Prosím o kontolu logu

[RuLich]

Ahoj,
mám XP PRO, přestala se mi zobrazovat ikona připojení ve složce "Síťová připojení" nezobrazuji se mi ikony na ploše, nefunguje (nereaguje ) menu pravého tlačítka na ploše, stále svchost.exe 50-90 % a občas se samo přepne "Zobrazení na "Klasické".

Přikládám log:

.........................................................................................

Logfile of random's system information tool 1.06 (written by random/random)
Run by RuLich at 2010-04-15 15:14:24
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 16 GB (32%) free of 50 GB
Total RAM: 2047 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:14:31, on 15.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\RuLich\Local Settings\Temporary Internet Files\Content.IE5\YN068PPW\RSIT[1].exe
C:\Program Files\trend micro\RuLich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6132446187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6132542031
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 6926 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\GlaryInitialize.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2009-10-26 15872]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"nwiz"=nwiz.exe /installquiet []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2010-01-11 110696]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2010-01-11 13666408]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2010-03-09 26100520]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-04-01 2010864]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2008-02-28 570664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-14 239616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDrives"=0
"NoDriveTypeAutoRun"=323

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d70811f6-1932-11df-a965-8d4871ab6575}]
shell\AutoRun\command - K:\OnSpcLCK.exe


======List of files/folders created in the last 1 months======

2010-04-15 15:14:24 ----D---- C:\rsit
2010-04-15 15:14:24 ----D---- C:\Program Files\trend micro
2010-04-15 10:57:21 ----D---- C:\32788R22FWJFW
2010-04-15 10:51:36 ----A---- C:\WINDOWS\NIRCMD.exe
2010-04-15 10:51:31 ----SD---- C:\ComboFix
2010-04-14 05:07:10 ----A---- C:\WINDOWS\system32\wups2.dll
2010-04-13 23:01:48 ----D---- C:\WINDOWS\Prefetch
2010-04-13 22:24:49 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-04-13 22:19:44 ----D---- C:\WINDOWS\B83FC356B7C0441F8A4DD71E088E7974.TMP
2010-04-13 22:14:30 ----RA---- C:\WINDOWS\SET41.tmp
2010-04-13 22:14:27 ----RA---- C:\WINDOWS\SET35.tmp
2010-04-13 22:14:26 ----RA---- C:\WINDOWS\SET32.tmp
2010-04-13 22:04:32 ----A---- C:\WINDOWS\pnplog.txt
2010-04-13 22:01:28 ----A---- C:\WINDOWS\imsins.BAK
2010-04-13 22:01:18 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-04-13 22:01:18 ----A---- C:\WINDOWS\system32\irclass.dll
2010-04-13 22:01:05 ----RA---- C:\WINDOWS\SETA6.tmp
2010-04-13 22:01:03 ----RA---- C:\WINDOWS\SET9A.tmp
2010-04-13 22:01:01 ----RA---- C:\WINDOWS\SET97.tmp
2010-04-13 20:54:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\SUPERAntiSpyware.com
2010-04-13 20:54:35 ----D---- C:\Documents and Settings\RuLich\Data aplikací\SUPERAntiSpyware.com
2010-04-13 20:36:07 ----SHD---- C:\RECYCLER
2010-04-13 20:35:19 ----A---- C:\WINDOWS\OEWABLog.txt
2010-04-13 20:24:14 ----A---- C:\WINDOWS\setuplog.txt
2010-04-13 20:23:55 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-04-13 20:23:55 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-04-13 20:23:55 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-04-13 20:23:55 ----D---- C:\Program Files\Messenger
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\slserv.exe
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\slgen.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-04-13 20:23:54 ----N---- C:\WINDOWS\slrundll.exe
2010-04-13 20:23:54 ----D---- C:\WINDOWS\system32\bits
2010-04-13 20:22:54 ----D---- C:\WINDOWS\ServicePackFiles
2010-04-13 20:22:33 ----A---- C:\WINDOWS\000001_.tmp
2010-04-13 05:28:24 ----D---- C:\WINDOWS\SxsCaPendDel
2010-04-12 21:03:09 ----A---- C:\WINDOWS\system32\nvunrm.exe
2010-04-12 21:03:09 ----A---- C:\WINDOWS\system32\cohelper.dll
2010-04-11 07:10:43 ----HDC---- C:\Documents and Settings\All Users\Data aplikací\{E434619C-846F-4697-8739-15F436DE9B2F}
2010-04-11 07:10:09 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Fighters
2010-04-10 01:35:36 ----AD---- C:\Qoobox
2010-04-09 19:09:57 ----N---- C:\WINDOWS\SDUnInst.exe
2010-04-09 19:09:57 ----D---- C:\Program Files\Software by Design
2010-04-09 14:28:45 ----D---- C:\Program Files\DVDFab 6
2010-04-09 01:47:49 ----A---- C:\WINDOWS\IsUninst.exe
2010-04-08 22:59:38 ----D---- C:\Program Files\Active Data Recovery Software
2010-04-06 20:42:49 ----A---- C:\WINDOWS\system32\btw_ci.dll
2010-04-05 20:34:46 ----A---- C:\mbam-error.txt
2010-04-05 20:34:23 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Malwarebytes
2010-04-05 20:34:17 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-05 20:34:17 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2010-04-05 09:56:33 ----D---- C:\Documents and Settings\All Users\Data aplikací\FLEXnet
2010-04-05 09:56:26 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Luxology
2010-04-05 09:54:07 ----D---- C:\Documents and Settings\RuLich\Data aplikací\DassaultSystemes
2010-04-05 09:54:07 ----D---- C:\Documents and Settings\All Users\Data aplikací\DassaultSystemes
2010-04-05 09:44:40 ----A---- C:\WINDOWS\eDrawingOfficeAutomator.INI
2010-04-05 09:36:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SolidWorks
2010-04-05 09:34:40 ----D---- C:\Program Files\Microsoft Visual Studio 8
2010-04-05 09:34:40 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2010-04-05 09:34:15 ----D---- C:\Program Files\Microsoft.NET
2010-04-05 09:33:04 ----D---- C:\Program Files\Common Files\Manažer instalací SolidWorks
2010-04-05 09:17:35 ----D---- C:\WINDOWS\SolidWorks
2010-04-03 18:17:46 ----D---- C:\Program Files\Uniblue
2010-04-03 09:51:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Bluetooth
2010-04-03 09:49:53 ----D---- C:\Program Files\IVT Corporation
2010-04-01 21:50:44 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2010-04-01 21:50:43 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2010-04-01 21:50:42 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2010-04-01 21:50:42 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2010-04-01 21:50:41 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2010-04-01 21:50:40 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2010-04-01 21:50:40 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2010-04-01 21:50:39 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2010-04-01 21:50:38 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2010-04-01 21:50:38 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2010-03-31 21:18:41 ----D---- C:\Documents and Settings\RuLich\Data aplikací\InstallShield
2010-03-31 21:17:43 ----D---- C:\Program Files\Setup Files
2010-03-31 21:03:00 ----D---- C:\Program Files\MSI
2010-03-31 19:44:11 ----D---- C:\Program Files\DNA
2010-03-29 06:40:02 ----D---- C:\Boot
2010-03-28 17:32:56 ----A---- C:\WINDOWS\system32\Nucleus.dll
2010-03-28 17:32:56 ----A---- C:\WINDOWS\system32\d3dx10d_33.dll
2010-03-28 10:38:44 ----D---- C:\WINDOWS\system32\AGEIA
2010-03-28 10:17:05 ----D---- C:\Program Files\Deep Silver
2010-03-27 08:49:13 ----D---- C:\Documents and Settings\RuLich\Data aplikací\licenses
2010-03-27 08:49:12 ----D---- C:\Documents and Settings\RuLich\Data aplikací\PCMM2009
2010-03-27 08:49:11 ----D---- C:\Documents and Settings\RuLich\Data aplikací\PCMM2010
2010-03-26 23:15:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-03-26 11:41:03 ----D---- C:\Program Files\Common Files\Skype
2010-03-25 21:40:19 ----D---- C:\Program Files\SQUARE ENIX - Eidos Interactive
2010-03-21 20:40:07 ----D---- C:\Documents and Settings\RuLich\Data aplikací\vlc
2010-03-21 20:38:12 ----D---- C:\Program Files\VideoLAN
2010-03-21 20:36:54 ----D---- C:\Program Files\Common Files\Ahead
2010-03-21 20:36:54 ----D---- C:\Program Files\Ahead
2010-03-20 22:25:25 ----D---- C:\WINDOWS\system32\Nová složka
2010-03-20 18:49:34 ----D---- C:\WINDOWS\Symbols
2010-03-20 17:45:49 ----D---- C:\Program Files\Debugging Tools for Windows (x86)
2010-03-19 17:18:35 ----D---- C:\WINDOWS\Minidump
2010-03-18 11:44:05 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2010-03-16 20:34:29 ----D---- C:\Documents and Settings\RuLich\Data aplikací\BeachPartyCraze
2010-03-16 20:03:59 ----SHD---- C:\WINDOWS\ftpcache

