32\drivers
2012-02-18 19:06:11 ----D---- C:\Program Files\QIP 2010
2012-02-18 19:03:13 ----D---- C:\Program Files\Common Files\Apple
2012-02-18 19:03:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Apple
2012-02-18 19:00:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-02-18 19:00:28 ----HD---- C:\WINDOWS\inf
2012-02-18 18:58:46 ----D---- C:\WINDOWS\pchealth
2012-02-18 14:44:08 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-02-18 14:43:59 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-18 14:38:44 ----RSD---- C:\WINDOWS\assembly
2012-02-18 14:16:40 ----D---- C:\Program Files\Common Files\System
2012-02-18 13:58:21 ----D---- C:\Program Files\Microsoft Silverlight
2012-02-17 20:34:36 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-17 17:04:35 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-02-17 17:03:08 ----D---- C:\WINDOWS\WinSxS
2012-02-17 16:51:37 ----A---- C:\WINDOWS\system32\MRT.exe
2012-02-17 16:50:26 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-17 16:36:29 ----HD---- C:\WINDOWS\$hf_mig$
2012-02-13 20:34:20 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-13 19:15:27 ----SD---- C:\Documents and Settings\PinkThink\Data aplikací\Microsoft
2012-02-13 17:07:23 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\gtk-2.0
2012-02-05 20:46:15 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\Macromedia
2012-01-02 23:44:00 ----D---- C:\Program Files\OpenOffice.org 3
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\wininet.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\urlmon.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\url.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\shdocvw.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\mstime.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\mshtmled.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\mshtml.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\iepeers.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\ieencode.dll
2011-12-19 09:53:25 ----A---- C:\WINDOWS\system32\browseui.dll
2011-12-18 19:38:49 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\Zoner
2011-11-30 12:34:12 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\ESRI
2011-11-29 19:16:19 ----D---- C:\WINDOWS\system32\CatRoot
2011-11-29 19:13:48 ----D---- C:\Program Files\Movie Maker
2011-11-29 19:11:47 ----D---- C:\Program Files\Outlook Express
2011-11-28 19:01:23 ----A---- C:\WINDOWS\system32\aswBoot.exe
2011-11-27 23:43:59 ----RSD---- C:\WINDOWS\Fonts
2011-11-27 23:34:03 ----D---- C:\WINDOWS\AppPatch
2011-11-27 23:34:02 ----D---- C:\WINDOWS\system32\wbem
2011-11-27 23:34:02 ----D---- C:\WINDOWS\system32\Setup
2011-11-27 23:33:20 ----D---- C:\WINDOWS\security
2011-11-27 23:03:12 ----D---- C:\Program Files\BSplayer
2011-11-27 22:40:07 ----D---- C:\Program Files\Messenger
2011-11-27 22:33:29 ----D---- C:\Program Files\Windows Media Player
2011-11-27 22:33:28 ----D---- C:\WINDOWS\Help
2011-11-27 22:33:20 ----D---- C:\WINDOWS\ehome
2011-11-27 22:33:17 ----D---- C:\WINDOWS\system32\inetsrv
2011-11-27 22:33:17 ----D---- C:\WINDOWS\ime
2011-11-27 22:33:05 ----D---- C:\WINDOWS\system32\usmt
2011-11-27 22:33:05 ----D---- C:\Program Files\Internet Explorer
2011-11-27 22:33:04 ----D---- C:\WINDOWS\PeerNet
2011-11-27 22:30:41 ----D---- C:\WINDOWS\ServicePackFiles
2011-11-27 22:30:29 ----D---- C:\WINDOWS\system32\Restore
2011-11-27 22:30:29 ----D---- C:\WINDOWS\system32\npp
2011-11-27 22:30:27 ----D---- C:\WINDOWS\msagent
2011-11-27 22:30:26 ----D---- C:\WINDOWS\srchasst
2011-11-27 22:30:25 ----D---- C:\Program Files\NetMeeting
2011-11-27 22:30:24 ----D---- C:\WINDOWS\system32\Com
2011-11-27 22:30:20 ----D---- C:\Program Files\Windows NT
2011-11-27 22:29:59 ----D---- C:\WINDOWS\system32\oobe
2011-11-27 22:29:57 ----D---- C:\WINDOWS\system
2011-11-27 22:26:16 ----D---- C:\WINDOWS\system32\ReinstallBackups
2011-11-27 20:38:13 ----D---- C:\WINDOWS\system32\1033
2011-11-27 20:30:45 ----D---- C:\Program Files\Common Files\ESRI
2011-11-27 18:35:31 ----D---- C:\WINDOWS\system32\XPSViewer
2011-11-26 21:58:11 ----D---- C:\Documents and Settings\PinkThink\Data aplikací\GlarySoft
2011-11-25 22:57:27 ----A---- C:\WINDOWS\system32\winsrv.dll
2011-11-20 07:12:48 ----A---- C:\WINDOWS\system32\packager.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-03-04 45648]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-10-12 232512]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-08 1309504]
R3 CRFILTER;USB Mass Storage Filter; C:\WINDOWS\system32\DRIVERS\CRFILTER.sys [2011-10-02 6656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2011-10-02 6278560]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-10-02 5029376]
R3 kbfiltr;Keyboard Filter; C:\WINDOWS\system32\DRIVERS\kbfiltr.sys [2011-10-02 13880]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ATKACPI.sys [2007-08-28 5760]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-10-02 117888]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 usbvideo;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-14 121984]
S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2011-10-02 1684736]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2011-10-02 1389056]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-18 153376]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-11-27 867080]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 821608]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[B1shop]

Log z Mbam:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.60.1.1000
www.malwarebytes.org

Verze databáze: v2012.02.19.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
PinkThink :: JAKUB-6D57E2753 [administrátor]

