Prosím o kontrolu logu- Videa se nepřehrávají Vyřešeno

[mEEEgy]

Psal sem to už v tady tom fóru, nikdo mi bohužel asi nedokáže pomoct, snad tu, vkládam log z hjt.
viewtopic.php?f=3&t=81732

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:05:54, on 18.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Razer\Copperhead\razerhid.exe
C:\Program Files\A4Tech\Mouse\Amoumain.exe
C:\Program Files\TO2SSM\McciTrayApp.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\DNA\btdna.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Xfire\Xfire.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGAutorunService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\bin32\nSvcAppFlt.exe
C:\Program Files\Razer\Copperhead\razerofa.exe
C:\Program Files\bin32\nSvcIp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\Copperhead\razerhid.exe
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [TO2SSM_McciTrayApp] C:\Program Files\TO2SSM\McciTrayApp.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O8 - Extra context menu item: Download with Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\bin32\nSvcAppFlt.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI Commander - Unknown owner - C:\WINDOWS\system32\LGAutorunService.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\bin32\nSvcIp.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
O23 - Service: Vodafone Connector Service (VodafoneConnectorService) - Vodafone Group - C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe

--
End of file - 9843 bytes

[Reklama]

[bledulka]

Stahni CCleaner http://www.filehippo.com/download_cclea ... cbae6b492/
-nainstaluj (neinstaluj Yahoo toolbar)

-zvol záložku Čistič
-nechej v levém sloupečku zatrhnuté vše jak je a zmáčkni tlačítko analyzovat
-pak potvrď tlačítko Spustit Ccleaner
-tím se vyčistí počítač od dočasných soubborů, doporučuji pravidelně používat.

-vyber záložku registry
-klikni na tlačítko hledej problémy
-pak klikni na opravit vybrané problémy, potvrď, že chceš udělat zálohu a nech všechno opravit

**********************

Stahni Rsit http://images.malwareremoval.com/random/RSIT.exe
-spusť, klikni na tlačítko Continue
-po skenu na tebe vyběhne log.txt,obsah vlož zde


*********************

Stahni Mbam http://download.cnet.com/3001-8022_4-10 ... l-10804572
-nainstaluj, aktualizuj
-udělej uplný sken a vlož sem log

[mEEEgy]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Admin at 2012-02-19 08:51:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 232 GB (49%) free of 477 GB
Total RAM: 2046 MB (60% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1801674531-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-682003330-117609710-1801674531-1004UA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gprnrxxf.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "google.cz"
prefs.js - "keyword.URL" - "http://startsear.ch/?aff=1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nexon.net/NxGame]
"Description"=Nexon Game Controller
"Path"=C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\npNxGameUS.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files\Veetle\plugins\npVeetle.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files\Veetle\Player\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Webzen.com/NPGameWebStarter]
"Description"=Webzen Game Controller
"Path"=C:\Program Files\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npvsharetvplg.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
avg_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gprnrxxf.default\searchplugins\
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-2.xml
icqplugin-3.xml
icqplugin-4.xml
icqplugin-5.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
startsear.xml
web-search.xml
winamp-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-18 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-18 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-18 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-05-16 16862720]
"RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]
"razer"=C:\Program Files\Razer\Copperhead\razerhid.exe [2005-10-08 155648]
"WheelMouse"=C:\Program Files\A4Tech\Mouse\Amoumain.exe [2007-02-10 200704]
"TO2SSM_McciTrayApp"=C:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-09-08 98304]
"amd_dc_opt"=C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe [2008-07-22 77824]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2009-11-19 323392]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-11-10 3514176]
"Google Update"=C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2011-07-02 136176]