======List of files/folders modified in the last 1 months======

2010-04-15 15:14:28 ----D---- C:\WINDOWS\Temp
2010-04-15 15:14:24 ----RD---- C:\Program Files
2010-04-15 15:10:06 ----A---- C:\WINDOWS\zip.exe
2010-04-15 14:57:42 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Skype
2010-04-15 14:57:09 ----D---- C:\Documents and Settings\RuLich\Data aplikací\skypePM
2010-04-15 10:59:12 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-15 10:52:06 ----D---- C:\WINDOWS\system32\drivers
2010-04-15 10:52:04 ----D---- C:\WINDOWS\system32
2010-04-15 10:52:03 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-15 10:51:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-15 10:51:36 ----D---- C:\WINDOWS
2010-04-15 10:42:23 ----SHD---- C:\WINDOWS\Installer
2010-04-14 16:37:29 ----D---- C:\WINDOWS\Debug
2010-04-14 10:33:46 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 10:33:01 ----D---- C:\WINDOWS\system32\cs-cz
2010-04-14 10:33:00 ----HD---- C:\WINDOWS\inf
2010-04-14 10:33:00 ----D---- C:\WINDOWS\Help
2010-04-14 10:33:00 ----D---- C:\Program Files\Internet Explorer
2010-04-14 05:35:02 ----HDC---- C:\WINDOWS\ie8
2010-04-14 05:07:39 ----D---- C:\WINDOWS\SoftwareDistribution
2010-04-13 23:58:38 ----D---- C:\WINDOWS\system
2010-04-13 23:58:37 ----D---- C:\WINDOWS\system32\Setup
2010-04-13 23:58:30 ----D---- C:\WINDOWS\L2Schemas
2010-04-13 23:58:29 ----D---- C:\WINDOWS\system32\usmt
2010-04-13 23:58:20 ----D---- C:\WINDOWS\AppPatch
2010-04-13 23:58:19 ----D---- C:\WINDOWS\ime
2010-04-13 23:58:19 ----D---- C:\WINDOWS\ehome
2010-04-13 23:58:18 ----RSD---- C:\WINDOWS\Fonts
2010-04-13 23:58:17 ----D---- C:\WINDOWS\Network Diagnostic
2010-04-13 23:58:17 ----D---- C:\WINDOWS\Media
2010-04-13 23:58:04 ----D---- C:\WINDOWS\PeerNet
2010-04-13 23:57:51 ----D---- C:\WINDOWS\system32\npp
2010-04-13 23:57:45 ----D---- C:\WINDOWS\msagent
2010-04-13 23:57:41 ----D---- C:\WINDOWS\system32\cs
2010-04-13 23:55:53 ----D---- C:\WINDOWS\system32\1029
2010-04-13 23:55:48 ----D---- C:\WINDOWS\twain_32
2010-04-13 23:55:38 ----D---- C:\WINDOWS\system32\icsxml
2010-04-13 23:55:17 ----D---- C:\WINDOWS\system32\ias
2010-04-13 23:55:12 ----D---- C:\WINDOWS\system32\1033
2010-04-13 23:54:15 ----D---- C:\WINDOWS\Driver Cache
2010-04-13 23:03:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-04-13 23:02:49 ----D---- C:\WINDOWS\Registration
2010-04-13 23:02:32 ----SHD---- C:\System Volume Information
2010-04-13 23:02:32 ----D---- C:\WINDOWS\system32\Restore
2010-04-13 22:29:39 ----D---- C:\WINDOWS\system32\config
2010-04-13 22:25:43 ----D---- C:\WINDOWS\security
2010-04-13 22:25:27 ----A---- C:\WINDOWS\ODBCINST.INI
2010-04-13 22:24:51 ----RD---- C:\WINDOWS\Web
2010-04-13 22:24:45 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-04-13 22:24:36 ----A---- C:\WINDOWS\win.ini
2010-04-13 22:24:32 ----D---- C:\Program Files\NetMeeting
2010-04-13 22:24:30 ----D---- C:\Program Files\Windows Media Player
2010-04-13 22:24:27 ----D---- C:\Program Files\Movie Maker
2010-04-13 22:24:26 ----D---- C:\WINDOWS\system32\oobe
2010-04-13 22:24:25 ----D---- C:\Program Files\Outlook Express
2010-04-13 22:23:50 ----D---- C:\WINDOWS\system32\Com
2010-04-13 22:23:28 ----D---- C:\WINDOWS\system32\wbem
2010-04-13 22:22:49 ----SH---- C:\boot.ini
2010-04-13 22:19:43 ----D---- C:\Program Files\AGEIA Technologies
2010-04-13 22:14:44 ----A---- C:\WINDOWS\system.ini
2010-04-13 22:14:34 ----ASH---- C:\Documents and Settings\All Users\Data aplikací\desktop.ini
2010-04-13 22:14:32 ----D---- C:\WINDOWS\system32\CatRoot
2010-04-13 20:23:57 ----D---- C:\WINDOWS\WinSxS
2010-04-13 20:23:55 ----D---- C:\WINDOWS\system32\inetsrv
2010-04-13 17:34:44 ----SD---- C:\WINDOWS\Tasks
2010-04-13 17:33:04 ----D---- C:\Program Files\Common Files
2010-04-13 10:33:34 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-13 05:32:05 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-04-13 05:31:30 ----D---- C:\Program Files\Registry Mechanic
2010-04-12 21:05:05 ----D---- C:\Program Files\NVIDIA Corporation
2010-04-12 21:03:37 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-04-12 20:59:44 ----D---- C:\NVIDIA
2010-04-12 19:51:36 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-04-12 10:44:37 ----D---- C:\WINDOWS\system32\DirectX
2010-04-12 10:44:13 ----RSD---- C:\WINDOWS\assembly
2010-04-12 09:53:27 ----A---- C:\WINDOWS\wincmd.ini
2010-04-11 00:40:37 ----D---- C:\Program Files\Ubisoft
2010-04-10 07:54:07 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Vso
2010-04-06 10:55:19 ----D---- C:\Program Files\Common Files\SolidWorks Shared
2010-04-06 10:55:19 ----D---- C:\Program Files\Common Files\Designer
2010-04-05 18:05:23 ----D---- C:\Documents and Settings\RuLich\Data aplikací\SolidWorks
2010-04-05 09:50:41 ----D---- C:\WINDOWS\Microsoft.NET
2010-04-05 09:43:35 ----SD---- C:\Documents and Settings\RuLich\Data aplikací\Microsoft
2010-04-05 09:35:10 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2010-04-05 09:34:56 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-04-05 09:34:11 ----D---- C:\Program Files\MSECache
2010-04-05 09:09:18 ----D---- C:\Program Files\Common Files\PC Tools
2010-04-03 17:48:53 ----D---- C:\Documents and Settings\RuLich\Data aplikací\uTorrent
2010-04-03 17:48:05 ----D---- C:\Program Files\Ace Utilities
2010-04-02 13:04:42 ----D---- C:\WINDOWS\ie8updates
2010-04-02 13:04:40 ----HD---- C:\WINDOWS\$hf_mig$
2010-03-26 19:52:28 ----RD---- C:\Program Files\Skype
2010-03-26 19:45:52 ----D---- C:\Documents and Settings\RuLich\Data aplikací\Toolbar4
2010-03-25 21:33:58 ----D---- C:\SDFix

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-25 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2010-01-12 10276768]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2009-07-01 66688]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2009-07-01 13824]
R3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2010-02-15 47360]
R3 SASENUM;SASENUM; \??\D:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Ovladač Miniport otevřeného hostitelského řadiče Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 272896]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 btkrnl;Enumenátor sběrnice Bluetooth; C:\WINDOWS\system32\DRIVERS\btkrnl.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\RuLich\LOCALS~1\Temp\catchme.sys []
S3 GMSIPCI;GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [2009-07-23 387616]
R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [2009-07-23 178720]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2010-01-11 154216]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-04-05 79360]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
Děkuji.

