prosím o kontrolu Logu

Alan-K · Příspěvekod **Alan-K** » 21 kvě 2010 14:46

Ahoj lidi, moc Vás prosím o kontrolu Logu z HJT.....

S PC se neděje nic vážného, ale chtěl bych poprosit o vyřešení dvou věcí
1) hodně dlouho trvá, než se vypne.....
2) když jsem tady v lednu t.r. řešili nějké ty šmejdíky v mém PC, tak ty zásahy byli trochu hlubší.....viz

Kód: Vybrat vše

http://www.pc-help.cz/viewtopic.php?f=70&t=49529

a od té doby mi nejde nastavit sdílení HDD v síti, když dám disk (mám jich 5) sdílet, tak vyskočí chybové hlášení "Při pokusu o sdílení Data (D) došlo k neznámé chybě. Služba Server není spuštěna. Sdílený prostředek nebyl nyní vytvořen." Možná, tedy určitě jsem jen trouba, který neví, kde se daný proces spouští.......

Předem moc a moc děkuji za Váš čas......Alan.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:36:15, on 21.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\Creative\Entertainment Center\EAXLoadr.exe
C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
D:\RapidShare\DOWNLOAD\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7481194531
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/ ... gh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 13626 bytes

Reklama

Příspěvekod **jaro3** » 21 kvě 2010 15:49

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7481194531
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30155.www3.hp.com/ediags/hpfix/ ... gh.cab?326
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwar ... /CTPID.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Malwarebytes' Anti-Malware nic nenašel?

Stáhni si na svojí plochu StartupLite .exe by MalwareBytes

Tento program identifikuje a dává volbu k odstranění nepotřebných položek k vyprázdnění paměti.
Poklepej na ikonu StartupLite.exe (by MalwareBytes ) ke spuštění programu. Ve vistě a windows 7 spusť jako správce (pravým klik na ikonu a vyber-spustit jako správce).Vytvoří se list nepotřebných vstupů po spuštění. Nech všechny položky jako deaktivované a klikni na Continue . Restartuj PC.

Alan-K · Příspěvekod **Alan-K** » 21 kvě 2010 16:32

Fix v HJT hotov....
ATF Cleaner používám, tak jsem ho použil....
Malwerbytes v poslední době nic a asi před týdnem jsem dělal kompletní sken a výsledek vše o.k. ....
StartupLite.exe jsem použil podle tvých rad....vše bez problémů a potom restart.....

Tady je nový Log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:29:44, on 21.5.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\SYSTEM32\astsrv.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\IoctlSvc.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\Program Files\Creative\Entertainment Center\EAXLoadr.exe
C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
C:\PROGRA~1\Microsoft ActiveSync\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Alan\Plocha\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Module Loader] C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe -StartUpRun
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Monitor.lnk = C:\Program Files\SanDisk\SanDisk TransferMate\SD Monitor.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\SYSTEM32\astsrv.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - SOURCENEXT - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11781 bytes

Alan-K · Příspěvekod **Alan-K** » 21 kvě 2010 16:38

....ale ještě mě napadlo se podívat do Eset a tam jsem měl v poslední doby tyto záznamy, vše vždy po napadení odstraňuji....