C:\Documents and Settings\Admin\Nabídka Start\Programy\Po spuštění
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2011-09-08 188416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Xfire\Xfire.exe"="C:\Program Files\Xfire\Xfire.exe:*:Enabled:Xfire"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe"="C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe:*:Enabled:aTube Catcher to download and convert videos."
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"
"C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe"="C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe:*:Enabled:Rockstar Games Social Club"
"C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe"="C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome"
"C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe"="C:\Documents and Settings\All Users\Data aplikací\NexonUS\NGM\NGM.exe:*:Enabled:Nexon Game Manager"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"
"C:\Program Files\Steam\steamapps\common\mafia ii\pc\Mafia2.exe"="C:\Program Files\Steam\steamapps\common\mafia ii\pc\Mafia2.exe:*:Enabled:Mafia II"
"C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"C:\Program Files\THQ\Dawn of War\W40k.exe"="C:\Program Files\THQ\Dawn of War\W40k.exe:*:Enabled:W40K"
"C:\Program Files\Steam\steamapps\common\batman2\Binaries\Win32\BatmanAC.exe"="C:\Program Files\Steam\steamapps\common\batman2\Binaries\Win32\BatmanAC.exe:*:Enabled:Batman: Arkham City™"
"C:\Program Files\Steam\steamapps\common\batman2\RunLauncher.bat"="C:\Program Files\Steam\steamapps\common\batman2\RunLauncher.bat:*:Enabled:Batman: Arkham City™"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\ICQ7.5\ICQ.exe"="C:\Program Files\ICQ7.5\ICQ.exe:*:Enabled:ICQ7.5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.divxa32"=msaud32_divx.acm
"VIDC.FPS1"=frapsvid.dll
"VIDC.XFR1"=xfcodec.dll
"VIDC.CFHD"=cfhd.dll
"VIDC.FMVC"=fmcodec.dll
"MSVideo8"=VfWWDM32.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll

======List of files/folders created in the last 1 month======

2012-02-19 08:50:40 ----D---- C:\rsit
2012-02-18 20:56:29 ----D---- C:\Documents and Settings\Admin\Data aplikací\DDMSettings
2012-02-18 20:49:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\McAfee
2012-02-18 20:48:48 ----SHD---- C:\Config.Msi
2012-02-18 20:14:27 ----D---- C:\Program Files\Common Files\Java
2012-02-18 20:14:19 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-18 20:14:19 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-18 20:14:19 ----A---- C:\WINDOWS\system32\java.exe
2012-02-18 20:14:06 ----D---- C:\Program Files\Java
2012-02-17 18:45:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2012-02-17 18:45:24 ----D---- C:\Program Files\Windows Media Connect 2
2012-02-16 22:41:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2660465$
2012-02-16 22:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$
2012-02-16 14:46:36 ----N---- C:\WINDOWS\system32\iacenc.dll
2012-02-15 20:18:02 ----D---- C:\Program Files\Microsoft XNA
2012-02-10 13:23:23 ----D---- C:\Program Files\Heroes of Newerth
2012-02-08 15:20:55 ----A---- C:\WINDOWS\system32\hidserv.dll
2012-02-06 18:44:42 ----A---- C:\WINDOWS\system32\drivers\AmdLLD.sys
2012-02-06 18:41:49 ----D---- C:\be07d55c954117db8e2997cf5d9757
2012-02-05 17:43:07 ----D---- C:\Program Files\Bethesda Softworks
2012-02-05 17:03:50 ----D---- C:\Program Files\Pokemon World Online
2012-02-03 10:29:56 ----A---- C:\WINDOWS\system32\xfcodec.dll
2012-01-26 19:46:18 ----D---- C:\Program Files\THQ
2012-01-24 18:18:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe Systems
2012-01-24 18:18:35 ----D---- C:\Program Files\Common Files\Adobe Systems Shared