[Reklama]

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG či Avast, následně T-Cleaner smaž a zapni si AVG či Avast.


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si ToolsCleaner2( by de A.Rothstein & Dj Quiou )

na plochu a spusť ho.
Klikni na Pt. Restauration (obnova) a poté na OK.
Klikni na Corbeille (koš) a poté na OK.
Klikni na Fichiers temp (temp složky) a poté na OK.
Klikni na Recherche (hledání) a nech Cleaner pracovat. Může se během čištění zastavit , ale nech ho pokračovat.
Když program skončí , klikni na Suppression (odstranění)a odstraň nalezené.
Zavři program.
Program maže i všechny nástroje na odvirování a vytváření logů , které se zde používají (HJT, Combofix, OTM, OTL, OTS atd.)

Pak:
Vlož log z HJT:
viewtopic.php?f=70&t=5119

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

[RuLich]

Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 20:36:33, on 15.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\nvidia corporation\networkaccessmanager\bin32\nvlsp.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6132446187
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6132542031
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDow ... rtScan.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

--
End of file - 7058 bytes
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Verze databáze: 3992

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

15.4.2010 20:43:09
mbam-log-2010-04-15 (20-43-09).txt

Typ skenu: Rychlý sken
Skenované objekty: 101350
Uplynulý čas: 2 minuta(y), 43 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 2
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u Avastu.

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

[RuLich]

Tak snad jsem to udělal dobře:
(stále problém s schvost.exe 90%)

Ještě toto:

"Spuštění služby Brána Firewall/sdílení připojení k Internetu (ICS) se nezdařilo"

Malwarebytes' Anti-Malware 1.45
http://www.malwarebytes.org

Verze databáze: 3992

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

16.4.2010 10:27:36
mbam-log-2010-04-16 (10-27-36).txt

Typ skenu: Rychlý sken
Skenované objekty: 100954
Uplynulý čas: 3 minuta(y), 29 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 2
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
.........................................................................

ComboFix 10-04-15.02 - RuLich 16.04.2010 10:43:16.3.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1603 [GMT 2:00]
Spuštěný z: D:\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100415-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((( Soubory vytvořené od 2010-03-16 do 2010-04-16 )))))))))))))))))))))))))))))))
.

2010-04-15 18:36 . 2010-04-15 18:36 -------- d-----w- c:\program files\TrendMicro
2010-04-14 03:07 . 2009-08-06 17:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-04-13 20:26 . 2001-10-24 10:24 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-04-13 20:25 . 2001-10-25 12:00 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2010-04-13 20:24 . 2008-04-14 06:53 188416 ----a-w- c:\windows\system32\msh261.drv
2010-04-13 20:19 . 2010-04-13 20:19 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
2010-04-13 20:01 . 2001-10-25 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-04-13 20:01 . 2001-10-25 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-04-13 20:01 . 2001-10-25 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-04-13 20:01 . 2001-10-25 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-04-13 18:22 . 2008-04-14 06:51 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2010-04-13 03:28 . 2010-04-13 08:33 -------- d-----w- c:\windows\SxsCaPendDel
2010-04-12 19:03 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2010-04-12 19:03 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
2010-04-09 17:09 . 2010-04-09 17:11 -------- d-----w- c:\program files\Software by Design
2010-04-09 17:09 . 2005-05-22 05:00 90112 ------w- c:\windows\SDUnInst.exe
2010-04-09 12:28 . 2010-04-10 05:54 -------- d-----w- c:\program files\DVDFab 6
2010-04-08 23:47 . 1998-10-29 17:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-04-08 20:59 . 2010-04-08 20:59 -------- d-----w- c:\program files\Active Data Recovery Software
2010-04-06 18:42 . 2010-04-06 18:42 106557 ----a-w- c:\windows\system32\btw_ci.dll
2010-04-05 18:34 . 2010-03-29 13:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-05 18:34 . 2010-04-15 18:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-05 18:34 . 2010-03-29 13:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-05 07:34 . 2010-04-05 07:34 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-04-05 07:34 . 2010-04-05 07:34 -------- d-----w- c:\program files\Microsoft.NET
2010-04-05 07:33 . 2010-04-06 08:57 -------- d-----w- c:\program files\Common Files\Manažer instalací SolidWorks
2010-04-05 07:17 . 2010-04-06 08:57 -------- d-----w- c:\windows\SolidWorks
2010-04-03 16:17 . 2010-04-03 16:17 -------- d-----w- c:\program files\Uniblue
2010-04-03 07:49 . 2010-04-03 07:49 -------- d-----w- c:\program files\IVT Corporation
2010-04-01 19:50 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-04-01 19:50 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-04-01 19:50 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2010-04-01 19:50 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2010-04-01 19:50 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-04-01 19:50 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-04-01 19:50 . 2007-05-16 14:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2010-04-01 19:50 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2010-04-01 19:50 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-04-01 19:50 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-03-31 19:17 . 2010-03-31 19:18 -------- d-----w- c:\program files\Setup Files
2010-03-31 19:03 . 2010-03-31 19:18 -------- d-----w- c:\program files\MSI
2010-03-31 17:44 . 2010-04-01 03:35 -------- d-----w- c:\program files\DNA
2010-03-29 04:40 . 2010-03-29 15:47 -------- d-----w- C:\Boot
2010-03-28 15:32 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d_33.dll
2010-03-28 15:32 . 2007-04-17 23:13 25037 ----a-w- c:\windows\system32\Nucleus.dll
2010-03-28 08:38 . 2010-03-28 08:38 -------- d-----w- c:\windows\system32\AGEIA
2010-03-28 08:17 . 2010-03-28 08:17 -------- d-----w- c:\program files\Deep Silver
2010-03-26 21:15 . 2010-04-06 08:53 -------- dc----w- c:\windows\system32\DRVSTORE
2010-03-26 09:41 . 2010-03-26 09:41 -------- d-----w- c:\program files\Common Files\Skype
2010-03-25 19:40 . 2010-03-25 19:40 -------- d-----w- c:\program files\SQUARE ENIX - Eidos Interactive
2010-03-21 18:38 . 2010-03-21 18:38 -------- d-----w- c:\program files\VideoLAN
2010-03-21 18:36 . 2010-03-21 18:36 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-21 18:36 . 2010-03-21 18:36 -------- d-----w- c:\program files\Ahead
2010-03-20 20:25 . 2010-03-20 20:25 -------- d-----w- c:\windows\system32\Nová složka
2010-03-20 16:49 . 2010-03-20 16:52 -------- d-----w- c:\windows\Symbols
2010-03-20 15:45 . 2010-04-12 17:45 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-03-18 09:44 . 2010-04-13 20:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 03:27 . 2010-02-14 08:13 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-16 03:27 . 2010-02-14 08:13 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-13 21:03 . 2001-10-25 12:00 437832 ----a-w- c:\windows\system32\perfh005.dat
2010-04-13 21:03 . 2001-10-25 12:00 82552 ----a-w- c:\windows\system32\perfc005.dat
2010-04-13 20:23 . 2010-02-14 00:10 23544 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-13 20:19 . 2010-02-14 07:05 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-13 08:33 . 2010-02-14 06:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-12 19:05 . 2010-02-14 07:05 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-10 22:40 . 2010-03-05 04:17 -------- d-----w- c:\program files\Ubisoft
2010-04-06 08:55 . 2010-03-12 21:21 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2010-04-05 07:34 . 2010-02-14 06:54 -------- d-----w- c:\program files\MSECache
2010-04-05 07:09 . 2010-03-08 15:12 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-03 15:48 . 2010-02-18 07:44 -------- d-----w- c:\program files\Ace Utilities
2010-03-26 17:52 . 2010-02-14 15:38 -------- d-----r- c:\program files\Skype
2010-03-14 21:12 . 2010-03-14 21:12 0 ----a-w- c:\windows\nsreg.dat
2010-03-12 22:40 . 2010-03-12 21:28 -------- d-----w- c:\program files\Common Files\eDrawings2006
2010-03-12 21:21 . 2010-03-12 21:21 -------- d-----w- c:\program files\Common Files\Bluebeam Software
2010-03-12 21:16 . 2010-03-12 21:16 -------- d-----w- c:\program files\Common Files\EZB Systems
2010-03-12 21:16 . 2010-03-12 21:16 -------- d-----w- c:\program files\UltraISO
2010-03-12 20:54 . 2010-03-12 20:54 -------- d-----w- c:\program files\Common Files\Solidworks Data
2010-03-10 17:32 . 2010-02-22 01:14 -------- d-----w- c:\program files\Unlocker
2010-03-08 20:39 . 2010-03-08 20:39 4096 ----a-w- c:\windows\d3dx.dat
2010-03-08 17:09 . 2010-02-17 22:02 -------- d-----w- c:\program files\Glary Utilities
2010-03-08 15:11 . 2010-03-08 15:11 -------- d-----w- c:\program files\CCleaner
2010-03-07 18:17 . 2010-03-07 18:17 -------- d-----w- c:\program files\Divoký míč 3
2010-03-07 09:33 . 2010-03-06 23:48 -------- d-----w- c:\program files\Dama2Lite
2010-03-07 08:20 . 2010-03-07 08:20 -------- d-----w- c:\program files\MSXML 4.0
2010-03-04 21:02 . 2010-03-04 21:02 -------- d-----w- c:\program files\uTorrent
2010-03-03 20:33 . 2010-03-03 20:33 -------- d-----w- c:\program files\MSBuild
2010-03-03 20:33 . 2010-03-03 20:33 -------- d-----w- c:\program files\Reference Assemblies
2010-03-03 20:32 . 2010-03-03 20:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-03-03 20:32 . 2010-02-19 20:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-03-03 20:32 . 2010-02-19 20:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-03-03 20:32 . 2010-02-19 20:24 -------- d-----w- c:\program files\OpenAL
2010-02-26 13:14 . 2010-02-26 13:14 -------- d-----w- c:\program files\Ashampoo
2010-02-21 12:54 . 2010-02-21 12:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-21 11:36 . 2010-02-14 06:51 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-18 22:10 . 2010-02-18 22:10 -------- d-----w- c:\program files\4Videosoft Studio
2010-02-18 22:04 . 2010-02-18 22:04 -------- d-----w- c:\program files\MediaInfo
2010-02-18 20:18 . 2010-02-18 18:40 -------- d-----w- c:\program files\WinMPG VideoConvert
2010-02-18 17:18 . 2010-02-18 17:14 5 ----a-w- c:\windows\system32\SySavi2mpeg.dat
2010-02-18 07:48 . 2010-02-18 07:48 -------- d-----w- c:\program files\Registry Repair
2010-02-17 22:01 . 2010-02-14 00:12 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-17 22:01 . 2010-02-14 00:12 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-17 22:01 . 2010-02-14 00:12 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-15 15:04 . 2010-02-15 15:03 -------- d-----w- c:\program files\DVD Shrink
2010-02-15 14:53 . 2010-02-15 14:53 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-15 14:53 . 2010-02-15 14:53 -------- d-----w- c:\program files\VSO
2010-02-15 09:42 . 2010-02-15 09:42 -------- d-----w- c:\program files\Windows Live
2010-02-15 09:42 . 2010-02-15 09:42 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-15 09:39 . 2010-02-15 09:39 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-14 15:38 . 2010-02-14 15:38 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-02-14 06:45 . 2010-02-14 06:45 977 ----a-w- c:\windows\unins000.dat
2010-02-14 06:45 . 2002-06-01 02:00 71561 ----a-w- c:\windows\unins000.exe
2010-02-14 06:43 . 2010-02-14 06:43 737280 ----a-w- c:\windows\iun6002.exe
2010-02-12 10:03 . 2010-03-07 07:53 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-04 09:01 . 2010-02-14 13:28 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-02-14 13:28 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-02-14 13:28 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-02-14 13:28 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"SUPERAntiSpyware"="d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-01 2010864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-02-28 08:59 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14.2.2010 8:34 114768]
R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2010 11:15 66632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.2.2010 8:34 20560]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.2.2010 10:13 691696]
S3 SASENUM;SASENUM;d:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2010 11:15 12872]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 7:01 2799808]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-16 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-02-17 18:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D}
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