<?xml version="1.0" encoding="utf-8" ?>
- <ESET>
- <LOG>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>19.5.2010</DATE>
<TIME>15:13:40</TIME>
</COLUMN>
<COLUMN NAME="Skener">Rezidentní ochrana</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Infiltrace">varianta infiltrace Win32/Kryptik.DFH trojský kůň</COLUMN>
<COLUMN NAME="Akce">smazán - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">PC-DOMA\Alan</COLUMN>
<COLUMN NAME="Informace">Tato skutečnost byla zjištěna na souboru, který byl modifikován aplikací: C:\Program Files\uTorrent\uTorrent.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>19.5.2010</DATE>
<TIME>14:56:49</TIME>
</COLUMN>
<COLUMN NAME="Skener">HTTP filter</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Infiltrace">pravděpodobně varianta infiltrace Win32/PSW.Agent trojský kůň</COLUMN>
<COLUMN NAME="Akce">přerušeno spojení - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">PC-DOMA\Alan</COLUMN>
<COLUMN NAME="Informace">Infiltrace byla zachycena při přístupu na web aplikací: C:\Program Files\Mozilla Firefox\firefox.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>19.5.2010</DATE>
<TIME>12:58:51</TIME>
</COLUMN>
<COLUMN NAME="Skener">HTTP filter</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Infiltrace">varianta infiltrace Win32/Olmarik.ZM trojský kůň</COLUMN>
<COLUMN NAME="Akce">přerušeno spojení - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">PC-DOMA\Alan</COLUMN>
<COLUMN NAME="Informace">Infiltrace byla zachycena při přístupu na web aplikací: C:\Program Files\Mozilla Firefox\firefox.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>17.5.2010</DATE>
<TIME>22:38:19</TIME>
</COLUMN>
<COLUMN NAME="Skener">HTTP filter</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Infiltrace">Win32/Autoit.NCV trojský kůň</COLUMN>
<COLUMN NAME="Akce">přerušeno spojení - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">BOSS\Alan</COLUMN>
<COLUMN NAME="Informace">Infiltrace byla zachycena při přístupu na web aplikací: C:\Program Files\Mozilla Firefox\firefox.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>28.4.2010</DATE>
<TIME>23:13:14</TIME>
</COLUMN>
<COLUMN NAME="Skener">Rezidentní ochrana</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Název">L:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP63\A0041599.exe</COLUMN>
<COLUMN NAME="Infiltrace">pravděpodobně varianta infiltrace Win32/Agent trojský kůň</COLUMN>
<COLUMN NAME="Akce">vyléčen smazáním - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">NT AUTHORITY\SYSTEM</COLUMN>
<COLUMN NAME="Informace">Tato skutečnost byla zjištěna na souboru, který byl modifikován aplikací: C:\WINDOWS\system32\svchost.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>28.4.2010</DATE>
<TIME>22:09:46</TIME>
</COLUMN>
<COLUMN NAME="Skener">Rezidentní ochrana</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Název">L:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP63\A0041598.exe</COLUMN>
<COLUMN NAME="Infiltrace">pravděpodobně varianta infiltrace Win32/Agent trojský kůň</COLUMN>
<COLUMN NAME="Akce">vyléčen smazáním - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">NT AUTHORITY\SYSTEM</COLUMN>
<COLUMN NAME="Informace">Tato skutečnost byla zjištěna při pokusu o přístup k souboru aplikací: C:\WINDOWS\system32\svchost.exe.</COLUMN>
</RECORD>
- <RECORD>
- <COLUMN NAME="Čas">
<DATE>28.4.2010</DATE>
<TIME>21:22:05</TIME>
</COLUMN>
<COLUMN NAME="Skener">Rezidentní ochrana</COLUMN>
<COLUMN NAME="Objekt">soubor</COLUMN>
<COLUMN NAME="Název">L:\System Volume Information\_restore{2923B724-EB27-4DF0-89A0-AD9E2D867E48}\RP63\A0041595.exe</COLUMN>
<COLUMN NAME="Infiltrace">pravděpodobně varianta infiltrace Win32/Agent trojský kůň</COLUMN>
<COLUMN NAME="Akce">vyléčen smazáním - uložen do karantény</COLUMN>
<COLUMN NAME="Uživatel">NT AUTHORITY\SYSTEM</COLUMN>
<COLUMN NAME="Informace">Tato skutečnost byla zjištěna při pokusu o přístup k souboru aplikací: C:\WINDOWS\system32\svchost.exe.</COLUMN>
</RECORD>
</LOG>
</ESET>

Alan-K · Příspěvekod **Alan-K** » 21 kvě 2010 16:48

Jaro3 prosím ještě vydrž, spustil jsem Malwarebytes a už mi našel jeden infikovaný objekt, ale spadnul, zkusím ho ještě jednou spustit a pak uvidíme....díky.

Příspěvekod **jaro3** » 21 kvě 2010 18:28

Ok , pokud Ti to shazuje , tak MbAM použij v nouz. režimu , je to lepší.

uTorrent -není moc bezpečný program.
Počkám , co MbAM a pak budeme pokračovat.

