Zasekává se program,nereaguje PC,nejde ukončit program Vyřešeno

Vše ostatní o bezpečnosti…

Moderátoři: memphisto, Mods_senior, Security team

Zamčeno
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 19 lis 2010 18:16

Ahoj,nevím co přesně mám s PC,ale dělá mi tyto problémy,co jsem uvedl v titulu.Dokonce se zasekne i program MBAM,takže musím přes správce úloh vypnout ,protože přestane reagovat.Stáhl jsem si jiný Scan "PREVX" a ten mi hlásil infikovaný "MSVCRT.DLL in c:\windows\system32\ Malware component.
Avast a ani MSE nic nehlásil.
Také se mi občas sami zavírají okna př:otevřu dokumenty,pak složku downloads a než se mi načte obsah,vše to spadne a to někdy přitom zmizí celá plocha,zůstane jen tapeta a kursor myši,panely a zástupce jsou pryč,tohle mi dělá i při ukončení programu,takže mi nezbývá nic jiného,než vypnout PC natvrdo.
Jsem v tom ještě kojenec,mám PC 3měsíc.
Nahoru
Reklama
Top
Uživatelský avatar
bledulka
Level 5
Level 5
Příspěvky: 2242
Registrován: srpen 09
Pohlaví: Žena
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod bledulka » 20 lis 2010 23:21

Ahoj,
běž do nouzového režimu - po restartu mačkej F8

Stáhni OTL
http://oldtimer.geekstogo.com/OTL.exe
-do spodního okénka vlož tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

-dej fajfku do čtverečku u řádku Pro všechny uživatele
-nech ostatní položky jak je nastaveno na screenu
- potvrď tlačítko Prohledat.
-provede se sken, log OTL.Txt sem vlož

Obrázek
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 13:04

Ahoj,děkuji za radu,ještě než to udělám,doplním informace,protože se mi konečně podařilo spustit MBAM.Při rychlém skenu nic nenašel,ale při ůplném našel viry a hned po tomto skenu mi vyskočilo okno MSEssential a našel další viry,celkem 5virů.Spustil jsem Avast a nechal otestovat vše a důkladně,výsledek mně velmi znepokojil,protože našel 48 virů a chyb.
Malwarebytes' Anti-Malware 1.46
http://www.malwarebytes.org

Verze databáze: 5143

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20.11.2010 20:41:40
mbam-log-2010-11-20 (20-41-40).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 30347
Úroveň pohotovosti
Uplynulý čas: 2 hodina(y), 17 minuta(y), 28 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 2

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
C:\Program Files\Legie\legie.exe (Rogue.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{1FAE6C7F-47DD-437A-960F-487E85F6A547}\RP80\A0020690.exe (Spyware.Passwords) -> Quarantined and deleted

MSEssential našel toto:
Úroveň pohotovosti
VirTool:Win32/VBInject.gen!BW VirTool: Win32/VBInject.gen BW!
(?) (?)
Worm:Win32/Conficker.B
(?)
Worm:Win32/Fakerecy.A
(?)
Podařilo se mi okopírovat jen vyhodnocení MSEssential.
Nevím jak sem zaslat log Avastu a je vážně dlouhý a nejde kopírovat.
Jinak se stav PC zhoršuje,nejde mi CD-ROM,prostě dlouho pročítá CD,třeba i hodinu a pak hlásí "není disc,zkuste znovu,vložte disc" a tohle mi tam skočí třeba ve 20 oknech.
Předem děkuji za pomoc.
Aspoň mně to nejde,nebo nevím jak.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod jaro3 » 21 lis 2010 16:59

Vlož log z HJT:
viewtopic.php?f=70&t=5119

Odinstaluj předtím jeden antivir , MSE nebo Avast...
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 17:31

OK,mezitím jsem udělal tento log.
OTL logfile created on: 21.11.2010 16:56:08 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Pc\Dokumenty\Stažené soubory
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 68,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 164,52 Gb Free Space | 70,65% Space Free | Partition Type: NTFS
Drive D: | 1,44 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 1,88 Gb Total Space | 0,48 Gb Free Space | 25,66% Space Free | Partition Type: FAT