HKLM-Run-nwiz - nwiz.exe
HKU-Default-RunOnce-tscuninstall - c:\windows\system32\tscupgrd.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-16 10:46
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(740)
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
.
Celkový čas: 2010-04-16 10:48:06
ComboFix-quarantined-files.txt 2010-04-16 08:47

Před spuštěním: Volných bajtů: 16 409 268 224
Po spuštění: Volných bajtů: 16 371 466 240

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 8F9CD8D853D037C6DBFD1CBE278A93DC

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
File::
c:\windows\d3dx.dat
c:\windows\system32\ezsidmv.dat
c:\windows\iun6002.exe
c:\windows\unins000.dat
c:\windows\unins000.exe
c:\windows\SxsCaPendDel

Collect::
c:\windows\system32\SySavi2mpeg.dat

Folder::
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

DirLook::
c:\program files\Setup Files


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Na disku C se ti vytvoří adresář/složka pojmenovaná Qoobox a v ní bude další adresář Quarantine a v ní najdeš archiv v podobném tvaru [4]-Submit a_2010-04-16@14.14.zip kde čísla za @ znamenají aktuální čas vytvoření souboru. Pošli mi ho jako přílohu přes SZ. Dík.

[RuLich]

Musel jsem vypnout schvost.exe (92%), nechtěla se vytvořit zprávo z Combo


ComboFix 10-04-15.04 - RuLich 16.04.2010 15:57:58.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1619 [GMT 2:00]
Spuštěný z: D:\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\RuLich\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100416-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\d3dx.dat"
"c:\windows\iun6002.exe"
"c:\windows\SxsCaPendDel"
"c:\windows\system32\ezsidmv.dat"
"c:\windows\unins000.dat"
"c:\windows\unins000.exe"

file zipped: c:\windows\system32\SySavi2mpeg.dat
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP\WiseCustomCalla.dll
c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP\WiseData.ini
c:\windows\d3dx.dat
c:\windows\iun6002.exe
c:\windows\system32\ezsidmv.dat
c:\windows\system32\SySavi2mpeg.dat
c:\windows\unins000.dat
c:\windows\unins000.exe

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-03-16 do 2010-04-16 )))))))))))))))))))))))))))))))
.