Alan-K · Příspěvekod **Alan-K** » 22 kvě 2010 13:59

Vím že mtorent je špatný, ale já ho požívám jedno za ..... , ale asi ho dám pryč.

MbAM nenašel nic, projížděl jsem to jednou klasicky a pak podle Tvé rady v nouzovém režimu jako adm.

Prosím co dál....Alan.

Příspěvekod **jaro3** » 22 kvě 2010 15:37

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Alan-K · Příspěvekod **Alan-K** » 23 kvě 2010 15:57

...tak tady to je, vše proběhlo bez problémů.

ComboFix 10-05-22.03 - Alan 23.05.2010 15:33:33.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1490 [GMT 2:00]
Spuštěný z: c:\documents and settings\Alan\Plocha\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Alan\Data aplikací\Microsoft\HTML Help\hh.dat
c:\documents and settings\LocalService\Data aplikací\Microsoft\HTML Help\hh.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-23 do 2010-05-23 )))))))))))))))))))))))))))))))
.

2010-05-20 15:37 . 2010-05-20 15:37 -------- d-----w- c:\program files\Sony Setup
2010-05-20 14:59 . 2010-05-20 14:58 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-20 09:41 . 2010-05-20 09:42 -------- d-----w- c:\program files\XP Codec Pack
2010-05-19 19:29 . 2010-05-19 19:29 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-19 14:44 . 2010-05-19 14:46 -------- d-----w- c:\program files\QuickTime
2010-05-19 14:44 . 2010-05-19 14:44 -------- d-----w- c:\program files\Common Files\Apple
2010-05-19 13:37 . 2010-05-19 13:45 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-05-18 21:05 . 2010-05-18 21:05 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-18 18:30 . 2010-05-18 18:30 -------- d-----w- c:\program files\AnalogX
2010-05-18 17:28 . 2010-05-20 13:34 228 ----a-w- c:\windows\system32\edacded0.dat
2010-05-18 17:27 . 2010-05-18 17:50 -------- d-----w- c:\program files\jv16 PowerTools 2009
2010-05-18 09:49 . 2010-05-18 09:49 -------- d-----w- c:\program files\Common Files\Creative Labs Shared
2010-05-17 23:17 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-05-17 23:17 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-05-17 23:17 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-05-17 23:16 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-05-17 23:16 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-05-17 23:16 . 2009-09-04 15:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-05-17 23:16 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-05-17 23:16 . 2009-09-04 15:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-05-17 23:16 . 2009-09-04 15:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-05-17 23:15 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-05-17 23:15 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-17 23:15 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-05-17 23:15 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-05-17 23:15 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-05-17 23:15 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-05-17 23:15 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2010-05-17 23:15 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2010-05-17 23:15 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2010-05-17 23:15 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-05-17 23:15 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-05-17 23:14 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-05-17 23:14 . 2008-10-27 08:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2010-05-17 23:14 . 2008-10-27 08:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2010-05-17 23:14 . 2008-10-27 08:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2010-05-17 23:14 . 2008-10-27 08:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2010-05-17 23:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-05-17 23:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-05-17 23:14 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-05-17 23:13 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-05-17 23:13 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-05-17 23:13 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-05-17 23:13 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-05-17 23:13 . 2008-05-30 12:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-05-17 23:13 . 