Computer Name: PC-E44D31AD3906 | User Name: Pc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.21 16:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pc\Dokumenty\Stažené soubory\OTL.exe
PRC - [2010.11.13 21:21:56 | 000,196,944 | ---- | M] (Totem Entertainment) -- C:\Program Files\vghd\VirtuaGirl_Downloader.exe
PRC - [2010.09.15 03:34:02 | 001,094,224 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010.09.07 16:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010.03.25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009.01.14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.10.17 18:04:00 | 007,737,344 | ---- | M] () -- C:\Program Files\ATKOSD2\ATKOSD2.exe
PRC - [2007.07.23 08:05:36 | 000,345,640 | ---- | M] () -- C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
PRC - [2007.07.12 09:25:28 | 000,225,280 | ---- | M] () -- C:\Program Files\ATK Hotkey\HControl.exe
PRC - [2007.07.10 16:33:58 | 000,106,496 | ---- | M] () -- C:\Program Files\ATK Hotkey\WDC.exe
PRC - [2007.07.05 15:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.06.14 15:57:08 | 000,282,624 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
PRC - [2007.05.23 15:56:14 | 002,420,736 | ---- | M] () -- C:\Program Files\ATK Hotkey\ATKOSD.exe
PRC - [2007.05.22 15:57:26 | 002,756,608 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2007.05.18 15:14:14 | 002,170,880 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe
PRC - [2007.04.26 13:53:38 | 000,274,432 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
PRC - [2007.02.27 19:21:08 | 000,278,528 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2007.02.25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2007.01.30 16:47:46 | 000,307,200 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosOBEX.exe
PRC - [2006.11.02 07:27:32 | 000,061,440 | ---- | M] (ASUSTeK Computer INC.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2006.01.23 22:14:10 | 000,069,632 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
========== Modules (SafeList) ==========
MOD - [2010.11.21 16:55:05 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pc\Dokumenty\Stažené soubory\OTL.exe
MOD - [2010.08.23 17:12:33 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010.09.07 16:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010.07.25 16:14:28 | 000,120,152 | ---- | M] (WeFi) [On_Demand | Stopped] -- C:\Program Files\WeFi\WefiEngSvc.exe -- (WefiEngSvc)
SRV - [2010.03.25 20:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2009.01.14 16:53:02 | 000,226,656 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007.12.18 15:34:41 | 000,411,016 | ---- | M] (US Action s.r.o.) [Auto | Stopped] -- C:\WINDOWS\System32\pr2aprwb.exe -- (pr2aprwb) Simon the Sorcerer Drivers Auto Removal (pr2aprwb)
SRV - [2007.02.25 20:55:18 | 000,125,048 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2005.11.14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010.09.27 13:50:44 | 000,083,360 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2010.09.10 02:12:52 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.09.10 02:12:42 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.09.10 02:12:42 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.09.07 15:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010.09.07 15:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010.09.07 15:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010.09.07 15:47:19 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2010.09.07 15:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010.09.07 15:46:51 | 000,028,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2010.07.02 10:08:32 | 000,384,752 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_HDAL_i386.sys -- (SRS_HDAL_Service)
DRV - [2010.05.31 10:31:10 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008.04.14 13:00:00 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.14 13:00:00 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.14 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2008.04.14 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2008.04.14 13:00:00 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007.12.18 15:33:57 | 000,065,160 | ---- | M] (US Action s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pe3aprwb.sys -- (pe3aprwb) Simon the Sorcerer Environment Driver (pe3aprwb)
DRV - [2007.12.18 15:33:04 | 000,068,752 | ---- | M] (US Action s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ps7aprwb.sys -- (ps7aprwb) Simon the Sorcerer Synchronization Driver (ps7aprwb)
DRV - [2007.12.13 10:21:56 | 000,547,904 | R--- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ar5211.sys -- (AR5211)
DRV - [2007.08.21 15:50:54 | 000,030,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\l251x86.sys -- (AtcL002)
DRV - [2007.06.17 11:29:52 | 000,003,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys -- (Aken)
DRV - [2007.06.11 13:25:28 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (tosrfusb)
DRV - [2007.05.25 09:15:16 | 001,743,232 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2007.05.24 13:27:30 | 000,064,000 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007.04.24 12:20:06 | 000,113,920 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2007.03.01 15:53:10 | 000,073,728 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2007.02.02 14:03:24 | 001,975,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.01.22 09:43:26 | 000,053,376 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2006.11.22 16:35:00 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.20 16:55:16 | 000,036,480 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2006.11.03 08:32:30 | 004,394,496 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006.10.10 18:33:00 | 000,041,600 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2006.06.09 23:07:28 | 000,027,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2005.02.17 22:07:48 | 000,005,632 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005.01.06 12:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2002.07.17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
IE - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.21 16:44:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.21 16:44:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.10.31 23:24:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
[2010.10.31 23:24:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions
[2010.10.31 23:24:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.11.21 12:26:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions
[2010.11.19 22:25:22 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.11.19 22:25:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.19 22:25:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.11.19 22:25:22 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.19 22:25:17 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.11.19 22:25:18 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2010.11.19 22:55:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\info@djzig.com
[2010.11.19 14:59:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions
[2010.11.08 21:12:51 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.10.20 11:47:26 | 000,000,000 | ---D | M] (Reader) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{20068ab2-1901-4140-9f3c-81207d4dacc4}
[2010.10.14 23:39:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.10.20 17:57:28 | 000,000,000 | ---D | M] (Oskar) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{5b175400-2368-11de-8c30-0800200c9a66}
[2010.10.15 13:00:41 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.10.20 11:03:59 | 000,000,000 | ---D | M] (Toggle Web Developer Toolbar) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}
[2010.11.05 17:49:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.11.17 20:59:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{d9284e50-81fc-11da-a72b-0800200c9a66}
[2010.11.14 15:57:25 | 000,000,000 | ---D | M] (Theme Font Size Changer) -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}
[2010.10.15 00:43:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010.10.29 11:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\personas@christopher.beard
[2010.10.14 23:39:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\on5a1n3t.default\extensions\quickstores@quickstores.de
[2010.11.21 12:26:20 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.14 15:51:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.11.19 21:37:41 | 000,000,000 | ---D | M] (Seznam lištička) -- C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.09.15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2006.08.09 11:16:08 | 000,030,408 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npWebLaunch.dll
[2009.09.21 11:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.04.13 20:24:08 | 000,002,046 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\firmycz.xml
[2010.04.13 20:24:30 | 000,002,041 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mapycz.xml
[2010.04.13 20:24:42 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.13 20:24:54 | 000,002,207 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\zbocz.xml
O1 HOSTS File: ([2008.04.14 13:00:00 | 000,000,737 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Lištička) - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Program Files\Seznam.cz\listicka.dll ()
O3 - HKLM\..\Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Nástroje Lištičky) - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [ATKHOTKEY] C:\Program Files\ATK Hotkey\Hcontrol.exe ()
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUSTeK Computer INC.)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ATKOSD2\ATKOSD2.exe ()
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DeskMateAutoUpdate] C:\Program Files\DeskMates\DeskMateAutoUpdate.exe (Oska Educational Systems Pty Limited)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe ()
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [] File not found
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe ()
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [ICQ] C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [NexonEULauncher] File not found
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [Seznam Postak] C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe ()
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Bluetooth Manager.lnk = C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
O4 - Startup: C:\Documents and Settings\Pc\Nabídka Start\Programy\Po spuštění\DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe (Totem Entertainment)
O4 - Startup: C:\Documents and Settings\Pc\Nabídka Start\Programy\Po spuštění\YoWindow.lnk = C:\Program Files\YoWindow\yowindow.exe (Repkasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-329068152-1326574676-1417001333-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Stáhnout Free Download Managerem - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: WikiKomentáře Google... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra 'Tools' menuitem : Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Program Files\Seznam.cz\listicka.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Crawler Screensaver - {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - C:\Program Files\Crawler\SSaver\CSSaver.exe (Crawler.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.07 12:38:46 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\WINDOWS\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3fhg - C:\WINDOWS\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (http://www.helixcommunity.org)
Drivers32: wave4 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (56027131116781568)
========== Files/Folders - Created Within 30 Days ==========
[2010.11.20 17:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\MBAM
[2010.11.19 14:57:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\PC-Help
[2010.11.19 01:02:40 | 000,000,000 | ---D | C] -- C:\Program Files\Steam
[2010.11.18 17:03:05 | 000,000,000 | ---D | C] -- C:\Program Files\Lost stones chronicles - kingdom realms freeware
[2010.11.18 00:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\0ad
[2010.11.18 00:04:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\0 A.D. alpha
[2010.11.17 23:13:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\DoctorWeb
[2010.11.17 22:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\Malwarebytes
[2010.11.17 22:02:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.11.17 22:02:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2010.11.17 22:02:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.11.17 22:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.17 20:37:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\PrevxCSI
[2010.11.17 20:23:19 | 000,000,000 | ---D | C] -- C:\Program Files\Privateer
[2010.11.16 12:34:01 | 000,232,448 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\mp3fhg.acm
[2010.11.16 12:34:00 | 000,217,088 | ---- | C] (http://www.helixcommunity.org) -- C:\WINDOWS\System32\yv12vfw.dll
[2010.11.16 12:34:00 | 000,151,552 | ---- | C] (fccHandler) -- C:\WINDOWS\System32\ac3acm.acm
[2010.11.16 12:33:51 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack
[2010.11.16 10:41:54 | 000,000,000 | ---D | C] -- C:\temp
[2010.11.16 10:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\Virtual Sex With Jenna Jameson.part11
[2010.11.16 10:05:43 | 000,000,000 | ---D | C] -- C:\~QTWTMP.TMP
[2010.11.16 09:54:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\NeoAxis Engine Non-Commercial SDK
[2010.11.16 09:50:34 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pc\Recent
[2010.11.16 07:34:09 | 000,000,000 | ---D | C] -- C:\Program Files\VirtualFem
[2010.11.16 07:25:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\VirtualFem-v.2.4.6
[2010.11.15 00:51:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Adobe
[2010.11.15 00:49:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PIF
[2010.11.14 17:13:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\Pamela Call Recordings
[2010.11.14 15:58:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\Microsoft_Corporation
[2010.11.14 15:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\OpenCandy
[2010.11.14 15:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\OpenCandy
[2010.11.14 15:57:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\winrm
[2010.11.14 15:56:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2010.11.14 15:51:15 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2010.11.14 11:13:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.11.14 11:13:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010.11.14 11:13:15 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.11.14 11:13:15 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.11.14 11:13:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.11.14 11:13:15 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.11.14 02:18:12 | 000,000,000 | ---D | C] -- C:\Program Files\MediaInfo
[2010.11.14 01:10:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\WindowsPowerShell
[2010.11.14 01:10:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010.11.14 01:10:46 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$968930Uinstall_KB968930$
[2010.11.13 19:02:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\DeskMateUltra
[2010.11.12 20:38:24 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplva6.dll
[2010.11.12 20:38:24 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvw7.dll
[2010.11.12 20:38:24 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvm6.dll
[2010.11.12 20:38:24 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplvpx.dll
[2010.11.12 20:38:24 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplapx.dll
[2010.11.12 20:38:24 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplam6.dll
[2010.11.12 20:38:23 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaw7.dll
[2010.11.12 20:38:23 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\WINDOWS\System32\mplaa6.dll
[2010.11.12 20:19:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\software
[2010.11.12 14:44:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\FFOutput
[2010.11.11 22:30:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\Media Player Classic
[2010.11.10 10:41:40 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.11.09 21:46:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\WMTools Downloaded Files
[2010.11.09 20:46:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Fonty
[2010.11.09 20:46:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Audio
[2010.11.09 19:35:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Symantec
[2010.11.09 19:35:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Norton
[2010.11.09 19:35:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\NortonInstaller
[2010.11.09 16:04:20 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2010.11.09 15:22:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DVDVideoSoftTB
[2010.11.07 17:38:13 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
[2010.11.07 13:21:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Adobe
[2010.11.05 21:55:56 | 000,018,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.11.05 17:50:35 | 000,000,000 | ---D | C] -- C:\AgreeOutput
[2010.11.05 17:46:56 | 000,000,000 | ---D | C] -- C:\Program Files\Agree Free MP3 to M4A AAC Converter
[2010.11.05 16:55:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\FreeCDRipper
[2010.11.05 16:52:03 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCT232.OCX
[2010.11.05 16:51:56 | 001,986,560 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudFile.dll
[2010.11.05 16:51:56 | 001,212,416 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioInfos.dll