======List of files/folders modified in the last 1 month======

2012-02-19 08:52:28 ----D---- C:\Program Files\Trend Micro
2012-02-19 08:49:25 ----D---- C:\Program Files\Steam
2012-02-19 08:49:25 ----D---- C:\Documents and Settings\Admin\Data aplikací\Winamp
2012-02-19 08:47:47 ----D---- C:\WINDOWS\temp
2012-02-19 08:47:47 ----D---- C:\WINDOWS\Logs
2012-02-19 08:47:47 ----D---- C:\WINDOWS\Debug
2012-02-19 08:47:47 ----D---- C:\WINDOWS
2012-02-19 08:45:03 ----D---- C:\Documents and Settings\Admin\Data aplikací\DNA
2012-02-19 08:39:29 ----D---- C:\WINDOWS\system32
2012-02-19 08:39:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.TMP
2012-02-19 08:35:02 ----D---- C:\Program Files\DNA
2012-02-19 02:46:16 ----N---- C:\WINDOWS\SchedLgU.Txt
2012-02-18 23:52:21 ----D---- C:\Documents and Settings\Admin\Data aplikací\Xfire
2012-02-18 23:14:05 ----D---- C:\WINDOWS\Prefetch
2012-02-18 21:58:21 ----D---- C:\Documents and Settings\Admin\Data aplikací\DivX
2012-02-18 21:04:56 ----RD---- C:\Program Files
2012-02-18 20:56:27 ----SD---- C:\Documents and Settings\Admin\Data aplikací\Microsoft
2012-02-18 20:56:27 ----D---- C:\Documents and Settings\Admin\Data aplikací\Adobe
2012-02-18 20:55:38 ----D---- C:\Program Files\DivX
2012-02-18 20:55:38 ----D---- C:\Program Files\Common Files\DivX Shared
2012-02-18 20:55:38 ----D---- C:\Documents and Settings\All Users\Data aplikací\DivX
2012-02-18 20:54:59 ----SHD---- C:\WINDOWS\Installer
2012-02-18 20:49:02 ----D---- C:\Program Files\Common Files\Adobe
2012-02-18 20:48:58 ----D---- C:\Program Files\Adobe
2012-02-18 20:48:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Adobe
2012-02-18 20:14:27 ----D---- C:\Program Files\Common Files
2012-02-18 20:14:10 ----A---- C:\WINDOWS\system32\deployJava1.dll
2012-02-18 15:55:29 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-18 15:02:17 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2012-02-18 13:04:19 ----D---- C:\Program Files\Mozilla Firefox
2012-02-18 12:59:20 ----SD---- C:\Program Files\Xfire
2012-02-17 18:45:36 ----HD---- C:\WINDOWS\inf
2012-02-17 18:45:36 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-17 18:45:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-17 18:45:24 ----D---- C:\WINDOWS\Help
2012-02-17 18:45:24 ----D---- C:\Program Files\Windows Media Player
2012-02-17 18:28:43 ----SD---- C:\WINDOWS\Tasks
2012-02-17 06:43:11 ----RSD---- C:\WINDOWS\assembly
2012-02-17 06:40:16 ----D---- C:\WINDOWS\Microsoft.NET
2012-02-16 22:45:10 ----D---- C:\WINDOWS\WinSxS
2012-02-16 22:41:33 ----A---- C:\WINDOWS\system32\MRT.exe
2012-02-16 22:40:30 ----D---- C:\Program Files\Internet Explorer
2012-02-16 22:40:16 ----HD---- C:\WINDOWS\$hf_mig$
2012-02-16 22:36:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-02-15 20:18:06 ----D---- C:\WINDOWS\system32\DirectX
2012-02-15 20:18:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-02-15 20:17:18 ----D---- C:\WINDOWS\system32\cs-cz
2012-02-15 20:13:52 ----D---- C:\WINDOWS\system32\en-US
2012-02-15 20:13:40 ----D---- C:\Program Files\Microsoft.NET
2012-02-15 17:54:03 ----D---- C:\WINDOWS\system32\config
2012-02-15 17:15:50 ----D---- C:\Documents and Settings\Admin\Data aplikací\Vso
2012-02-15 17:15:50 ----D---- C:\Documents and Settings\Admin\Data aplikací\TS3Client
2012-02-15 17:15:50 ----D---- C:\Documents and Settings\Admin\Data aplikací\DAEMON Tools Lite
2012-02-15 17:10:16 ----D---- C:\Program Files\CCleaner
2012-02-14 22:31:25 ----A---- C:\WINDOWS\win.ini
2012-02-14 22:31:24 ----D---- C:\Program Files\Common Files\System
2012-02-06 18:44:47 ----RSH---- C:\boot.ini
2012-02-06 18:44:44 ----D---- C:\WINDOWS\system32\drivers
2012-02-06 18:44:41 ----D---- C:\Program Files\AMD
2012-02-06 18:42:21 ----D---- C:\WINDOWS\system32\XPSViewer
2012-02-06 18:42:20 ----RSD---- C:\WINDOWS\Fonts
2012-02-04 19:46:54 ----D---- C:\Documents and Settings\Admin\Data aplikací\ICQ
2012-02-04 09:13:23 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
2012-01-28 13:42:23 ----HD---- C:\Program Files\InstallShield Installation Information
2012-01-26 18:24:49 ----D---- C:\Program Files\Activision