2008-05-30 12:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-05-17 23:13 . 2008-05-30 12:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2010-05-17 23:12 . 2008-05-30 12:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-05-17 23:12 . 2008-05-30 12:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-05-17 23:12 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-05-17 23:12 . 2008-03-05 14:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-05-17 23:12 . 2008-03-05 14:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-05-17 23:12 . 2008-03-05 14:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-05-17 23:12 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-05-17 23:12 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-05-17 23:12 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-05-17 23:11 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2010-05-17 23:11 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2010-05-17 23:11 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2010-05-17 23:11 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2010-05-17 23:09 . 2010-05-17 23:09 -------- d-----w- c:\windows\Logs
2010-05-17 21:28 . 2010-05-17 21:28 -------- d-----w- C:\MoTemp
2010-05-13 21:11 . 2010-05-13 21:11 -------- d-----w- c:\program files\Alcohol Soft
2010-05-13 21:04 . 2010-05-13 21:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-05 17:38 . 2010-05-05 17:39 -------- d-----w- c:\program files\ProShow MediaSource - Wedding Essentials
2010-04-28 13:03 . 2010-04-28 13:03 -------- d-----w- c:\program files\proDAD
2010-04-28 13:03 . 2010-04-28 13:03 -------- d-----w- c:\program files\LooksBuilderSE
2010-04-28 13:02 . 2003-01-20 07:08 49152 ----a-w- c:\windows\system32\CvoAPI.dll
2010-04-28 12:42 . 2010-04-28 13:00 -------- d-----w- c:\program files\Pinnacle
2010-04-28 12:11 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2010-04-28 12:11 . 2008-04-13 22:16 51200 ----a-w- c:\windows\system32\drivers\msdv.sys
2010-04-28 12:11 . 2008-04-13 22:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2010-04-28 12:11 . 2008-04-13 22:16 38912 ----a-w- c:\windows\system32\drivers\avc.sys
2010-04-28 12:11 . 2008-04-13 22:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2010-04-28 12:11 . 2008-04-13 22:16 48128 ----a-w- c:\windows\system32\drivers\61883.sys
2010-04-23 16:31 . 2010-04-23 16:31 106432 -c--a-w- c:\windows\system32\drivers\AnyDVD.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-23 13:33 . 2003-04-16 12:00 540584 ----a-w- c:\windows\system32\perfh005.dat
2010-05-23 13:33 . 2003-04-16 12:00 131128 ----a-w- c:\windows\system32\perfc005.dat
2010-05-20 15:41 . 2006-04-24 08:42 -------- d-----r- c:\program files\Sony
2010-05-20 14:58 . 2008-11-22 13:11 -------- d-----w- c:\program files\Java
2010-05-19 19:23 . 2006-04-20 10:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-19 18:13 . 2009-10-30 18:01 -------- d-----w- c:\program files\NewBlue
2010-05-19 13:38 . 2006-04-19 23:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-18 10:29 . 2007-02-04 12:24 -------- d-----w- c:\program files\Ashampoo
2010-05-18 09:49 . 2009-12-08 15:15 -------- d-----w- c:\program files\Creative
2010-05-18 09:48 . 2005-12-08 10:12 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-05-18 09:48 . 2003-06-20 03:36 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-05-17 21:30 . 2008-09-22 15:40 -------- d-----w- c:\program files\particleIllusion_3
2010-05-13 22:11 . 2009-07-14 18:11 -------- d-----w- c:\program files\PowerISO
2010-05-13 17:04 . 2008-09-26 22:10 -------- d-----w- c:\program files\FLAC
2010-05-06 17:47 . 2006-09-27 20:22 -------- d-----w- c:\program files\Canon
2010-05-05 17:53 . 2007-04-22 10:14 -------- d-----w- c:\program files\Photodex
2010-05-03 15:23 . 2007-07-28 16:28 -------- d-----w- c:\program files\Boris FX, Inc
2010-04-30 12:31 . 2009-10-15 19:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2009-10-15 19:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-10-15 19:18 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 21:56 . 2007-11-28 23:49 -------- d-----w- c:\program files\CCleaner
2010-04-24 12:38 . 2010-01-25 22:50 -------- d-----w- c:\program files\IObit
2010-04-14 12:05 . 2009-10-30 19:54 -------- d-----w- c:\program files\uTorrent