[2010.11.05 16:51:56 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioVisu.dll
[2010.11.05 16:51:56 | 000,458,752 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudPlayer.dll
[2010.11.05 16:51:56 | 000,454,656 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudioRecord.dll
[2010.11.05 16:51:56 | 000,417,792 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDisplay.dll
[2010.11.05 16:51:56 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\WMAFile.dll
[2010.11.05 16:51:55 | 002,084,864 | ---- | C] (NCT Company Ltd.) -- C:\WINDOWS\System32\AudDesign.dll
[2010.11.05 16:51:55 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010.11.05 16:51:55 | 000,224,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTL32.OCX
[2010.11.05 16:51:55 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMDLG32.OCX
[2010.11.05 16:51:55 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCFR.DLL
[2010.11.05 16:51:55 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6FR.DLL
[2010.11.05 16:51:55 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msinet.OCX
[2010.11.05 16:51:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6STKIT.DLL
[2010.11.05 16:51:55 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\Mscc2fr.dll
[2010.11.05 16:51:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CMDLGFR.DLL
[2010.11.05 16:51:55 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\TABCTFR.DLL
[2010.11.05 16:51:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\inetfr.DLL
[2010.11.05 16:51:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\FreeAudioPack
[2010.11.05 15:34:34 | 000,022,528 | ---- | C] (Jukka Poikolainen Software) -- C:\WINDOWS\System32\WNASPI32.DLL
[2010.11.05 15:34:34 | 000,016,512 | ---- | C] (Adaptec) -- C:\WINDOWS\System32\drivers\ASPI32.SYS
[2010.11.05 15:34:33 | 000,042,880 | ---- | C] (Eugene V. Muzychenko) -- C:\WINDOWS\System32\drivers\vacs2xkd.sys
[2010.11.05 15:25:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Uniblue
[2010.11.02 16:46:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\hudba-CD
[2010.11.02 08:53:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\ProjectIgnis
[2010.11.01 09:09:48 | 000,000,000 | ---D | C] -- C:\Program Files\Nerlaska
[2010.10.31 23:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\Thunderbird
[2010.10.31 23:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Data aplikací\Thunderbird
[2010.10.31 23:24:14 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.10.30 22:49:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\Stažené soubory
[2010.10.30 18:47:13 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\windows media
[2010.10.30 18:47:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\RegisteredPackages
[2010.10.28 08:26:56 | 000,000,000 | ---D | C] -- C:\Program Files\Penumbra
[2010.10.27 18:29:39 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2010.10.27 17:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\Dead City
[2010.10.26 09:45:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\GameOver
[2010.10.26 09:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Centauri
[2010.10.25 09:55:27 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games
[2010.10.25 09:38:45 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2010.10.25 09:38:45 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2010.10.25 09:38:44 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2010.10.25 09:38:43 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2010.10.25 09:37:53 | 000,000,000 | ---D | C] -- C:\Program Files\Privates
[2010.10.22 19:01:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pc\Dokumenty\Warzone 2100 2.3
[2010.10.22 18:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\Warzone 2100
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.11.21 17:00:48 | 000,000,460 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{93131EC4-D85E-4024-BF00-A9B5F7103EF3}.job
[2010.11.21 16:47:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.21 16:47:00 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.21 15:59:59 | 000,000,005 | ---- | M] () -- C:\WINDOWS\treeskp.sys
[2010.11.21 15:59:59 | 000,000,005 | ---- | M] () -- C:\WINDOWS\sbacknt.bin
[2010.11.21 15:46:36 | 000,000,408 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010.11.21 15:43:25 | 000,000,302 | ---- | M] () -- C:\WINDOWS\tasks\WefiStartup.job
[2010.11.21 15:42:50 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\FileCure Startup.job
[2010.11.21 15:41:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.11.21 13:36:41 | 1878,249,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.20 17:25:45 | 001,371,825 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\mbam.rar
[2010.11.20 15:36:31 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\cyberlink_hklm.reg
[2010.11.20 15:36:31 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\vsfilter.reg
[2010.11.20 15:36:31 | 000,000,588 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\haali_splitter.reg
[2010.11.20 15:36:31 | 000,000,246 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\cyberlink.reg
[2010.11.20 15:36:30 | 000,003,400 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\mplayerc.reg
[2010.11.20 15:36:30 | 000,002,842 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\ffdshow_video.reg
[2010.11.20 15:36:30 | 000,002,310 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\ffdshow_audio.reg
[2010.11.20 15:36:30 | 000,000,518 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\xvid.reg
[2010.11.20 15:36:30 | 000,000,424 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\mplayerc_audio.reg
[2010.11.20 15:36:30 | 000,000,188 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\haali_renderer.reg
[2010.11.20 15:28:17 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.11.20 15:12:40 | 000,001,778 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\MechCommander 2.lnk
[2010.11.20 14:12:16 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\System32\wrap_oal.dll
[2010.11.20 14:12:14 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\System32\OpenAL32.dll
[2010.11.19 21:37:46 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Firefox.lnk
[2010.11.19 08:28:17 | 000,000,213 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Alien Swarm.url
[2010.11.19 02:16:00 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\FileCure Default.job
[2010.11.19 01:57:51 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Steam.lnk
[2010.11.18 17:03:27 | 000,001,029 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Lost stones chronicles - kingdom realms freeware.lnk
[2010.11.18 14:35:35 | 000,034,601 | ---- | M] () -- C:\Program Files\user.dmp
[2010.11.17 22:38:38 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.11.17 22:02:26 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.17 20:37:45 | 000,000,045 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2010.11.16 15:13:19 | 000,090,624 | ---- | M] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.16 12:34:14 | 000,000,928 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Media Player Classic.lnk
[2010.11.16 10:05:41 | 000,000,060 | ---- | M] () -- C:\WINDOWS\RESULT.QTW
[2010.11.16 10:05:02 | 000,000,190 | ---- | M] () -- C:\WINDOWS\QTW.INI
[2010.11.16 09:53:41 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Demo.lnk
[2010.11.14 16:17:33 | 000,441,018 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.11.14 16:17:33 | 000,437,574 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.11.14 16:17:33 | 000,082,840 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.11.14 16:17:33 | 000,071,336 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.11.14 15:30:04 | 000,000,390 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.11.13 18:19:45 | 000,152,904 | ---- | M] () -- C:\WINDOWS\System32\vghd.scr
[2010.11.12 20:24:16 | 000,002,553 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.11.11 22:44:17 | 000,001,031 | ---- | M] () -- C:\WINDOWS\_ISENV31.INI
[2010.11.11 22:44:16 | 000,000,545 | ---- | M] () -- C:\WINDOWS\_iserr31.ini
[2010.11.11 22:23:03 | 000,001,622 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\gspot.reg
[2010.11.11 22:23:03 | 000,001,536 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\vp6_vp7.reg
[2010.11.11 22:23:03 | 000,001,132 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\divx.reg
[2010.11.11 22:23:03 | 000,000,468 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\vp6.reg
[2010.11.11 22:20:59 | 000,000,636 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\ac3filter.reg
[2010.11.09 21:47:15 | 000,000,698 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - moviemk.lnk
[2010.11.09 15:31:23 | 000,000,098 | ---- | M] () -- C:\WINDOWS\WirelessFTP.INI
[2010.11.08 23:49:10 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - CCleaner.lnk
[2010.11.06 22:06:34 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.11.06 22:06:34 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.11.06 05:48:58 | 000,001,815 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2010.11.05 18:27:41 | 000,000,220 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\coreaac.reg
[2010.11.05 17:47:08 | 000,000,034 | -H-- | M] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2010.11.02 08:56:25 | 000,000,640 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - Ignis.lnk
[2010.10.31 23:24:21 | 000,001,670 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Thunderbird.lnk
[2010.10.30 22:41:35 | 000,016,760 | ---- | M] () -- C:\Documents and Settings\Pc\Dokumenty\MKANERA.wme
[2010.10.30 18:30:35 | 000,000,172 | ---- | M] () -- C:\WINDOWS\RtlRack.ini
[2010.10.30 18:22:22 | 000,000,084 | ---- | M] () -- C:\WINDOWS\avrack.ini
[2010.10.30 14:39:14 | 000,001,837 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Helicopter Game.lnk
[2010.10.28 08:27:47 | 000,001,657 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Penumbra.lnk
[2010.10.27 23:09:01 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - simutrans.lnk
[2010.10.27 19:09:19 | 000,137,256 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.10.27 17:47:23 | 000,000,798 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - zdoom.lnk
[2010.10.27 17:28:07 | 000,000,691 | ---- | M] () -- C:\Documents and Settings\Pc\Plocha\Mrtvé město.lnk
[2010.10.22 18:57:04 | 000,000,727 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Warzone 2100.lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.11.20 17:25:43 | 001,371,825 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\mbam.rar
[2010.11.20 15:12:40 | 000,001,778 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\MechCommander 2.lnk
[2010.11.19 08:28:16 | 000,000,213 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Alien Swarm.url
[2010.11.19 01:02:41 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Steam.lnk
[2010.11.18 17:03:27 | 000,001,029 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Lost stones chronicles - kingdom realms freeware.lnk
[2010.11.17 22:38:38 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Adobe Reader 9.lnk
[2010.11.17 22:02:26 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes' Anti-Malware.lnk
[2010.11.17 20:37:45 | 000,000,045 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010.11.16 12:34:14 | 000,000,928 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Media Player Classic.lnk
[2010.11.16 12:34:09 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2010.11.16 12:34:00 | 000,790,528 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010.11.16 12:33:59 | 000,134,144 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2010.11.16 12:33:59 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010.11.16 12:11:26 | 000,003,400 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\mplayerc.reg
[2010.11.16 12:11:26 | 000,000,424 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\mplayerc_audio.reg
[2010.11.16 09:53:41 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Demo.lnk
[2010.11.12 20:40:02 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\vp6dec_settings.cpl
[2010.11.12 20:38:24 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2010.11.12 20:38:21 | 000,165,376 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2010.11.12 20:38:10 | 000,417,792 | ---- | C] () -- C:\WINDOWS\System32\ac3filter.cpl
[2010.11.11 22:44:17 | 000,001,031 | ---- | C] () -- C:\WINDOWS\_ISENV31.INI
[2010.11.11 22:44:16 | 000,000,545 | ---- | C] () -- C:\WINDOWS\_iserr31.ini
[2010.11.09 21:47:15 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - moviemk.lnk
[2010.11.07 17:38:30 | 000,024,576 | ---- | C] () -- C:\WINDOWS\3D Marine & Tropical Aquarium Screensaver.scr
[2010.11.05 19:52:07 | 000,034,601 | ---- | C] () -- C:\Program Files\user.dmp
[2010.11.05 18:27:41 | 000,002,842 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\ffdshow_video.reg
[2010.11.05 18:27:41 | 000,002,310 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\ffdshow_audio.reg
[2010.11.05 18:27:41 | 000,001,622 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\gspot.reg
[2010.11.05 18:27:41 | 000,001,536 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\vp6_vp7.reg
[2010.11.05 18:27:41 | 000,001,132 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\divx.reg
[2010.11.05 18:27:41 | 000,000,682 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\cyberlink_hklm.reg
[2010.11.05 18:27:41 | 000,000,636 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\ac3filter.reg
[2010.11.05 18:27:41 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\vsfilter.reg
[2010.11.05 18:27:41 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\haali_splitter.reg
[2010.11.05 18:27:41 | 000,000,518 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\xvid.reg
[2010.11.05 18:27:41 | 000,000,468 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\vp6.reg
[2010.11.05 18:27:41 | 000,000,246 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\cyberlink.reg
[2010.11.05 18:27:41 | 000,000,220 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\coreaac.reg
[2010.11.05 18:27:41 | 000,000,188 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\haali_renderer.reg
[2010.11.05 17:47:08 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2010.11.05 16:51:56 | 000,116,296 | ---- | C] () -- C:\WINDOWS\System32\NCTWMAProfiles.prx
[2010.11.02 08:56:25 | 000,000,640 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - Ignis.lnk
[2010.10.31 23:24:21 | 000,001,670 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Mozilla Thunderbird.lnk
[2010.10.30 22:41:35 | 000,016,760 | ---- | C] () -- C:\Documents and Settings\Pc\Dokumenty\MKANERA.wme
[2010.10.30 18:30:35 | 000,000,172 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2010.10.30 18:22:22 | 000,000,084 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2010.10.30 14:39:14 | 000,001,837 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Helicopter Game.lnk
[2010.10.28 08:27:47 | 000,001,657 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Penumbra.lnk
[2010.10.27 23:09:01 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - simutrans.lnk
[2010.10.27 17:47:22 | 000,000,798 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Zástupce - zdoom.lnk
[2010.10.27 17:28:07 | 000,000,691 | ---- | C] () -- C:\Documents and Settings\Pc\Plocha\Mrtvé město.lnk
[2010.10.22 18:57:04 | 000,000,727 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Warzone 2100.lnk
[2010.10.10 22:53:09 | 000,000,008 | ---- | C] () -- C:\WINDOWS\winsdold.ini
[2010.10.05 00:34:32 | 000,000,044 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\.zreglib
[2010.10.04 20:13:14 | 000,000,190 | ---- | C] () -- C:\WINDOWS\QTW.INI
[2010.10.04 10:47:46 | 000,306,666 | ---- | C] () -- C:\Program Files\_INST32I.EX_
[2010.10.04 10:47:46 | 000,276,270 | ---- | C] () -- C:\Program Files\_INST16.EX_
[2010.10.03 14:30:01 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\prospeed_bmp2jpg.dll
[2010.10.01 11:38:36 | 000,000,098 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2010.09.25 13:39:09 | 000,000,005 | ---- | C] () -- C:\WINDOWS\treeskp.sys
[2010.09.20 22:59:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2010.09.18 19:35:30 | 000,081,963 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\FASTWiz.log
[2010.09.11 15:25:31 | 000,384,752 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_HDAL_i386.sys
[2010.09.11 01:52:38 | 000,001,759 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2010.09.10 14:09:56 | 000,000,122 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\fusioncache.dat
[2010.09.10 13:55:58 | 000,090,624 | ---- | C] () -- C:\Documents and Settings\Pc\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.09 18:51:16 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010.09.07 15:08:32 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2010.09.07 14:28:24 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008.04.14 13:00:00 | 000,013,576 | ---- | C] () -- C:\WINDOWS\System32\syscorecfg256.dll
[2007.08.24 10:46:48 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2007.07.23 08:03:32 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2007.07.23 08:03:30 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2007.05.25 09:15:16 | 001,743,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2007.05.09 14:16:40 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2006.12.05 12:05:04 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2003.07.23 10:25:02 | 000,051,200 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010205PNG.dll
[2003.07.23 10:24:46 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX010104Z.dll
[2003.07.23 10:24:34 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\ThriXXX015003JP2.dll
[2002.10.05 01:04:26 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2002.10.05 01:04:18 | 000,021,504 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 17:33