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2011-11-29 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-11-19 428088]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 Amfilter;A4Tech Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\Amfilter.sys [2007-01-24 8704]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 atksgt;atksgt; C:\WINDOWS\system32\DRIVERS\atksgt.sys [2010-10-03 281760]
R2 lirsgt;lirsgt; C:\WINDOWS\system32\DRIVERS\lirsgt.sys [2010-10-03 25888]
R2 npf;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-11-16 50704]
R3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys [2007-06-29 34304]
R3 Amusbprt;A4Tech HID-compliant Mouse Driver; C:\WINDOWS\system32\DRIVERS\Amusbprt.sys [2007-02-10 13824]
R3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-09-08 7180800]
R3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\WINDOWS\system32\drivers\AtiHdmi.sys [2008-07-02 89600]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-05-20 4800000]
R3 MouseCap;MouseCapture Driver; C:\WINDOWS\System32\Drivers\MouseCap.sys [2005-08-08 6640]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2008-01-29 54016]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2008-04-28 38176]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2008-01-29 22016]
R3 nvsmu;nvsmu; C:\WINDOWS\system32\DRIVERS\nvsmu.sys [2007-10-12 13312]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S2 DgiVecp;Team MFP Comm Driver; C:\WINDOWS\System32\Drivers\DgiVecp.sys [2003-07-29 40448]
S3 atiqe48a;atiqe48a; C:\WINDOWS\system32\drivers\atiqe48a.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-07-09 16384]
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit; C:\WINDOWS\system32\DRIVERS\ESLvnic.sys [2010-12-08 24504]
S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2008-04-14 12160]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2002-12-12 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-07-09 83968]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-07-09 10112]
S3 oflpydin;oflpydin; \??\C:\DOCUME~1\Admin\LOCALS~1\Temp\oflpydin.sys []
S3 PAC207;Trust WB-1400T Webcam; C:\WINDOWS\system32\DRIVERS\pfc027.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2009-07-30 47360]
S3 Razerlow;Razer Copperhead Driver; C:\WINDOWS\System32\Drivers\Razerlow.sys [2005-08-12 19020]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-07-09 10880]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-07-09 14976]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2008-11-19 13056]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2008-11-19 19968]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2008-11-19 24832]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-07-09 18688]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 dwshd;dwshd; C:\WINDOWS\System32\drivers\dwshd.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2011-09-08 643072]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\bin32\nSvcAppFlt.exe [2008-01-29 598016]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-02-18 153376]
R2 LG SCSI Commander;LG SCSI Commander; C:\WINDOWS\system32\LGAutorunService.exe [2008-06-09 139264]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 nSvcIp;ForceWare IP service; C:\Program Files\bin32\nSvcIp.exe [2008-01-29 163840]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2011-06-05 75136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-05-14 272024]
R2 STI Simulator;STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [2005-01-14 53248]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2010-11-23 1483072]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 VodafoneConnectorService;Vodafone Connector Service; C:\Program Files\Vodafone\Via The Phone\VodafoneConnectorService.exe [2009-01-26 233472]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-04-28 593920]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-01-24 72704]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-08-19 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MSSQL$SONY_MEDIAMGR;MSSQL$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe [2002-12-17 7520337]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2002-12-17 66112]
S3 npggsvc;nProtect GameGuard Service; C:\WINDOWS\system32\GameMon.des [2011-06-13 4121080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SQLAgent$SONY_MEDIAMGR;SQLAgent$SONY_MEDIAMGR; C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE [2002-12-17 311872]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[mEEEgy]

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

19.2.2012 9:38:40
mbam-log-2012-02-19 (09-38-36).txt

Typ: Úplná kontrola (C:\|)
Kontrolované objekty: 320580
Uplynulý čas: 44 minut, 48 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\documents and settings\Admin\dokumenty\sony vegas 7.0\sony vegas 7.0 keygen.exe (Trojan.Downloader) -> No action taken.

[Žbeky]

Fixni:

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Admin\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Jak se to načítá teď?

[mEEEgy]

tim mbamem sem to už promazal log je v poho, furt stejně, vůbec se to nanečtě, když kliknu do okna toho streamu tak je černé pole nic víc, opravdu některé stránky se pořád nenačtou... takže nevíte co dál?