2010-04-15 18:36 . 2010-04-15 18:36 -------- d-----w- c:\program files\TrendMicro
2010-04-14 03:07 . 2009-08-06 17:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-04-13 20:26 . 2001-10-24 10:24 38912 -c--a-w- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2010-04-13 20:25 . 2001-10-25 12:00 7168 -c--a-w- c:\windows\system32\dllcache\wamregps.dll
2010-04-13 20:24 . 2008-04-14 06:53 188416 ----a-w- c:\windows\system32\msh261.drv
2010-04-13 20:01 . 2001-10-25 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2010-04-13 20:01 . 2001-10-25 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2010-04-13 20:01 . 2001-10-25 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2010-04-13 20:01 . 2001-10-25 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2010-04-13 18:22 . 2008-04-14 06:51 4255 ------w- c:\windows\system32\drivers\adv01nt5.dll
2010-04-13 03:28 . 2010-04-13 08:33 -------- d-----w- c:\windows\SxsCaPendDel
2010-04-12 19:03 . 2009-07-01 09:55 701440 ----a-w- c:\windows\system32\cohelper.dll
2010-04-12 19:03 . 2009-06-30 22:42 485920 ----a-w- c:\windows\system32\nvunrm.exe
2010-04-09 17:09 . 2010-04-09 17:11 -------- d-----w- c:\program files\Software by Design
2010-04-09 17:09 . 2005-05-22 05:00 90112 ------w- c:\windows\SDUnInst.exe
2010-04-09 12:28 . 2010-04-10 05:54 -------- d-----w- c:\program files\DVDFab 6
2010-04-08 23:47 . 1998-10-29 17:45 306688 ----a-w- c:\windows\IsUninst.exe
2010-04-08 20:59 . 2010-04-08 20:59 -------- d-----w- c:\program files\Active Data Recovery Software
2010-04-06 18:42 . 2010-04-06 18:42 106557 ----a-w- c:\windows\system32\btw_ci.dll
2010-04-05 18:34 . 2010-03-29 13:24 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-05 18:34 . 2010-04-15 18:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-05 18:34 . 2010-03-29 13:24 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-05 07:34 . 2010-04-05 07:34 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2010-04-05 07:34 . 2010-04-05 07:34 -------- d-----w- c:\program files\Microsoft.NET
2010-04-05 07:33 . 2010-04-06 08:57 -------- d-----w- c:\program files\Common Files\Manažer instalací SolidWorks
2010-04-05 07:17 . 2010-04-06 08:57 -------- d-----w- c:\windows\SolidWorks
2010-04-03 16:17 . 2010-04-03 16:17 -------- d-----w- c:\program files\Uniblue
2010-04-03 07:49 . 2010-04-03 07:49 -------- d-----w- c:\program files\IVT Corporation
2010-04-01 19:50 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-04-01 19:50 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-04-01 19:50 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2010-04-01 19:50 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2010-04-01 19:50 . 2007-07-19 16:14 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2010-04-01 19:50 . 2007-07-19 16:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-04-01 19:50 . 2007-05-16 14:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
2010-04-01 19:50 . 2007-05-16 14:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
2010-04-01 19:50 . 2007-03-15 14:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
2010-04-01 19:50 . 2007-03-12 14:42 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll
2010-03-31 19:17 . 2010-03-31 19:18 -------- d-----w- c:\program files\Setup Files
2010-03-31 19:03 . 2010-03-31 19:18 -------- d-----w- c:\program files\MSI
2010-03-31 17:44 . 2010-04-01 03:35 -------- d-----w- c:\program files\DNA
2010-03-29 04:40 . 2010-03-29 15:47 -------- d-----w- C:\Boot
2010-03-28 15:32 . 2007-04-18 23:59 519912 ----a-w- c:\windows\system32\d3dx10d_33.dll
2010-03-28 15:32 . 2007-04-17 23:13 25037 ----a-w- c:\windows\system32\Nucleus.dll
2010-03-28 08:38 . 2010-03-28 08:38 -------- d-----w- c:\windows\system32\AGEIA
2010-03-28 08:17 . 2010-03-28 08:17 -------- d-----w- c:\program files\Deep Silver
2010-03-26 21:15 . 2010-04-06 08:53 -------- dc----w- c:\windows\system32\DRVSTORE
2010-03-26 09:41 . 2010-03-26 09:41 -------- d-----w- c:\program files\Common Files\Skype
2010-03-25 19:40 . 2010-03-25 19:40 -------- d-----w- c:\program files\SQUARE ENIX - Eidos Interactive
2010-03-21 18:38 . 2010-03-21 18:38 -------- d-----w- c:\program files\VideoLAN
2010-03-21 18:36 . 2010-03-21 18:36 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-21 18:36 . 2010-03-21 18:36 -------- d-----w- c:\program files\Ahead
2010-03-20 20:25 . 2010-03-20 20:25 -------- d-----w- c:\windows\system32\Nová složka
2010-03-20 16:49 . 2010-03-20 16:52 -------- d-----w- c:\windows\Symbols
2010-03-20 15:45 . 2010-04-12 17:45 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)
2010-03-18 09:44 . 2010-04-13 20:19 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-16 14:03 . 2010-04-16 14:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat
2010-04-16 03:27 . 2010-02-14 08:13 -------- d-----w- c:\program files\DAEMON Tools Lite
2010-04-16 03:27 . 2010-02-14 08:13 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-13 21:03 . 2001-10-25 12:00 437832 ----a-w- c:\windows\system32\perfh005.dat
2010-04-13 21:03 . 2001-10-25 12:00 82552 ----a-w- c:\windows\system32\perfc005.dat
2010-04-13 20:23 . 2010-02-14 00:10 23544 ----a-w- c:\windows\system32\emptyregdb.dat
2010-04-13 20:19 . 2010-02-14 07:05 -------- d-----w- c:\program files\AGEIA Technologies
2010-04-13 08:33 . 2010-02-14 06:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-12 19:05 . 2010-02-14 07:05 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-10 22:40 . 2010-03-05 04:17 -------- d-----w- c:\program files\Ubisoft
2010-04-06 08:55 . 2010-03-12 21:21 -------- d-----w- c:\program files\Common Files\SolidWorks Shared
2010-04-05 07:34 . 2010-02-14 06:54 -------- d-----w- c:\program files\MSECache
2010-04-05 07:09 . 2010-03-08 15:12 -------- d-----w- c:\program files\Common Files\PC Tools
2010-04-03 15:48 . 2010-02-18 07:44 -------- d-----w- c:\program files\Ace Utilities
2010-03-26 17:52 . 2010-02-14 15:38 -------- d-----r- c:\program files\Skype
2010-03-14 21:12 . 2010-03-14 21:12 0 ----a-w- c:\windows\nsreg.dat
2010-03-12 22:40 . 2010-03-12 21:28 -------- d-----w- c:\program files\Common Files\eDrawings2006
2010-03-12 21:21 . 2010-03-12 21:21 -------- d-----w- c:\program files\Common Files\Bluebeam Software
2010-03-12 21:16 . 2010-03-12 21:16 -------- d-----w- c:\program files\Common Files\EZB Systems
2010-03-12 21:16 . 2010-03-12 21:16 -------- d-----w- c:\program files\UltraISO
2010-03-12 20:54 . 2010-03-12 20:54 -------- d-----w- c:\program files\Common Files\Solidworks Data
2010-03-10 17:32 . 2010-02-22 01:14 -------- d-----w- c:\program files\Unlocker
2010-03-08 17:09 . 2010-02-17 22:02 -------- d-----w- c:\program files\Glary Utilities
2010-03-08 15:11 . 2010-03-08 15:11 -------- d-----w- c:\program files\CCleaner
2010-03-07 18:17 . 2010-03-07 18:17 -------- d-----w- c:\program files\Divoký míč 3
2010-03-07 09:33 . 2010-03-06 23:48 -------- d-----w- c:\program files\Dama2Lite
2010-03-07 08:20 . 2010-03-07 08:20 -------- d-----w- c:\program files\MSXML 4.0
2010-03-04 21:02 . 2010-03-04 21:02 -------- d-----w- c:\program files\uTorrent
2010-03-03 20:33 . 2010-03-03 20:33 -------- d-----w- c:\program files\MSBuild
2010-03-03 20:33 . 2010-03-03 20:33 -------- d-----w- c:\program files\Reference Assemblies
2010-03-03 20:32 . 2010-03-03 20:32 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2010-03-03 20:32 . 2010-02-19 20:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-03-03 20:32 . 2010-02-19 20:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-03-03 20:32 . 2010-02-19 20:24 -------- d-----w- c:\program files\OpenAL
2010-02-26 13:14 . 2010-02-26 13:14 -------- d-----w- c:\program files\Ashampoo
2010-02-21 12:54 . 2010-02-21 12:54 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2010-02-21 11:36 . 2010-02-14 06:51 -------- d-----w- c:\program files\Common Files\Adobe
2010-02-18 22:10 . 2010-02-18 22:10 -------- d-----w- c:\program files\4Videosoft Studio
2010-02-18 22:04 . 2010-02-18 22:04 -------- d-----w- c:\program files\MediaInfo
2010-02-18 20:18 . 2010-02-18 18:40 -------- d-----w- c:\program files\WinMPG VideoConvert
2010-02-18 07:48 . 2010-02-18 07:48 -------- d-----w- c:\program files\Registry Repair
2010-02-17 22:01 . 2010-02-14 00:12 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-17 22:01 . 2010-02-14 00:12 2426 ----a-w- c:\windows\pchealth\helpctr\PackageStore\SkuStore.bin
2010-02-17 22:01 . 2010-02-14 00:12 8972 ----a-w- c:\windows\pchealth\helpctr\Config\Cntstore.bin
2010-02-15 15:04 . 2010-02-15 15:03 -------- d-----w- c:\program files\DVD Shrink
2010-02-15 14:53 . 2010-02-15 14:53 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
2010-02-15 14:53 . 2010-02-15 14:53 -------- d-----w- c:\program files\VSO
2010-02-12 10:03 . 2010-03-07 07:53 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-02-04 09:01 . 2010-02-14 13:28 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-02-04 09:01 . 2010-02-14 13:28 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-02-04 09:01 . 2010-02-14 13:28 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-02-04 09:01 . 2010-02-14 13:28 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\Setup Files ----