========== Custom Scans ==========
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"" =
"Skype" = "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized -- [2010.09.02 14:15:04 | 013,351,304 | R--- | M] (Skype Technologies S.A.)
"Free Download Manager" = C:\Program Files\Free Download Manager\fdm.exe -autorun -- [2010.04.28 23:28:18 | 003,727,411 | ---- | M] (FreeDownloadManager.ORG)
"NexonEULauncher" =
"Seznam Postak" = "C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s -- [2010.10.07 14:55:06 | 000,488,728 | ---- | M] ()
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" -- [2010.10.05 17:36:15 | 000,039,408 | ---- | M] (Google Inc.)
"AGEIA PhysX SysTray" = C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe -- [2007.07.23 08:05:36 | 000,345,640 | ---- | M] ()
"MSMSGS" = "C:\Program Files\Messenger\msmsgs.exe" /background -- [2008.04.14 07:52:38 | 001,695,232 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 -- [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.)
"ctfmon.exe" = C:\WINDOWS\system32\ctfmon.exe -- [2008.04.14 13:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation)
"Steam" = "C:\Program Files\Steam\Steam.exe" -silent -- [2010.11.19 01:05:39 | 001,242,448 | ---- | M] (Valve Corporation)
< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]
< MD5 for: AGP440.SYS >
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\Driver Cache\i386\agp440.sys
< MD5 for: ATAPI.SYS >
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\Driver Cache\i386\atapi.sys
[2008.04.14 13:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2008.04.14 13:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=2EE99F67C930931EB404DADCE57E976E -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\explorer.exe
[2008.04.14 13:00:00 | 001,034,240 | ---- | M] (Microsoft Corporation) MD5=27AFD587C462E280EE046B8CCA3C2CD1 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2008.04.14 13:00:00 | 000,134,400 | ---- | M] (Microsoft Corporation) MD5=4329EE7D502C9113EBA0F9570392F5EE -- C:\WINDOWS\system32\hal.dll
[2008.04.14 00:01:34 | 000,105,344 | ---- | M] (Microsoft Corporation) MD5=6DB1E72AD3B372DFC451B7F54BA08AA7 -- C:\WINDOWS\Driver Cache\i386\hal.dll
< MD5 for: LSASS.EXE >
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=ED0A176354487CEED65B80A7148AB739 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\dllcache\ndis.sys
[2008.04.14 13:00:00 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008.04.14 13:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=C2ED0E3408F50BBC149D4F0936E67832 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2008.04.14 13:00:00 | 000,185,856 | ---- | M] (Microsoft Corporation) MD5=830CE8951C71F361D7D2F38416CC8BC1 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008.04.14 13:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=9B08A8C6331C2DA9C30377BCB4262721 -- C:\WINDOWS\system32\smss.exe
< MD5 for: SVCHOST.EXE >
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\dllcache\svchost.exe
[2008.04.14 13:00:00 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=BE4A520E29B6391F49E79CCC52044D93 -- C:\WINDOWS\system32\svchost.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008.04.14 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=7DC1830F22E7D275B438127B68030239 -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2008.04.14 13:00:00 | 000,507,904 | ---- | M] (Microsoft Corporation) MD5=CDDB1F8E1AEA356F3AD106F2CF9B7FEA -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2_32.DLL >
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2008.04.14 13:00:00 | 000,082,432 | ---- | M] (Microsoft Corporation) MD5=951D473917C51F21496D914CF6E5DDD1 -- C:\WINDOWS\system32\ws2_32.dll
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[3 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
No captured output from command...
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\snuninst.exe:SummaryInformation
@Alternate Data Stream - 229 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:8FF81EB0
@Alternate Data Stream - 134 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:D3A8AA31
@Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:DE875C30
< End of report >
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 17:38