[jaro3]

Máš dát sem nový log z MbAM..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[mEEEgy]

ComboFix 12-02-19.02 - Admin 20.02.2012 19:07:18.7.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1316 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\system32\tmp119.tmp
c:\windows\system32\tmp11A.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-20 do 2012-02-20 )))))))))))))))))))))))))))))))
.
.
2012-02-19 13:08 . 2012-02-20 14:54 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\LogMeIn Hamachi
2012-02-19 13:07 . 2012-02-20 18:12 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\LogMeIn Hamachi
2012-02-19 13:07 . 2012-02-19 13:07 -------- d-----w- c:\program files\LogMeIn Hamachi
2012-02-19 07:50 . 2012-02-19 07:51 -------- d-----w- C:\rsit
2012-02-18 19:56 . 2012-02-18 19:56 -------- d-----w- c:\documents and settings\Admin\Data aplikací\DDMSettings
2012-02-18 19:49 . 2012-02-18 19:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2012-02-18 19:14 . 2012-02-18 19:14 -------- d-----w- c:\program files\Common Files\Java
2012-02-18 19:14 . 2012-02-18 19:14 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-18 19:14 . 2012-02-18 19:14 -------- d-----w- c:\program files\Java
2012-02-17 17:45 . 2012-02-17 17:45 -------- d-----w- c:\program files\Windows Media Connect 2
2012-02-16 13:46 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 13:46 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-15 19:18 . 2012-02-15 19:18 -------- d-----w- c:\program files\Microsoft XNA
2012-02-10 12:23 . 2012-02-11 19:36 -------- d-----w- c:\program files\Heroes of Newerth
2012-02-08 14:20 . 2008-04-14 07:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-02-08 14:20 . 2008-04-14 07:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-02-06 17:44 . 2007-06-29 13:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2012-02-06 17:44 . 2012-02-06 17:44 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\Downloaded Installations
2012-02-06 17:41 . 2012-02-06 17:42 -------- d-----w- C:\be07d55c954117db8e2997cf5d9757
2012-02-05 16:43 . 2012-02-05 16:43 -------- d-----w- c:\program files\Bethesda Softworks
2012-02-05 16:03 . 2012-02-05 16:03 -------- d-----w- c:\program files\Pokemon World Online
2012-02-03 09:29 . 2012-02-03 09:29 42392 ----a-w- c:\windows\system32\xfcodec.dll
2012-01-26 18:46 . 2012-01-26 18:46 -------- d-----w- c:\program files\THQ
2012-01-24 17:18 . 2012-01-24 17:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Adobe Systems
2012-01-24 17:18 . 2012-01-24 17:18 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-20 16:04 . 2010-12-03 22:26 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-02-20 16:04 . 2010-12-03 22:26 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-02-20 16:04 . 2009-07-09 15:28 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-02-20 14:41 . 2011-05-29 07:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-20 13:47 . 2011-08-10 09:55 7208 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-02-19 16:16 . 2010-12-03 22:26 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-02-18 19:14 . 2010-11-12 16:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-04 08:13 . 2010-09-25 13:10 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-01-12 17:20 . 2008-04-14 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2011-12-17 19:42 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-29 02:28 . 2010-02-21 15:46 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-11-29 02:28 . 2010-02-21 15:46 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-11-29 02:28 . 2009-06-18 10:59 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-11-29 02:28 . 2009-06-18 10:59 133616 ------w- c:\windows\system32\pxafs.dll
2011-11-25 21:57 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-29 14:29 . 2011-03-29 16:50 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-19 323392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"razer"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-10-08 155648]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 200704]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-02 1987976]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2012-2-3 3530136]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Steam"="c:\program files\Steam\steam.exe" -silent