Ochrana: Povolena

19.2.2012 11:15:24
mbam-log-2012-02-19 (11-15-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 180013
Uplynulý čas: 15 minut, 30 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[B1shop]

Log z Combofix:

ComboFix 12-02-21.02 - PinkThink 21.02.2012 19:03:11.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2039.1576 [GMT 1:00]
Spuštěný z: c:\documents and settings\PinkThink\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-21 do 2012-02-21 )))))))))))))))))))))))))))))))
.
.
2012-02-21 17:39 . 2012-02-21 17:42 -------- d-----w- c:\documents and settings\Administrator
2012-02-19 10:08 . 2012-02-19 10:08 -------- d-----w- c:\documents and settings\PinkThink\Data aplikací\Malwarebytes
2012-02-19 10:08 . 2012-02-19 10:08 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2012-02-19 10:08 . 2012-02-19 10:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-19 10:08 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-19 09:58 . 2012-02-19 09:59 -------- d-----w- c:\program files\trend micro
2012-02-19 09:58 . 2012-02-19 09:58 -------- d-----w- C:\rsit
2012-02-18 14:49 . 2012-02-18 14:50 -------- d-----w- c:\documents and settings\PinkThink\Data aplikací\QIP
2012-02-16 16:06 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 16:06 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-13 19:33 . 2012-02-18 19:21 -------- d-----w- c:\program files\Google
2012-02-13 18:29 . 2012-02-14 10:05 -------- d-----w- c:\documents and settings\PinkThink\Data aplikací\PriceGong
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-21 11:15 . 2011-10-02 17:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-18 20:35 . 2011-10-18 23:47 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-12 17:20 . 2006-03-02 14:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2011-12-19 08:53 . 2006-03-02 14:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2011-12-19 08:53 . 2006-03-02 14:00 668160 ----a-w- c:\windows\system32\wininet.dll
2011-12-19 08:53 . 2006-03-02 14:00 61952 ----a-w- c:\windows\system32\tdc.ocx
2011-12-19 08:52 . 2006-03-02 14:00 370176 ----a-w- c:\windows\system32\html.iec
2011-11-28 18:01 . 2011-10-02 15:23 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-10-02 15:23 199816 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:53 . 2011-10-02 15:23 435032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-10-02 15:23 314456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2011-10-02 15:23 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-10-02 15:23 52952 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-10-02 15:23 111320 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2011-11-28 17:51 . 2011-10-02 15:23 105176 ----a-w- c:\windows\system32\drivers\aswmon.sys
2011-11-28 17:51 . 2011-10-02 15:23 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:48 . 2011-10-02 15:23 30808 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2011-11-25 21:57 . 2006-03-02 14:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2012-02-18 18:22 . 2011-10-02 17:00 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"ATKOSD2"="c:\program files\ASUS\ATKOSD2\ATKOSD2.exe" [2008-09-02 8105984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-02 134656]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-02 166912]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-02 134656]
"RTHDCPL"="RTHDCPL.EXE" [2011-10-02 17508864]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 10:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-10-09 16:06 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Winamp\\winamp.exe"=
"c:\\Program Files\\NetSpot Device Installer\\nsdi.exe"=
"c:\\WINDOWS\\system32\\CNAB4RPK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\QIP 2012\\qip.exe"=
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2.10.2011 16:23 435032]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2.10.2011 16:23 314456]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [12.10.2011 22:53 232512]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2.10.2011 16:23 20568]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [19.2.2012 11:08 652360]
R3 CRFILTER;USB Mass Storage Filter;c:\windows\system32\drivers\CRFILTER.sys [2.10.2011 21:03 6656]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [19.2.2012 11:08 20464]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2.10.2011 21:00 1684736]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-02-19 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2010-04-06 22:30]
.
2011-10-02 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2010-04-06 22:30]
.
.
------- Doplňkový sken -------
.
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\PinkThink\Data aplikací\Mozilla\Firefox\Profiles\178ceun9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-21 19:16
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2012-02-21 19:22:54
ComboFix-quarantined-files.txt 2012-02-21 18:22
.
Před spuštěním: Volných bajtů: 52 825 563 136
Po spuštění: Volných bajtů: 52 940 046 336
.
- - End Of File - - BCB194B67D5F3B39FEB7CF83F45A27D5

[Žbeky]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

[B1shop]

Log HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:06:19, on 21.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\CNAB4RPK.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\PinkThink\Plocha\off\clean\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

--
End of file - 4967 bytes


Vypínání počítače teď probíhá rychleji (přímo bleskově) a bezproblémově, žádné ukončování aplikací a podobně.
Zapínání je o poznání rychlejší, po naběhnutí systému běží asi 40 procesů, po 2 minutách se to ustálý na 35 a využití CPU klesne na minimum.
Spouštění a práce s aplikacemi je svižnější.
Jen pohlížeč se občas zadrhne, nikoli ve smyslu připojení. Spíše se tváří jakože celá aplikace neodpovídá. Typicky při otevření více panelů najednou.
Každopádně už to není tak nervydrásající jako před čištěním.

Celkově jsem s chodem NTB spokojený, děkuji.
Stačí k ochraně počítače antivirus (avast) a anti-malware (malwarebytes) nebo doporučíte doplnit o další aplikace?

[Žbeky]

Ještě fixni:

Kód: Vybrat vše

O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Documents and Settings\PinkThink\Data aplikací\Microsoft\Internet Explorer\qipsearchbar.dll
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

Jako ocharna to stačí. Avast je rezidentní a jednou za měsíc si třeba udělej rychlý MbAM sken pro kontrolu. Pokud nejsou problémy, je to vše a můžeš dát vyřešeno

[B1shop]

Všem mockrát děkuji.