2009-10-15 13:00 . 2009-10-15 13:00 103 ----a-w- c:\program files\Setup Files\MSI Dual Core Center v2.0.6.4\MSISetup.ini
2009-09-17 16:09 . 2009-09-17 16:09 36178 ----a-w- c:\program files\Setup Files\MSI Dual Core Center v2.0.6.4\ReleaseNote.txt
2009-09-17 16:04 . 2009-09-17 16:04 11406741 ----a-w- c:\program files\Setup Files\MSI Dual Core Center v2.0.6.4\DualCoreCenter.exe
2007-08-29 09:50 . 2007-08-29 09:50 98 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\MSISetup.ini
2007-08-01 17:58 . 2007-08-01 17:58 342 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\README.TXT
2007-01-30 21:36 . 2007-01-30 21:36 32408884 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\NAM\NAMSetup.exe
2007-01-30 14:54 . 2007-01-30 14:54 836 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.ini
2007-01-30 14:54 . 2007-01-30 14:54 6028253 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\data1.cab
2007-01-30 14:54 . 2007-01-30 14:54 33570 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\data1.hdr
2007-01-30 14:54 . 2007-01-30 14:54 512 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\data2.cab
2007-01-30 14:54 . 2007-01-30 14:54 509 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\layout.bin
2007-01-30 14:54 . 2007-01-30 14:54 552214 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\ISSetup.dll
2007-01-30 14:53 . 2007-01-30 14:53 322697 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.inx
2007-01-30 14:49 . 2007-01-30 14:49 176756 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.bmp
2007-01-30 14:49 . 2007-01-30 14:49 286 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.iss
2007-01-02 03:47 . 2007-01-02 03:47 9068 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvenetfd.cat
2007-01-02 03:47 . 2007-01-02 03:47 10331 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnetbus.cat
2006-12-28 20:52 . 2006-12-28 20:52 3753 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnetbus.inf
2006-12-28 20:51 . 2006-12-28 20:51 18699 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvenetfd.inf
2006-11-20 00:35 . 2006-11-20 00:35 19968 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnetbus.sys
2006-11-20 00:35 . 2006-11-20 00:35 62592 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvefdxp.sys
2006-11-20 00:35 . 2006-11-20 00:35 59264 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvefd2k.sys
2006-11-20 00:35 . 2006-11-20 00:35 109568 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvtcp.sys
2006-11-20 00:35 . 2006-11-20 00:35 920320 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnrm.sys
2006-11-20 00:34 . 2006-11-20 00:34 261632 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvsnpu.sys
2006-11-20 00:33 . 2006-11-20 00:33 193024 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\fdco1.dll
2006-11-20 00:32 . 2006-11-20 00:32 9216 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\bdco1.dll
2006-11-07 12:58 . 2006-11-07 12:58 35840 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvconrm.dll
2006-11-07 12:58 . 2006-11-07 12:58 356352 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvunrm.exe
2006-10-30 02:57 . 2006-10-30 02:57 9739 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\nvraid.cat
2006-10-24 06:47 . 2006-10-24 06:47 9118 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvata.cat
2006-10-19 07:36 . 2006-10-19 07:36 3903 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnrm.nvu
2006-10-18 21:59 . 2006-10-18 21:59 3338 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvata.inf
2006-10-18 17:14 . 2006-10-18 17:14 5940 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\nvraid.inf
2006-10-18 15:02 . 2006-10-18 15:02 11587020 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\raidtool\RAIDTOOL.cab
2006-10-18 14:31 . 2006-10-18 14:31 89216 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\nvraid.sys
2006-10-18 14:31 . 2006-10-18 14:31 19456 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\nvraidco.dll
2006-10-18 14:31 . 2006-10-18 14:31 363008 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\idecoi.dll
2006-10-18 14:31 . 2006-10-18 14:31 363008 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\idecoi.dll
2006-10-18 14:31 . 2006-10-18 14:31 105472 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\nvatabus.sys
2006-10-18 14:31 . 2006-10-18 14:31 105472 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvata.sys
2006-10-18 14:26 . 2006-10-18 14:26 4871 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\txtsetup.oem
2006-10-05 14:35 . 2006-10-05 14:35 35840 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvcoi.dll
2006-10-05 14:35 . 2006-10-05 14:35 356352 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvuide.exe
2006-10-05 11:07 . 2006-10-05 11:07 6 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvenetfd.tag
2006-10-05 11:07 . 2006-10-05 11:07 6 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvnetbus.tag
2006-10-05 11:07 . 2006-10-05 11:07 1428 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\Ethernet\nvphy.bin
2006-09-11 13:14 . 2006-09-11 13:14 1570 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sata_ide\nvide.nvu
2006-06-14 16:31 . 2006-06-14 16:31 8343 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nvsmb.cat
2006-06-08 12:13 . 2006-06-08 12:13 1259 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nf4sys.inf
2006-06-08 12:13 . 2006-06-08 12:13 2191 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nvsmbus.inf
2006-06-08 12:13 . 2006-06-08 12:13 4 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nf4sys.cat
2006-06-07 16:49 . 2006-06-07 16:49 208896 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nvusmb.exe
2006-06-01 12:32 . 2006-06-01 12:32 1864 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\SMBus\nvsmb.nvu
2006-05-24 10:10 . 2006-05-24 10:10 455600 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.exe
2006-05-17 09:21 . 2006-05-17 09:21 373680 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\_setup.dll
2006-05-16 12:44 . 2006-05-16 12:44 75975 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\setup.isn
2005-12-24 03:21 . 2005-12-24 03:21 23510720 ----a-w- c:\program files\Setup Files\MSI Dual Core Center v2.0.6.4\dotNET_Frame_Work_2.0\dotnetfx.exe
2005-11-07 22:14 . 2005-11-07 22:14 5 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\IDE\WinXP\sataraid\disk1
2003-10-08 18:15 . 2003-10-08 18:15 227840 ----a-w- c:\program files\Setup Files\NVIDIA 650i System Driver v8.43\MSISetup.exe
2002-12-27 13:05 . 2002-12-27 13:05 196096 ----a-w- c:\program files\Setup Files\MSI Dual Core Center v2.0.6.4\MSISetup.exe


------- Sigcheck -------

[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys

[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2001-10-25 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kbdclass.sys
[-] 2008-04-14 . 1B6162FE7F66B1A71A4B70F941C4AA9B . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys

[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2001-10-25 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\system32\drivers\tcpip.sys

[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
[-] 2008-04-14 . 249276D3EF1E74B992299CB96099E4D7 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\browser.dll

[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . ED0A176354487CEED65B80A7148AB739 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lsass.exe

[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
[-] 2008-04-14 . 72E1E9E2977BE08BDEEDB6D8FD9D4D40 . 198144 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netman.dll

[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\ERDNT\cache\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2008-04-14 . 19395D092FD85DDC2D9C7729CF5A2AC8 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\qmgr.dll

[-] 2009-02-09 . C0BD34A62508BA68F146E22CE45919F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\system32\rpcss.dll
[-] 2008-04-14 . C868F3AE15CF71A93F2AA3A32856D839 . 399360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . 3D107D45CCFDB266E91D84B52CD7F430 . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\system32\services.exe
[-] 2008-04-14 . F0D2AE69035092BF22DAD6B50FAB85C2 . 108544 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\services.exe

[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\spoolsv.exe
[-] 2008-04-14 . CB1090BCA0E7B40D0B5B4E4D66531809 . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\spoolsv.exe

[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . CDDB1F8E1AEA356F3AD106F2CF9B7FEA . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\winlogon.exe

[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\ERDNT\cache\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
[-] 2008-04-14 . F3AB0933CBD166D271992F411C27CCAF . 62464 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cryptsvc.dll

[-] 2008-07-07 20:25 . BE68EA4457E2E5717231CF91BE5448E0 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\ERDNT\cache\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\system32\es.dll
[-] 2008-04-14 06:51 . 260C69FD67687B0DC062FC3D31655857 . 246272 . . [2001.12.4414.701] . . c:\windows\system32\dllcache\es.dll

[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 6C60CA8AC7470AC01CFD3D24C7283CD1 . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\imm32.dll

[-] 2009-03-21 . 0D8F61460F84139BBE5E391D8DE18D9A . 990208 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\system32\kernel32.dll
[-] 2008-04-14 . FD91CD95A1C663DF54DD371CC8A234DE . 988160 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\kernel32.dll

[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
[-] 2008-04-14 . 7FDE9FC15765E02B23E1756930165AD1 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\linkinfo.dll

[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . C66BA7BD13C8FB8BEC4863B88641C763 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\lpk.dll