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" silent loginmode=4
"RGSC"=c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Documents and Settings\\Admin\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii\\pc\\Mafia2.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\THQ\\Dawn of War\\W40k.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\RunLauncher.bat"=
"c:\\Program Files\\Veetle\\Player\\VeetleNet.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\terraria\\TerrariaServer.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57104:TCP"= 57104:TCP:Pando Media Booster
"57104:UDP"= 57104:UDP:Pando Media Booster
"58692:TCP"= 58692:TCP:Pando Media Booster
"58692:UDP"= 58692:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6925:TCP"= 6925:TCP:League of Legends Launcher
"6925:UDP"= 6925:UDP:League of Legends Launcher
"6984:TCP"= 6984:TCP:League of Legends Launcher
"6984:UDP"= 6984:UDP:League of Legends Launcher
"6936:TCP"= 6936:TCP:League of Legends Launcher
"6936:UDP"= 6936:UDP:League of Legends Launcher
"56730:TCP"= 56730:TCP:Pando Media Booster
"56730:UDP"= 56730:UDP:Pando Media Booster
"57294:TCP"= 57294:TCP:Pando Media Booster
"57294:UDP"= 57294:UDP:Pando Media Booster
"56101:TCP"= 56101:TCP:Pando Media Booster
"56101:UDP"= 56101:UDP:Pando Media Booster
"57783:TCP"= 57783:TCP:Pando Media Booster
"57783:UDP"= 57783:UDP:Pando Media Booster
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2.2.2012 13:22 1373576]
R2 LG SCSI Commander;LG SCSI Commander;c:\windows\system32\LGAutorunService.exe [21.11.2009 12:52 139264]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [23.11.2010 17:13 1483072]
R2 VodafoneConnectorService;Vodafone Connector Service;c:\program files\Vodafone\Via The Phone\VodafoneConnectorService.exe [26.1.2009 9:16 233472]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [8.8.2005 14:44 6640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [18.6.2009 10:17 38176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [7.10.2010 12:34 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [31.7.2011 18:23 23456]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [12.3.2011 13:55 24504]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [24.2.2010 11:27 36608]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11.4.2011 21:05 41272]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 oflpydin;oflpydin;\??\c:\docume~1\Admin\LOCALS~1\Temp\oflpydin.sys --> c:\docume~1\Admin\LOCALS~1\Temp\oflpydin.sys [?]
S3 PAC207;Trust WB-1400T Webcam;c:\windows\system32\DRIVERS\pfc027.sys --> c:\windows\system32\DRIVERS\pfc027.sys [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [30.7.2009 16:12 47360]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [24.7.2009 18:19 19020]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [24.2.2010 11:27 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [24.2.2010 11:27 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [24.2.2010 11:27 121856]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Obsah adresáře 'Naplánované úlohy'
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gprnrxxf.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - google.cz
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&q=
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-20 19:12
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-682003330-117609710-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:e6,25,3c,37,60,2e,9f,4c,6d,ef,dc,94,c4,d9,34,37,de,b3,06,55,cb,
37,b6,fa,47,f4,e7,0e,45,64,71,04,60,62,81,af,e7,8f,23,cc,d2,a9,89,f2,2c,c8,\
"rkeysecu"=hex:ea,51,8b,3d,f9,7e,2e,15,6d,6e,c3,6c,67,c5,28,38
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(788)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(844)
c:\windows\system32\nvLsp.dll
.
Celkový čas: 2012-02-20 19:14:08
ComboFix-quarantined-files.txt 2012-02-20 18:13
.
Před spuštěním: Volných bajtů: 241 081 753 600
Po spuštění: Volných bajtů: 241 171 922 944
.
- - End Of File - - E2CE251AC10B8DD553B0CF6E0F32AB8A