2010-04-12 08:44 . 2010-04-12 08:44 59388 -c--a-w- c:\windows\system32\drivers\scdemu.sys
2010-03-19 13:31 . 2010-03-19 13:31 89256 -c--a-w- c:\windows\system32\ElbyCDIO.dll
2010-03-18 18:50 . 2010-03-18 18:50 15960 ----a-w- c:\windows\system32\drivers\pfmodnt.sys
2010-03-18 18:50 . 2010-03-18 18:50 189528 ----a-w- c:\windows\system32\drivers\haP17v2k.sys
2010-03-18 18:50 . 2010-03-18 18:50 162904 ----a-w- c:\windows\system32\drivers\haP16v2k.sys
2010-03-18 18:49 . 2010-03-18 18:49 798808 ----a-w- c:\windows\system32\drivers\ha10kx2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 92760 ----a-w- c:\windows\system32\drivers\emupia2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 157272 ----a-w- c:\windows\system32\drivers\ctsfm2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 14424 ----a-w- c:\windows\system32\drivers\ctprxy2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 127576 ----a-w- c:\windows\system32\drivers\ctoss2k.sys
2010-03-18 18:41 . 2010-03-18 18:41 1372888 ----a-w- c:\windows\system32\drivers\CTMMFILT.SYS
2010-03-18 18:40 . 2010-03-18 18:40 18904 ----a-w- c:\windows\system32\drivers\CTGAME.SYS
2010-03-18 18:40 . 2010-03-18 18:40 347144 ----a-w- c:\windows\system32\drivers\ctdvda2k.sys
2010-03-18 18:40 . 2010-03-18 18:40 528472 ----a-w- c:\windows\system32\drivers\ctaud2k.sys
2010-03-18 18:40 . 2010-03-18 18:40 511064 ----a-w- c:\windows\system32\drivers\ctac32k.sys
2010-03-18 18:40 . 2010-03-18 18:40 1366488 ----a-w- c:\windows\system32\drivers\CT0531FL.SYS
2010-03-18 18:39 . 2010-03-18 18:39 100952 ----a-w- c:\windows\system32\drivers\CTERFXFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 566360 ----a-w- c:\windows\system32\drivers\CTSBLFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 555096 ----a-w- c:\windows\system32\drivers\CTAUDFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 99416 ----a-w- c:\windows\system32\drivers\COMMONFX.sys
2010-03-18 17:19 . 2010-03-18 17:19 43520 ----a-w- c:\windows\system32\CTBurst.dll
2010-03-18 17:19 . 2010-03-18 17:19 11776 ----a-w- c:\windows\system32\inres.dll
2010-03-18 17:19 . 2010-03-18 17:19 11776 ----a-w- c:\windows\INRES.DLL
2010-03-18 17:19 . 2009-09-23 17:19 182272 ----a-w- c:\windows\system32\ctdvinst.dll
2010-03-18 17:19 . 2009-09-23 17:19 86528 ----a-w- c:\windows\system32\ctcoinst.dll
2010-03-18 17:18 . 2010-03-18 17:18 10752 ----a-w- c:\windows\system32\a3d.dll
2010-03-18 17:18 . 2010-03-18 17:18 11776 ----a-w- c:\windows\system32\ac3api.dll
2010-03-18 17:07 . 2010-03-18 17:07 51787 ----a-w- c:\windows\system32\ctdlang.dat
2010-03-18 17:07 . 2010-03-18 17:07 386852 ----a-w- c:\windows\system32\ctdnlstr.dat
2010-03-18 17:07 . 2010-03-18 17:07 196096 ----a-w- c:\windows\system32\ctemupia.dll
2010-03-18 17:04 . 2010-03-18 17:04 176128 ----a-w- c:\windows\system32\ct_oal.dll
2010-03-18 17:04 . 2010-03-18 17:04 46592 ----a-w- c:\windows\system32\ctasio.dll
2010-03-18 17:04 . 2010-03-18 17:04 49152 ----a-w- c:\windows\system32\ctdproxy.dll
2010-03-18 17:03 . 2010-03-18 17:03 69632 ----a-w- c:\windows\system32\ctosuser.dll
2010-03-18 17:03 . 2010-03-18 17:03 6144 ----a-w- c:\windows\system32\sfman32.dll
2010-03-18 17:03 . 2010-03-18 17:03 125952 ----a-w- c:\windows\system32\sfms32.dll
2010-03-18 17:03 . 2010-03-18 17:03 13312 ----a-w- c:\windows\system32\regplib.exe
2010-03-18 17:03 . 2010-03-18 17:03 64512 ----a-w- c:\windows\system32\piaproxy.dll
2010-03-18 17:02 . 2010-03-18 17:02 149838 ----a-w- c:\windows\system32\ctbas2w.dat
2010-03-18 17:00 . 2010-03-18 17:00 274587 ----a-w- c:\windows\system32\ctsbas2w.dat
2010-03-18 17:00 . 2010-03-18 17:00 241084 ----a-w- c:\windows\system32\CTSBASW.DAT
2010-03-18 17:00 . 2010-03-18 17:00 115166 ----a-w- c:\windows\system32\CTBASICW.DAT
2010-03-18 16:59 . 2010-03-18 16:59 53932 ----a-w- c:\windows\system32\ctdaught.dat
2010-03-18 16:59 . 2010-03-18 16:59 313207 ----a-w- c:\windows\system32\ctstatic.dat
2010-03-18 16:59 . 2010-03-18 16:59 5120 ----a-w- c:\windows\system32\enlocstr.exe
2010-03-18 16:59 . 2010-03-18 16:59 10240 ----a-w- c:\windows\system32\killapps.exe
2010-03-18 16:59 . 2010-03-18 16:59 28672 ----a-w- c:\windows\system32\MIDIDEF.EXE
2010-03-18 16:59 . 2010-03-18 16:59 33792 ----a-w- c:\windows\system32\devreg.dll
2010-03-12 12:55 . 2010-03-12 12:55 17772264 ----a-w- c:\windows\system32\AppSetup.exe