[-] 2010-02-25 . AC93856CC1D10E74986EA4E70D90748F . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-22 . BD2EE2BDF5954172F509A16EBEA06D85 . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[-] 2009-12-21 . 8BE0CC683F604CA2DA29589DA96D6FD1 . 5942784 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\mshtml.dll
[-] 2009-12-21 . BD424F12E808F3AA345C4816F7124F7C . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . 00EC3DE6B7C581CC2675CCD549B692D7 . 5940736 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\mshtml.dll
[-] 2009-10-29 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2008-04-14 . DAF9947DE2A6EA20AE524B7C50487E57 . 3066880 . . [6.00.2900.5512] . . c:\windows\ie8\mshtml.dll

[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\ERDNT\cache\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2008-04-14 . D165DFCB4EA452510E53416F573018BB . 343040 . . [7.0.2600.5512] . . c:\windows\system32\dllcache\msvcrt.dll

[-] 2008-06-20 . B6CEC406351EA5EF131416D5F52D006F . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\system32\mswsock.dll
[-] 2008-04-14 . AAC97DAB5F8A0573CF10E0EAC42A7724 . 247296 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\mswsock.dll

[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . C2ED0E3408F50BBC149D4F0936E67832 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\netlogon.dll

[-] 2009-12-10 . 7782F11AE957B736585870CD2671227B . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 3502DBBC657001D7A2A2768BD7DE1483 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-10 . 97480EBFE1D4B547657BAD75AAAB1325 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2008-04-14 . 27C7A7AED8A477F6A0C7D3AD00AB9419 . 2147328 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntoskrnl.exe
[-] 2008-04-14 . 27C7A7AED8A477F6A0C7D3AD00AB9419 . 2147328 . . [5.1.2600.5512] . . c:\windows\system32\ntoskrnl.exe

[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 9FA69781CAA7A1DA981A24F240A61A60 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\powrprof.dll

[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
[-] 2008-04-14 . 830CE8951C71F361D7D2F38416CC8BC1 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\scecli.dll

[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 5EE949255BABC0B17C09DDB2E59E3878 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfc.dll

[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . BE4A520E29B6391F49E79CCC52044D93 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\svchost.exe

[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
[-] 2008-04-14 . C2546CD7A398476F9DF5614B2AE160E8 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\tapisrv.dll

[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . E16E0990967374E76F3E40CACAFD3D53 . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\user32.dll

[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . 7DC1830F22E7D275B438127B68030239 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\userinit.exe

[-] 2010-02-25 . 2E6504E28C7E0F753F68731861A94214 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-22 . 5F072B7F1CF448D6ED5FF79511890E60 . 669696 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[-] 2009-12-21 . 75A4A1378971D84FF6A7D766F4A7BC59 . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll
[-] 2009-12-21 . 9256DA4AEE5E2C20FC6C126BDBC11997 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . F651D2A69B7037D6063BC697CF296D8C . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll
[-] 2009-10-29 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ERDNT\cache\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\wininet.dll
[-] 2008-04-14 . 3FE5E65A7ED9EC98AEE9167CA07812D3 . 667136 . . [6.00.2900.5512] . . c:\windows\ie8\wininet.dll

[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 951D473917C51F21496D914CF6E5DDD1 . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ws2_32.dll

[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\explorer.exe
[-] 2008-04-14 . 27AFD587C462E280EE046B8CCA3C2CD1 . 1034240 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\explorer.exe

[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 35B91147124F64AC8081A2EDB9EA4DEE . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\srsvc.dll

[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 278A14BEDEF58687EAF8BEC056A78D8B . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\wscntfy.exe

[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-14 . EAA4BB9EDB3FB10CF8979FE65E63658F . 129024 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\xmlprov.dll

[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
[-] 2008-04-14 . 2EE99F67C930931EB404DADCE57E976E . 56320 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\eventlog.dll

[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\sfcfiles.dll

[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe

[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\ERDNT\cache\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\shsvcs.dll
[-] 2008-04-14 . B927443008910B412BEC72FC41C1BAD0 . 135168 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\shsvcs.dll

[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
[-] 2008-04-14 . 8F31505484A190D5B22274708799F4EC . 59904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regsvc.dll

[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
[-] 2008-04-14 . 3FF232A7731621B8902D81D42418C93C . 192512 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\schedsvc.dll

[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
[-] 2008-04-14 . BECD5271DC4E3B7C3D035F790FCBC1E5 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ssdpsrv.dll

[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . A75DD6FC3DBEE4FFF5EBC9F2C28BB66E . 295936 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\termsrv.dll

[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll
[-] 2008-04-14 . 6B8E7A90E576D4FE308F97C69060A171 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\appmgmts.dll

[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\ERDNT\cache\acpiec.sys
[-] 2001-10-25 . AFDFF022A01F0B11C776F0860C3B282F . 11776 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

[-] 2008-04-14 07:10 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ERDNT\cache\aec.sys
[-] 2008-04-14 07:10 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2008-04-14 06:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\ERDNT\cache\mfc40u.dll
[-] 2008-04-14 06:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\system32\mfc40u.dll
[-] 2008-04-14 06:51 . 7C3351F60B759D5D917E68342AE3307C . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\mfc40u.dll

[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 221CD1C815B8A6B79389C3F5D1018DE8 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\msgsvc.dll

[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\ERDNT\cache\mspmsnsv.dll
[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-14 06:51 . 6199B2AE3F9DB9CB6DB230471A1DC601 . 52224 . . [9.0.1.56] . . c:\windows\system32\dllcache\mspmsnsv.dll

[-] 2009-12-10 . 58516936F00D10D4B615C458A8A4AB71 . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165-v2\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 97815C93200676C727CE951AE5C78137 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-02-09 . FF8A3F180A224AA27EBAB937CA027F4D . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . 9F12E026DC0B0C43F521114EFB3A3ACC . 2025984 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\ntkrnlpa.exe
[-] 2008-04-14 . 9F12E026DC0B0C43F521114EFB3A3ACC . 2025984 . . [5.1.2600.5512] . . c:\windows\system32\ntkrnlpa.exe

[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\ERDNT\cache\ntmssvc.dll
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 06:51 . 023DD70573D644F3D9C8B1258A7BFD08 . 435712 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\ntmssvc.dll

[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\ERDNT\cache\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
[-] 2008-04-14 . 651BD90DCEE5B7BDC74A2EB7C9266F9E . 186368 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\upnphost.dll
.
((((((((((((((((((((((((((((( SnapShot@2010-04-16_08.46.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-16 14:02 . 2010-04-16 14:02 22253 c:\windows\Temp\Turkish.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 16949 c:\windows\Temp\TradChin.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 21976 c:\windows\Temp\Thai.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 24082 c:\windows\Temp\SWEDISH.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 27753 c:\windows\Temp\Spanish.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 16408 c:\windows\Temp\SimChin.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 26126 c:\windows\Temp\Russian.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 26260 c:\windows\Temp\Portuguese.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 25071 c:\windows\Temp\Portuguese(Brazil).bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 24221 c:\windows\Temp\Polish.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 16384 c:\windows\Temp\Perflib_Perfdata_614.dat
+ 2010-04-16 14:02 . 2010-04-16 14:02 21964 c:\windows\Temp\Norwegian.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 20135 c:\windows\Temp\Korean.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 24297 c:\windows\Temp\Japanese.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 27410 c:\windows\Temp\Italian.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 26080 c:\windows\Temp\Hungarian.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 19553 c:\windows\Temp\Hebrew.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 25082 c:\windows\Temp\Greek.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 25753 c:\windows\Temp\German.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 27235 c:\windows\Temp\French.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 22857 c:\windows\Temp\Finnish.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 21914 c:\windows\Temp\English.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 25747 c:\windows\Temp\Dutch.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 22783 c:\windows\Temp\Danish.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 24312 c:\windows\Temp\Czech.bin
+ 2010-04-16 14:02 . 2010-04-16 14:02 20972 c:\windows\Temp\Arabic.bin
+ 2010-04-16 14:03 . 2010-04-01 10:28 158960 c:\windows\Temp\SSUPDATE.EXE
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-03-09 26100520]
"SUPERAntiSpyware"="d:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-04-01 2010864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2009-10-26 15872]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" [2006-12-19 16062464]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-01-11 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-01-11 13666408]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2008-02-28 08:59 570664 ----a-w- c:\program files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-16 10:04 2879488 ------r- c:\windows\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [14.2.2010 10:13 691696]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [14.2.2010 8:34 114768]
R1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.2.2010 11:15 66632]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.2.2010 8:34 20560]
R3 SASENUM;SASENUM;d:\program files\SUPERAntiSpyware\SASENUM.SYS [17.2.2010 11:15 12872]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 7:01 2799808]
.
Obsah adresáře 'Naplánované úlohy'