[jaro3]

BitTorrent DNA--- doporučuji odinstalovat!

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\GameMon.des

Driver::
sptd
npggsvc
oflpydin
PAC207

Firefox::
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gprnrxxf.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&q=

Registry::
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\npggsvc]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[mEEEgy]

ComboFix 12-02-19.02 - Admin 21.02.2012 16:14:55.8.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1386 [GMT 1:00]
Spuštěný z: c:\documents and settings\Admin\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Admin\Plocha\CFScript.txt
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
FILE ::
"c:\windows\system32\GameMon.des"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\GameMon.des
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_OFLPYDIN
-------\Legacy_SPTD
-------\Service_npggsvc
-------\Service_oflpydin
-------\Service_PAC207
-------\Service_sptd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-01-21 do 2012-02-21 )))))))))))))))))))))))))))))))
.
.
2012-02-19 07:50 . 2012-02-19 07:51 -------- d-----w- C:\rsit
2012-02-18 19:56 . 2012-02-18 19:56 -------- d-----w- c:\documents and settings\Admin\Data aplikací\DDMSettings
2012-02-18 19:49 . 2012-02-18 19:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\McAfee
2012-02-18 19:14 . 2012-02-18 19:14 -------- d-----w- c:\program files\Common Files\Java
2012-02-18 19:14 . 2012-02-18 19:14 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-02-18 19:14 . 2012-02-18 19:14 -------- d-----w- c:\program files\Java
2012-02-17 17:45 . 2012-02-17 17:45 -------- d-----w- c:\program files\Windows Media Connect 2
2012-02-16 13:46 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-16 13:46 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-15 19:18 . 2012-02-15 19:18 -------- d-----w- c:\program files\Microsoft XNA
2012-02-10 12:23 . 2012-02-11 19:36 -------- d-----w- c:\program files\Heroes of Newerth
2012-02-08 14:20 . 2008-04-14 07:51 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll
2012-02-08 14:20 . 2008-04-14 07:51 21504 ----a-w- c:\windows\system32\hidserv.dll
2012-02-06 17:44 . 2007-06-29 13:47 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys
2012-02-06 17:44 . 2012-02-06 17:44 -------- d-----w- c:\documents and settings\Admin\Local Settings\Data aplikací\Downloaded Installations
2012-02-06 17:41 . 2012-02-06 17:42 -------- d-----w- C:\be07d55c954117db8e2997cf5d9757
2012-02-05 16:43 . 2012-02-05 16:43 -------- d-----w- c:\program files\Bethesda Softworks
2012-02-05 16:03 . 2012-02-05 16:03 -------- d-----w- c:\program files\Pokemon World Online
2012-02-03 09:29 . 2012-02-03 09:29 42392 ----a-w- c:\windows\system32\xfcodec.dll
2012-01-26 18:46 . 2012-01-26 18:46 -------- d-----w- c:\program files\THQ
2012-01-24 17:18 . 2012-01-24 17:18 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Adobe Systems
2012-01-24 17:18 . 2012-01-24 17:18 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-21 15:21 . 2012-02-21 15:21 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-02-21 14:54 . 2011-08-10 09:55 7208 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2012-02-20 20:15 . 2010-12-03 22:26 138160 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2012-02-20 20:15 . 2010-12-03 22:26 271200 ----a-w- c:\windows\system32\PnkBstrB.exe
2012-02-20 20:15 . 2009-07-09 15:28 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-02-20 16:04 . 2010-12-03 22:26 271200 ----a-w- c:\windows\system32\PnkBstrB.ex0
2012-02-20 14:41 . 2011-05-29 07:15 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-18 19:14 . 2010-11-12 16:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-04 08:13 . 2010-09-25 13:10 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2012-01-12 17:20 . 2008-04-14 12:00 1859968 ----a-w- c:\windows\system32\win32k.sys
2012-01-04 00:48 . 2012-01-04 00:48 354176 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2011-12-17 19:42 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2011-12-17 19:42 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-12-17 19:42 . 2008-04-14 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-12-16 12:23 . 2008-04-14 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-11-29 02:28 . 2010-02-21 15:46 126448 ------w- c:\windows\system32\pxinsi64.exe
2011-11-29 02:28 . 2010-02-21 15:46 123888 ------w- c:\windows\system32\pxcpyi64.exe
2011-11-29 02:28 . 2009-06-18 10:59 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2011-11-29 02:28 . 2009-06-18 10:59 133616 ------w- c:\windows\system32\pxafs.dll
2011-11-25 21:57 . 2008-04-14 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2011-04-29 14:29 . 2011-03-29 16:50 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-20_18.12.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-02-21 15:21 . 2012-02-21 15:21 16384 c:\windows\temp\Perflib_Perfdata_4b4.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-11-19 323392]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]
"razer"="c:\program files\Razer\Copperhead\razerhid.exe" [2005-10-08 155648]
"WheelMouse"="c:\program files\A4Tech\Mouse\Amoumain.exe" [2007-02-10 200704]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 98304]