A teď udělám ten log z HJT.Jinak jsem ještě udělal test s Avastem po restartu,viry už žádné nehlásil,zato spousty poškozených souborů.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod jaro3 » 21 lis 2010 18:04

Právě bych potřeboval na to Combofix.. , na OTL dojde až potom.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 18:14

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:05, on 21.11.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ATK Hotkey\Hcontrol.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ATKOSD2\ATKOSD2.exe
C:\Program Files\ATK Hotkey\ATKOSD.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\ATK Hotkey\WDC.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\vghd\VirtuaGirl_Downloader.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=66019
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Ukazatel S-Rank - {EA837F48-5AD1-443E-AE34-FFE03CBF3099} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files\Seznam.cz\toolbar\toolbar.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Wireless Console 2] "C:\Program Files\Wireless Console 2\wcourier.exe"
O4 - HKLM\..\Run: [ATKHOTKEY] "C:\Program Files\ATK Hotkey\Hcontrol.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [DeskMateAutoUpdate] C:\Program Files\DeskMates\DeskMateAutoUpdate.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe" -s
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\bin\TrayIcon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: DesktopVideoPlayer.LNK = C:\Program Files\vghd\vghd.exe
O4 - Startup: YoWindow.lnk = C:\Program Files\YoWindow\yowindow.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Crawler Screensaver - {CDAFD956-97BE-443D-8EF7-F4F094EB5766} - C:\Program Files\Crawler\SSaver\CSSaver.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Nastavení Lištičky ... - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra button: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O9 - Extra 'Tools' menuitem: Zvýrazňovač slov Lištičky - {4E6D6F90-31CA-4878-A7A3-1CD50F115A69} - C:\Documents and Settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Simon the Sorcerer Drivers Auto Removal (pr2aprwb) (pr2aprwb) - US Action s.r.o. - C:\WINDOWS\system32\pr2aprwb.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: WeFi Engine Service (WefiEngSvc) - WeFi - C:\Program Files\WeFi\WefiEngSvc.exe

--
End of file - 12284 bytes
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 18:16

Tak a je to,teď čekám na další instrukce.
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 18:21

Jéé,já to přehlédl,jdu na to ComboFix
Nahoru
Uživatelský avatar
kocour34
Level 2
Level 2
Příspěvky: 154
Registrován: listopad 10
Pohlaví: Muž
Stav:
Offline

Re: Zasekává se program,nereaguje PC,nejde ukončit program

Příspěvekod kocour34 » 21 lis 2010 19:02

ComboFix 10-11-20.07 - Pc 21.11.2010 18:48:07.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.1791.1312 [GMT 1:00]
Spuštěný z: c:\documents and settings\Pc\Dokumenty\Stažené soubory\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Pc\Data aplikací\Desktopicon
c:\documents and settings\Pc\Data aplikací\PriceGong
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\1.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\a.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\b.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\c.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\d.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\e.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\f.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\g.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\h.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\i.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\J.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\k.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\l.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\m.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\mru.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\n.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\o.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\p.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\q.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\r.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\s.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\t.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\u.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\v.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\w.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\x.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\y.xml
c:\documents and settings\Pc\Data aplikací\PriceGong\Data\z.xml

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-10-21 do 2010-11-21 )))))))))))))))))))))))))))))))
.