2010-04-16 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-02-17 18:44]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.cz/
LSP: c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-16 16:03
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spiu.sys >>UNKNOWN [0x8A57D938]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xb810cf28
\Driver\ACPI -> ACPI.sys @ 0xb7e74cb8
\Driver\atapi -> atapi.sys @ 0xb7e09b40
IoDeviceObjectType -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
\Device\Harddisk0\DR0 -> SecurityProcedure -> ntkrnlpa.exe @ 0x80583d4a
NDIS: NVIDIA nForce 10/100/1000 Mbps Ethernet -> SendCompleteHandler -> NDIS.sys @ 0xb7ccdbb0
PacketIndicateHandler -> NDIS.sys @ 0xb7cdaa21
SendHandler -> NDIS.sys @ 0xb7cb887b
user & kernel MBR OK

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'lsass.exe'(756)
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll

- - - - - - - > 'explorer.exe'(3712)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\system32\rundll32.exe
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\RUNDLL32.EXE
c:\program files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
c:\windows\system32\IPCONFIG.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\system32\taskmgr.exe
.
**************************************************************************
.
Celkový čas: 2010-04-16 16:14:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-04-16 14:05
ComboFix2.txt 2010-04-16 08:48

Před spuštěním: Volných bajtů: 16 321 634 304
Po spuštění: Volných bajtů: 16 303 403 008

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 0DE02C9DAB1BDBD5B3C8E626AC2601F9

[jaro3]

Smaž ručně složku:
c:\windows\SxsCaPendDel

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG či Avast, následně T-Cleaner smaž a zapni si AVG či Avast.


Spusť F-Secure Online Scanner

Tento skener je možno použít jen v prohlížeči Internet Explorer! Postupuj podle instrukcí na stránce F-Secure pro správnou instalaci. Akceptuj licenci. Po instalaci ActiveX, klikni na Full System Scan. Když stahování skončeno, automaticky začne sken . Vyčkej konce skenu, po jeho dobu neprováděj jiné operace ani neklikej myší. Když skončí sken klikni na tlačítko Automatic clearing (recommended). Poté klikni na tlačítko Show Report a zkopíruj a vlož sem .

[RuLich]

Je to spráný log?

Scanning Report
Friday, April 16, 2010 18:50:23 - 19:14:38
Computer name: TATA
Scanning type: Scan system for malware, spyware and rootkits
Target: C:\ D:\ F:\ G:\ H:\


--------------------------------------------------------------------------------

2 malware found
TrackingCookie.Doubleclick (spyware)
System (Disinfected)
Suspicious:W32/Malware!Gemini (virus)
C:\PROGRAM FILES\YOUR UNINSTALLER 2008\AUTOUPDATER.EXE (Not cleaned)

--------------------------------------------------------------------------------

Statistics
Scanned:
Files: 25549
System: 3508
Not scanned: 10
Actions:
Disinfected: 1
Renamed: 0
Deleted: 0
Not cleaned: 1
Submitted: 0
Files not scanned:
C:\PAGEFILE.SYS
C:\WINDOWS\TEMP\HSPERFDATA_RULICH\1096
C:\WINDOWS\TEMP\HSPERFDATA_RULICH\192
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
C:\WINDOWS\SYSTEM32\CONFIG\SAM
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
C:\DOCUMENTS AND SETTINGS\RULICH\DATA APLIKACÍ\SKYPE\ETILQS_GYUXRLJNW1J99VO1FPML
C:\DOCUMENTS AND SETTINGS\RULICH\DATA APLIKACÍ\SKYPE\ETILQS_YMMGTRQPYZVJ0BGECK5W

--------------------------------------------------------------------------------

Options
Scanning engines:
Scanning options:
Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML XXX ANI AVB BAT CMD JOB LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
Use advanced heuristics

--------------------------------------------------------------------------------

Copyright © 1998-2009 Product support | Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

[jaro3]

Stáhni si program OTM (by OldTimer)

a ulož si ho na disk C a spusť ho.
- Do levého sloupce (Paste Instructions for Items to be Moved) zkopíruj tyto cesty:
Poznámka: Nepoužij k označení funkci VYBRAT VŠE

Kód: Vybrat vše

:Processes
explorer.exe

:Services

:Reg

:Files
C:\PROGRAM FILES\YOUR UNINSTALLER 2008\AUTOUPDATER.EXE
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\system32\SET*.tmp
c:\windows\Tasks\*.job

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

- Po zkopírování klikni na tlačítko MoveIt! a vlož sem následně celý obsah z pravého sloupce, jinak uložený ve složce C:\_OTMoveIt\MovedFiles\, který bude informovat o výsledcích
- Je možné, že pokud nebudou moci být soubory odstraněny, budeš dotázán na restart počítače, v tom případě restart potvrď.

[RuLich]

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\PROGRAM FILES\YOUR UNINSTALLER 2008\autoupdater.exe moved successfully.
C:\WINDOWS\System32\NEWDC.tmp moved successfully.
C:\WINDOWS\System32\NEWDF.tmp moved successfully.
C:\WINDOWS\System32\NEWE0.tmp moved successfully.
C:\WINDOWS\000001_.tmp moved successfully.
C:\WINDOWS\SET32.tmp moved successfully.
C:\WINDOWS\SET35.tmp moved successfully.
C:\WINDOWS\SET41.tmp moved successfully.
C:\WINDOWS\SET97.tmp moved successfully.
C:\WINDOWS\SET9A.tmp moved successfully.
C:\WINDOWS\SETA6.tmp moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
c:\windows\Tasks\GlaryInitialize.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: RuLich
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3956775 bytes
->Java cache emptied: 29626 bytes
->FireFox cache emptied: 3337546 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 180951184 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3565466 bytes
RecycleBin emptied: 210944 bytes

Total Files Cleaned = 183,00 mb


OTM by OldTimer - Version 3.1.10.1 log created on 04162010_195809

Files moved on Reboot...
C:\Documents and Settings\RuLich\Local Settings\Temporary Internet Files\Content.IE5\IPM5F6JR\ads[4].htm moved successfully.
C:\Documents and Settings\RuLich\Local Settings\Temporary Internet Files\Content.IE5\IPM5F6JR\online-scanner[1].htm moved successfully.
C:\Documents and Settings\RuLich\Local Settings\Temporary Internet Files\Content.IE5\1G4U4GJ2\ads[2].htm moved successfully.
C:\Documents and Settings\RuLich\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\hsperfdata_RuLich\192 not found!
C:\WINDOWS\temp\Perflib_Perfdata_608.dat moved successfully.
File C:\WINDOWS\temp\~DFE77D.tmp not found!
File C:\WINDOWS\temp\~DFE7F3.tmp not found!
File C:\WINDOWS\temp\~DFEA1F.tmp not found!
File C:\WINDOWS\temp\~DFEA97.tmp not found!

Registry entries deleted on Reboot...

......................................
svchost.exe stále 85%, ikony jsou na ploše pravé tlačítko funguje ale ikona pipojení stále není v Síťová připojení


Omlouvám se musím na 2 hod. pryč díky

[jaro3]

Smaž složku:
C:\_OTM

Viry to není , na vině budou chybějící soubory , jejich neustálé hledání má nejspíše za následek vytížení CPU.

Stahni si SREng -- System Repair Engineer

- rozbal na plochu a spust ho
- zvol "zvol Smart Scan", nech nastaveni tak jak je
- zvol "Verify the digital signature of process modules"
- klik na "Scan"
- klik na Save Reports, uloz log na plochu a cely obsah logu zkopirujt sem
- rozbal na plochu a spust ho
+
- Spusť ho a zvol možnost System Repair
- Na první záložce File Associations pokud bude zatrhnutý/vybraný některý čtvereček z výpisu, tak klikni dole na tlačítko Repair


Stáhni si Dial-a-fix
Control Panel applets - Pokusí se o opravu Ovládacích panelů.

Klikni na kladívko-další možnosti:
FlushDNS - Resetuje DNS cache.
FlushIcons - Pokusí se o opravu porušených ikon.
Reset networking interfaces - Opraví winsock a síťové nastavení.

Klikni na službu(dej zatržítko) a potom na GO.

Pokud to nepomůže:
SFC scan - Spustí nástroj pro kontrolu systémových souborů (případná potřeba instalačního media Windows).