"amd_dc_opt"="c:\program files\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\Admin\Nabídka Start\Programy\Po spuštění\
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2012-2-3 3530136]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" -autorun
"Steam"="c:\program files\Steam\steam.exe" -silent
"ICQ"="c:\program files\ICQ7.5\ICQ.exe" silent loginmode=4
"RGSC"=c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\DsNET Corp\\aTube Catcher 2.0\\yct.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\ICQ7.5\\ICQ.exe"=
"c:\\Program Files\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"c:\\Documents and Settings\\Admin\\Local Settings\\Data aplikací\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\mafia ii\\pc\\Mafia2.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"c:\\Program Files\\THQ\\Dawn of War\\W40k.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\Binaries\\Win32\\BatmanAC.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\batman2\\RunLauncher.bat"=
"c:\\Program Files\\Veetle\\Player\\VeetleNet.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\terraria\\TerrariaServer.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"57104:TCP"= 57104:TCP:Pando Media Booster
"57104:UDP"= 57104:UDP:Pando Media Booster
"58692:TCP"= 58692:TCP:Pando Media Booster
"58692:UDP"= 58692:UDP:Pando Media Booster
"8396:TCP"= 8396:TCP:League of Legends Launcher
"8396:UDP"= 8396:UDP:League of Legends Launcher
"6925:TCP"= 6925:TCP:League of Legends Launcher
"6925:UDP"= 6925:UDP:League of Legends Launcher
"6984:TCP"= 6984:TCP:League of Legends Launcher
"6984:UDP"= 6984:UDP:League of Legends Launcher
"6936:TCP"= 6936:TCP:League of Legends Launcher
"6936:UDP"= 6936:UDP:League of Legends Launcher
"56730:TCP"= 56730:TCP:Pando Media Booster
"56730:UDP"= 56730:UDP:Pando Media Booster
"57294:TCP"= 57294:TCP:Pando Media Booster
"57294:UDP"= 57294:UDP:Pando Media Booster
"56101:TCP"= 56101:TCP:Pando Media Booster
"56101:UDP"= 56101:UDP:Pando Media Booster
"57783:TCP"= 57783:TCP:Pando Media Booster
"57783:UDP"= 57783:UDP:Pando Media Booster
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [21.2.2012 16:21 239168]
R2 LG SCSI Commander;LG SCSI Commander;c:\windows\system32\LGAutorunService.exe [21.11.2009 12:52 139264]
R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [16.11.2009 17:33 50704]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [23.11.2010 17:13 1483072]
R2 VodafoneConnectorService;Vodafone Connector Service;c:\program files\Vodafone\Via The Phone\VodafoneConnectorService.exe [26.1.2009 9:16 233472]
R3 MouseCap;MouseCapture Driver;c:\windows\system32\drivers\MouseCap.sys [8.8.2005 14:44 6640]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [18.6.2009 10:17 38176]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [7.10.2010 12:34 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 DrvAgent32;DrvAgent32;c:\windows\system32\drivers\DrvAgent32.sys [31.7.2011 18:23 23456]
S3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\drivers\ESLvnic.sys [12.3.2011 13:55 24504]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [24.2.2010 11:27 36608]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [11.4.2011 21:05 41272]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [30.7.2009 16:12 47360]
S3 Razerlow;Razer Copperhead Driver;c:\windows\system32\drivers\Razerlow.sys [24.7.2009 18:19 19020]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [24.2.2010 11:27 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [24.2.2010 11:27 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [24.2.2010 11:27 121856]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
FF - ProfilePath - c:\documents and settings\Admin\Data aplikací\Mozilla\Firefox\Profiles\gprnrxxf.default\
FF - prefs.js: browser.startup.homepage - google.cz
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-21 16:21
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-682003330-117609710-1801674531-1004\Software\SecuROM\License information*]
"datasecu"=hex:e6,25,3c,37,60,2e,9f,4c,6d,ef,dc,94,c4,d9,34,37,de,b3,06,55,cb,
37,b6,fa,47,f4,e7,0e,45,64,71,04,60,62,81,af,e7,8f,23,cc,d2,a9,89,f2,2c,c8,\
"rkeysecu"=hex:ea,51,8b,3d,f9,7e,2e,15,6d,6e,c3,6c,67,c5,28,38
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'lsass.exe'(776)
c:\windows\system32\nvLsp.dll
.
- - - - - - - > 'explorer.exe'(2968)
c:\program files\Xfire\xfire_toucan_45177.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\RTHDCPL.EXE
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\windows\System32\PAStiSvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\bin32\nSvcAppFlt.exe
c:\program files\bin32\nSvcIp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Razer\Copperhead\razerofa.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Celkový čas: 2012-02-21 16:24:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-02-21 15:24
ComboFix2.txt 2012-02-20 18:14
.
Před spuštěním: Volných bajtů: 244 115 681 280
Po spuštění: Volných bajtů: 244 020 236 288
.
- - End Of File - - F059255FC6AF4BC48FD3B8FE7558A192


Videa se pořád nenačítají.

[mEEEgy]

A ten BitTorrent DNA nemůžu nikde najít, ani v hledání.

[Žbeky]

Měl by být v c:\Program Files\DNA

Co je ve složce C:\be07d55c954117db8e2997cf5d9757?