2010-11-21 16:56 . 2010-11-21 16:56 388096 ----a-r- c:\documents and settings\Pc\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-11-21 16:56 . 2010-11-21 16:56 -------- d-----w- c:\program files\Trend Micro
2010-11-19 00:02 . 2010-11-21 17:10 -------- d-----w- c:\program files\Steam
2010-11-18 16:03 . 2010-11-18 16:04 -------- d-----w- c:\program files\Lost stones chronicles - kingdom realms freeware
2010-11-17 23:06 . 2010-11-17 23:06 -------- d-----w- c:\documents and settings\Pc\Data aplikací\0ad
2010-11-17 23:04 . 2010-11-17 23:06 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha
2010-11-17 22:13 . 2010-11-17 22:13 -------- d-----w- c:\documents and settings\Pc\DoctorWeb
2010-11-17 21:03 . 2010-11-17 21:03 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Malwarebytes
2010-11-17 21:02 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-17 21:02 . 2010-11-17 21:02 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2010-11-17 21:02 . 2010-11-17 21:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-17 21:02 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-17 19:37 . 2010-11-20 16:22 -------- d-----w- c:\documents and settings\All Users\Data aplikací\PrevxCSI
2010-11-17 19:23 . 2010-11-18 13:36 -------- d-----w- c:\program files\Privateer
2010-11-16 11:34 . 2006-10-18 18:05 232448 ----a-w- c:\windows\system32\mp3fhg.acm
2010-11-16 11:34 . 2010-06-08 16:10 790528 ----a-w- c:\windows\system32\xvidcore.dll
2010-11-16 11:34 . 2010-01-17 15:18 151552 ----a-w- c:\windows\system32\ac3acm.acm
2010-11-16 11:34 . 2004-01-25 16:18 217088 ----a-w- c:\windows\system32\yv12vfw.dll
2010-11-16 11:33 . 2010-10-18 08:00 108032 ----a-w- c:\windows\system32\ff_vfw.dll
2010-11-16 11:33 . 2010-06-08 16:10 134144 ----a-w- c:\windows\system32\xvidvfw.dll
2010-11-16 11:33 . 2010-11-16 11:34 -------- d-----w- c:\program files\K-Lite Codec Pack
2010-11-16 09:41 . 2010-11-16 09:41 -------- d-----w- C:\temp
2010-11-16 09:05 . 2010-11-16 09:05 -------- d-----w- C:\~QTWTMP.TMP
2010-11-16 06:34 . 2010-11-16 19:27 -------- d-----w- c:\program files\VirtualFem
2010-11-14 23:51 . 2010-11-14 23:51 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2010-11-14 23:51 . 2010-11-14 23:51 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Data aplikací\Adobe
2010-11-14 23:49 . 2010-11-14 23:49 -------- d--h--w- c:\windows\PIF
2010-11-14 21:04 . 2010-11-14 21:04 -------- d-----w- c:\documents and settings\LocalService\Plocha
2010-11-14 14:58 . 2010-11-14 14:58 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\Microsoft_Corporation
2010-11-14 14:58 . 2010-11-14 14:58 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\OpenCandy
2010-11-14 14:58 . 2010-11-14 14:58 -------- d-----w- c:\documents and settings\Pc\Data aplikací\OpenCandy
2010-11-14 14:57 . 2010-11-14 14:57 -------- d-----w- c:\windows\system32\winrm
2010-11-14 14:56 . 2010-11-14 14:56 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-11-14 10:13 . 2010-11-14 10:13 -------- d-----w- c:\program files\Common Files\Java
2010-11-14 10:13 . 2010-09-15 03:50 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
2010-11-14 10:13 . 2010-09-15 03:50 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-14 01:18 . 2010-11-14 14:51 -------- d-----w- c:\program files\MediaInfo
2010-11-14 00:10 . 2010-11-14 00:10 -------- d-----w- c:\windows\system32\GroupPolicy
2010-11-14 00:10 . 2010-11-14 14:51 -------- dc-h--w- c:\windows\$968930Uinstall_KB968930$
2010-11-12 19:40 . 2004-02-17 09:11 53248 ----a-w- c:\windows\system32\vp6dec_settings.cpl
2010-11-12 19:38 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplapx.dll
2010-11-12 19:38 . 2001-10-31 09:14 65536 ----a-w- c:\windows\system32\mplam6.dll
2010-11-12 19:38 . 2001-10-31 09:14 1650688 ----a-w- c:\windows\system32\mplva6.dll
2010-11-12 19:38 . 2001-10-31 09:14 1581056 ----a-w- c:\windows\system32\mplvw7.dll
2010-11-12 19:38 . 2001-10-31 09:14 1552384 ----a-w- c:\windows\system32\mplvm6.dll
2010-11-12 19:38 . 2001-10-31 09:14 1122304 ----a-w- c:\windows\system32\mplvpx.dll
2010-11-12 19:38 . 2001-09-17 11:20 19968 ----a-w- c:\windows\system32\cpuinf32.dll
2010-11-12 19:38 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaw7.dll
2010-11-12 19:38 . 2001-10-31 09:14 77824 ----a-w- c:\windows\system32\mplaa6.dll
2010-11-12 19:38 . 2010-03-15 09:31 165376 ----a-w- c:\windows\system32\unrar.dll
2010-11-12 19:38 . 2004-05-25 15:06 417792 ----a-w- c:\windows\system32\ac3filter.cpl
2010-11-11 21:30 . 2010-11-11 21:30 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Media Player Classic
2010-11-10 09:41 . 2010-09-15 01:29 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-09 20:46 . 2010-11-09 20:46 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\WMTools Downloaded Files
2010-11-09 19:46 . 2004-02-11 18:40 -------- d-----w- c:\documents and settings\Pc\Fonty
2010-11-09 19:46 . 2004-02-11 18:40 -------- d-----w- c:\documents and settings\Pc\Audio
2010-11-09 18:35 . 2010-11-14 14:56 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Norton
2010-11-09 18:35 . 2010-11-09 18:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Symantec
2010-11-09 15:04 . 2010-11-09 15:04 -------- d-----w- c:\windows\system32\Adobe
2010-11-09 14:22 . 2010-11-09 14:22 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\DVDVideoSoftTB
2010-11-07 16:38 . 2005-07-20 13:23 24576 ----a-w- c:\windows\3D Marine & Tropical Aquarium Screensaver.scr
2010-11-07 16:38 . 2010-11-07 16:38 -------- d-----w- c:\program files\Crawler
2010-11-07 12:21 . 2010-11-07 12:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\Adobe
2010-11-07 12:17 . 2010-11-07 12:17 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 10:37 . 2010-11-06 10:37 103864 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2010-11-05 21:17 . 2004-01-11 22:00 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-05 18:42 . 2009-06-25 12:20 1446264 ----a-w- c:\program files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
2010-11-05 16:50 . 2010-11-08 20:16 -------- d-----w- C:\AgreeOutput
2010-11-05 16:46 . 2010-11-08 20:17 -------- d-----w- c:\program files\Agree Free MP3 to M4A AAC Converter
2010-11-05 15:55 . 2010-11-05 15:55 -------- d-----w- c:\documents and settings\Pc\Data aplikací\FreeCDRipper
2010-11-05 15:52 . 1998-06-24 00:00 164144 ----a-w- c:\windows\system32\COMCT232.OCX
2010-11-05 14:34 . 2002-07-17 08:05 16512 ----a-w- c:\windows\system32\drivers\ASPI32.SYS
2010-11-05 14:34 . 2001-03-17 21:34 22528 ----a-w- c:\windows\system32\WNASPI32.DLL
2010-11-05 14:34 . 2007-11-01 17:53 42880 ----a-w- c:\windows\system32\drivers\vacs2xkd.sys
2010-11-05 14:25 . 2010-11-05 14:25 -------- d-----w- c:\documents and settings\All Users\Uniblue
2010-11-01 08:09 . 2010-11-05 15:33 -------- d-----w- c:\program files\Nerlaska
2010-10-31 22:24 . 2010-10-31 22:24 -------- d-----w- c:\documents and settings\Pc\Local Settings\Data aplikací\Thunderbird
2010-10-31 22:24 . 2010-10-31 22:24 -------- d-----w- c:\documents and settings\Pc\Data aplikací\Thunderbird
2010-10-31 22:24 . 2010-10-31 22:24 -------- d-----w- c:\program files\Mozilla Thunderbird
2010-10-30 17:47 . 2010-10-30 17:47 -------- d-----w- c:\windows\system32\windows media
2010-10-28 07:26 . 2010-10-28 07:27 -------- d-----w- c:\program files\Penumbra
2010-10-27 17:29 . 2010-10-27 17:29 -------- d-----w- c:\program files\MSXML 6.0
2010-10-27 16:28 . 2010-10-27 18:02 -------- d-----w- c:\program files\Dead City
2010-10-26 08:28 . 2010-10-26 08:28 -------- d-----w- c:\program files\Centauri
2010-10-25 08:55 . 2010-11-20 14:14 -------- d-----w- c:\program files\Microsoft Games
2010-10-25 08:38 . 2009-03-16 12:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-10-25 08:38 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2010-10-25 08:38 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2010-10-25 08:38 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2010-10-25 08:37 . 2010-10-25 21:39 -------- d-----w- c:\program files\Privates
2010-10-22 17:56 . 2010-11-11 18:21 -------- d-----w- c:\program files\Warzone 2100

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-20 13:12 . 2010-09-15 15:46 444952 ----a-w- c:\windows\system32\wrap_oal.dll
2010-11-20 13:12 . 2010-09-15 15:46 109080 ----a-w- c:\windows\system32\OpenAL32.dll
2010-11-13 17:19 . 2010-09-25 12:39 152904 ----a-w- c:\windows\system32\vghd.scr
2010-10-22 11:43 . 2010-10-22 11:43 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-10-19 20:51 . 2010-09-15 18:27 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-16 10:10 . 2007-04-09 08:01 2384897 ----a-w- c:\windows\snuninst.exe
2010-10-11 06:46 . 2010-10-06 18:32 421888 ----a-w- c:\windows\NEXON_EU_DownloaderUpdater.exe
2010-10-03 13:30 . 2010-10-03 13:30 22016 ----a-w- c:\windows\system32\prospeed_bmp2jpg.dll
2010-09-27 12:50 . 2010-10-05 21:55 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-09-27 12:49 . 2010-10-05 21:55 53632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2010-09-27 12:49 . 2010-10-05 21:55 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-09-27 12:49 . 2010-10-05 21:55 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-09-21 10:05 . 2010-09-21 10:05 677376 ----a-w- c:\windows\system32\yowindow.scr
2010-09-20 21:22 . 2010-09-10 12:22 1409 ----a-w- c:\windows\QTFont.for
2010-09-18 10:23 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2008-04-14 12:00 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2008-04-14 12:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2008-04-14 12:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-12 13:08 . 2010-09-12 13:08 81920 ----a-w- c:\windows\ALCFDRTM.VER
2010-09-12 13:08 . 2010-09-12 13:08 81920 ----a-w- c:\windows\ALCFDRTM.EXE
2010-09-10 05:52 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:52 . 2008-04-14 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:52 . 2008-04-14 12:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2010-09-10 01:12 . 2010-09-10 01:12 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2010-09-10 01:12 . 2010-09-10 01:12 25512 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2010-09-10 01:12 . 2010-09-10 01:12 13224 ----a-w- c:\windows\system32\drivers\ggflt.sys
2010-09-10 01:12 . 2010-09-10 01:12 1112288 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2010-09-07 15:12 . 2010-09-09 17:34 38848 ----a-w- c:\windows\avastSS.scr
2010-09-07 15:11 . 2010-09-09 17:14 167592 ----a-w- c:\windows\system32\aswBoot.exe
2010-09-07 14:52 . 2010-09-09 17:14 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-09-07 14:52 . 2010-09-09 17:14 165584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-09-07 14:47 . 2010-09-09 17:14 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-09-07 14:47 . 2010-09-09 17:14 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-09-07 14:47 . 2010-09-09 17:14 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-09-07 14:47 . 2010-09-09 17:14 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-09-07 14:46 . 2010-09-09 17:14 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-09-01 11:52 . 2008-04-14 12:00 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-09-01 07:57 . 2008-04-14 12:00 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:03 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:54 . 2008-04-14 12:00 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-27 01:43 . 2008-05-05 05:25 5632 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-26 13:39 . 2008-04-14 12:00 357248 ----a-w- c:\windows\system32\drivers\srv.sys
.

------- Sigcheck -------

[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\Driver Cache\i386\atapi.sys

[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2008-04-14 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\Driver Cache\i386\kbdclass.sys

[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys

[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2008-04-14 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll

[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll

[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . BE27674D1CBC3214AEC84B4336A38BBF . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 9EF697AF07BB8DD82C3B02CA953A95B7 . 111104 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe

[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . E145ADD7DAEF759C4F5FB80A180A9C30 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2008-04-14 . D7B7AE36A2EBA312AC4B53862019B3F5 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:29 . A371F11EF07653591C8DE26AFB13CE7F . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . 545C653E8FE241CA6200798AA94FE5C7 . 988160 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll

[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll

[-] 2010-09-10 . BFB18929123F545F3EAA845F912AC4BD . 5957120 . . [8.00.6001.18975] . . c:\windows\system32\mshtml.dll
[-] 2010-09-10 . BFB18929123F545F3EAA845F912AC4BD . 5957120 . . [8.00.6001.18975] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-06-24 . EFBB6838B92449E8A7B9D5468FAFE36F . 3094528 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\9bfdc301ef4f5cb0838d7414aeba627d\sp3qfe\mshtml.dll
[-] 2010-06-24 . 5F69B33A51143AA5EDCA1D0E8899B3E8 . 3094016 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\9bfdc301ef4f5cb0838d7414aeba627d\sp3gdr\mshtml.dll

[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2008-04-14 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2008-04-14 . EC8D5E09C6CA5F52858A5EB71F308FDF . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 1289B7611CCD6CB27596AE92CBF03E35 . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll

[-] 2010-04-28 . EF1542C4875CAA34484A7BCB998B6BC4 . 2192128 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-04-28 . 431278D0EF7518BA499720122F4ED86F . 2148352 . . [5.1.2600.5973] . . c:\windows\system32\ntoskrnl.exe
[-] 2008-04-14 . C1536014AC1CB1D5397E31D9735E6571 . 2191104 . . [5.1.2600.5512] . . c:\windows\Driver Cache\i386\ntoskrnl.exe

[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll

[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll

[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe

[-] 2010-09-10 . 63505861F205E3835D8148811DCB56FE . 916480 . . [8.00.6001.18968] . . c:\windows\system32\wininet.dll
[-] 2010-09-10 . 63505861F205E3835D8148811DCB56FE . 916480 . . [8.00.6001.18968] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-06-24 . C86C252A599A8FA430B4045A91415155 . 669696 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\9bfdc301ef4f5cb0838d7414aeba627d\sp3qfe\wininet.dll
[-] 2010-06-24 . A764E257D4A63074DDE693875EBCCD16 . 668160 . . [6.00.2900.6003] . . c:\windows\SoftwareDistribution\Download\9bfdc301ef4f5cb0838d7414aeba627d\sp3gdr\wininet.dll

[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
[-] 2008-04-14 . 859F7735F199C90403340183A3DDFB78 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2help.dll

[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe

[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\ole32.dll
[-] 2010-07-16 . 6D1A3A355CA2AC64D2D5BAEC25C16427 . 1287680 . . [5.1.2600.6010] . . c:\windows\system32\dllcache\ole32.dll

[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll

[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll

[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll

[-] 2008-04-14 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2001-10-24 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\Driver Cache\i386\acpiec.sys

[-] 2008-04-13 21:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\aec.sys
[-] 2008-04-13 20:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . 9BB005DF755C4EDE048221DFD4A28A87 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2009-01-30 19:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\mspmsnsv.dll
[-] 2009-01-30 19:33 . 051B1BDECD6DEE18C771B5D5EC7F044D . 27136 . . [11.0.5721.5262] . . c:\windows\system32\dllcache\mspmsnsv.dll

[-] 2010-04-28 . E4D3DB21C20749B8776B3E2C4B880404 . 2068992 . . [5.1.2600.5973] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-04-28 . F7648719DB795F098BA7F2AE67150182 . 2026496 . . [5.1.2600.5973] . . c:\windows\system32\ntkrnlpa.exe
[-] 2008-04-14 . 4DEE41C45E803DB91A72FD1BA69C05EE . 2067968 . . [5.1.2600.5512] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe

[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 12:00 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll

[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
[-] 2008-04-14 . 8E009E7AC012823845D5F39A77F4A27F . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dllcache\dsound.dll

[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
[-] 2008-04-14 . 3B8AE11A3419DF8239183E94888702FA . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\d3d9.dll

[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
[-] 2008-04-14 . EDAD701F01FFD9B5799B8FCF1CF6BDA7 . 279552 . . [5.03.2600.5512] . . c:\windows\system32\dllcache\ddraw.dll

[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
[-] 2008-04-14 12:00 . 16C195EBC0A3EC35C48D0C2D9A346BAB . 84992 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\olepro32.dll

[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
[-] 2008-04-14 . 1682285F7C0934C764A0EBBC568153CA . 39936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\perfctrs.dll

[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
[-] 2008-04-14 . 614F8186BDAB926E3B1D8927A4161B54 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\version.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 13:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1EA00BE1-6E54-4E2A-8099-680300BF23E1}"= "c:\program files\Seznam.cz\toolbar\toolbar.dll" [2010-10-06 187672]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{1ea00be1-6e54-4e2a-8099-680300bf23e1}]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Free Download Manager"="c:\program files\Free Download Manager\fdm.exe" [2010-04-28 3727411]
"Seznam Postak"="c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\postak.exe" [2010-10-07 488728]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-05 39408]
"AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\bin\TrayIcon.exe" [2007-07-23 345640]
"ICQ"="c:\program files\ICQ7.2\ICQ.exe" [2010-10-27 133432]
"Steam"="c:\program files\Steam\Steam.exe" [2010-11-19 1242448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 16269312]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"Wireless Console 2"="c:\program files\Wireless Console 2\wcourier.exe" [2007-07-05 1040384]
"ATKHOTKEY"="c:\program files\ATK Hotkey\Hcontrol.exe" [2007-07-12 225280]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 61440]
"HControl"="c:\windows\ATK0100\HControl.exe" [2006-10-14 110592]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2007-10-17 7737344]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"DeskMateAutoUpdate"="c:\program files\DeskMates\DeskMateAutoUpdate.exe" [2010-09-26 25896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

c:\documents and settings\Pc\Nabˇdka Start\Programy\Po spuçtŘnˇ\
DesktopVideoPlayer.LNK - c:\program files\vghd\vghd.exe [2010-9-25 604488]
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2010-9-20 731136]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-09-27 12:49 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\ICQ7.2\\ICQ.exe"=
"c:\\Program Files\\ICQ7.2\\aolload.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Service\\Update Service.exe"=
"c:\\Program Files\\vghd\\vghd.exe"=
"c:\\Program Files\\Free Download Manager\\fdmwi.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Downloader_Engine.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Nexon\\Combat Arms EU\\Engine.exe"=
"c:\\Nexon\\Combat Arms EU\\NMService.exe"=
"c:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Microsoft Games\\MechCommander2\\Mc2Rel.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Vzdálená správa systému Windows

R0 pe3aprwb;Simon the Sorcerer Environment Driver (pe3aprwb);c:\windows\system32\drivers\pe3aprwb.sys [18.12.2007 15:33 65160]
R0 ps7aprwb;Simon the Sorcerer Synchronization Driver (ps7aprwb);c:\windows\system32\drivers\ps7aprwb.sys [18.12.2007 15:33 68752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9.9.2010 18:14 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.9.2010 18:14 17744]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [10.9.2010 2:12 27632]
S2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10.9.2010 19:33 136176]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 pr2aprwb;Simon the Sorcerer Drivers Auto Removal (pr2aprwb);c:\windows\system32\pr2aprwb.exe svc --> c:\windows\system32\pr2aprwb.exe svc [?]
S3 Aken;Aken;c:\documents and settings\Pc\Local Settings\Data aplikací\0 A.D. alpha\binaries\system\aken.sys [17.6.2007 11:29 3712]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [5.11.2010 15:34 16512]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [10.9.2010 2:12 13224]
S3 MaplomL;MaplomL; [x]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [11.9.2010 15:25 384752]
S3 WefiEngSvc;WeFi Engine Service;c:\program files\WeFi\WefiEngSvc.exe [25.7.2010 16:14 120152]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [14.4.2008 13:00 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Obsah adresáře 'Naplánované úlohy'

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-10 18:33]

2010-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-10 18:33]

2010-11-21 c:\windows\Tasks\User_Feed_Synchronization-{93131EC4-D85E-4024-BF00-A9B5F7103EF3}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

2010-11-21 c:\windows\Tasks\WefiStartup.job
- c:\program files\WeFi\WefiStartup.exe [2010-07-25 15:14]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
IE: WikiKomentáře Google... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {{CDAFD956-97BE-443D-8EF7-F4F094EB5766} - c:\program files\Crawler\SSaver\CSSaver.exe
IE: {{0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - {0E46D7B6-887D-4F81-B4CA-FCC92AF73610} - c:\documents and settings\Pc\Local Settings\Data aplikací\Seznam.cz\listicka.dll
TCP: {6669472D-419A-407C-9F8D-0C3BD382DC2B} = 160.218.43.200 160.218.10.200
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=n ... t&hl=cs&q=
FF - component: c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\Pc\Data aplikací\Mozilla\Firefox\Profiles\3410iv5l.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKCU-Run-NexonEULauncher - (no file)
ActiveSetup-ccc-core-static - msiexec
AddRemove-MechCommander2 1.0 - c:\program files\Microsoft Games\MechCommander2\UNINSTAL.EXE
AddRemove-{3912D529-02BC-4CA8-B5ED-0D0C20EB6003} - c:\program files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\setup.exe
AddRemove-{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6} - c:\program files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\setup.exe
AddRemove-{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - c:\program files\InstallShield Installation Information\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}\ICQ7.exe
AddRemove-{83F73CB1-7705-49D1-9852-84D839CA2A45} - c:\program files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-21 18:52
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_USERS\S-1-5-21-329068152-1326574676-1417001333-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(780)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\LMIinit.dll
.
Celkový čas: 2010-11-21 18:55:37
ComboFix-quarantined-files.txt 2010-11-21 17:55

Před spuštěním: Volných bajtů: 176 644 030 464
Po spuštění: Volných bajtů: 177 505 222 656

WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

- - End Of File - - 1A73B8F24AFEE8689B74497DABB2D626
Nahoru
Zamčeno
  • Mohlo by vás zajímat
    Odpovědi
    Zobrazení
    Poslední příspěvek
  • Program ONVIF, IP cam
    od NIESRA » 16 pro 2023 20:21 » v Vše ostatní (sw)
    6
    901
    od petr22 Zobrazit poslední příspěvek
    17 pro 2023 09:11
  • Program na střídání videa Příloha(y)
    od lukas212 » 10 dub 2024 11:01 » v Design a grafické editory
    14
    1956
    od lukas212 Zobrazit poslední příspěvek
    14 dub 2024 19:50
  • Program pro editaci fontů
    od IoannesPragensis » 05 čer 2023 20:01 » v Programy ke stažení
    2
    1870
    od atari Zobrazit poslední příspěvek
    06 čer 2023 11:33
  • Program se stále ptá na spuštění při startu OS
    od Karrex » 17 pro 2023 15:09 » v Windows 11, 10, 8...
    3
    1145
    od zeus Zobrazit poslední příspěvek
    19 pro 2023 18:50
  • Program: klávesová zkratka->napíše se text
    od pikaso.andreas » 18 črc 2023 14:12 » v Vše ostatní (sw)
    3
    1630
    od X Zobrazit poslední příspěvek
    19 črc 2023 18:28

Zpět na “Vše ostatní (bezp)”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 3 hosti