2010-03-10 06:17 . 2008-04-14 12:00 420352 ------w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-04-14 12:00 455680 ------w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-05 06:36 . 2009-11-29 20:34 2003456 ----a-w- c:\program files\Common Files\Boris RED.msi
2009-01-09 00:50 . 2009-01-09 00:50 604 -c-ha-w- c:\program files\STLL Notifier
2004-06-21 12:23 . 2003-12-27 12:05 1319424 -c--a-w- c:\program files\MysticalTTC.exe
2003-12-04 16:01 . 2003-12-27 12:05 1419264 -c--a-w- c:\program files\Mystical_PlugIn_TTC.8bf
2001-07-17 15:15 . 2002-09-19 11:20 66680 -c--a-w- c:\program files\ARDS1.ttf
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"Module Loader"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\ASUS\Bluetooth Software\BTTray.exe [2007-11-1 576104]
Monitor.lnk - c:\program files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2009-6-16 114688]
TabUserW.exe.lnk - c:\windows\system32\Wtablet\TabUserW.exe [2003-12-4 106496]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDet
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTsysVol
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Microsoft Expression\\Media Reader 1.0\\MediaReader.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:*:Disabled:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 3:04 116264]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [30.11.2008 23:15 20864]
R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [30.11.2008 23:15 4608]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 8:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 8:26 96408]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 15:00 15872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 8:24 735960]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [15.10.2009 21:18 304464]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15.10.2009 21:18 20952]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.5.2010 23:04 691696]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [18.5.2010 11:49 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [16.6.2009 12:30 6016]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.2.2010 16:14 27064]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [21.6.2009 0:06 23600]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [14.6.2009 18:59 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-05-23 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-01-25 12:11]

2010-05-18 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-01-25 11:38]

2010-04-27 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-04-24 10:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredimail.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\ASUS\Bluetooth Software\btsendto_ie.htm
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www.update
FF - ProfilePath - c:\documents and settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_ ... ne&search=
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Photodex Presenter\npPxPlay.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-CTFMON - (no file)

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-23 15:40
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(936)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-05-23 15:42:34
ComboFix-quarantined-files.txt 2010-05-23 13:42

Před spuštěním: 6 360 485 888
Po spuštění: 6 309 392 384

- - End Of File - - 4EA7B801B6AEC183D7A0C785E741D163

Příspěvekod **jaro3** » 23 kvě 2010 16:19

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

File::
c:\windows\system32\edacded0.dat

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-

DDS::
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: microsoft.com\www.update

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Alan-K · Příspěvekod **Alan-K** » 23 kvě 2010 16:55

ComboFix 10-05-22.03 - Alan 23.05.2010 16:41:35.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2047.1574 [GMT 2:00]
Spuštěný z: c:\documents and settings\Alan\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Alan\Plocha\CFScript.txt
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý

FILE ::
"c:\windows\system32\edacded0.dat"
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\edacded0.dat

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-04-23 do 2010-05-23 )))))))))))))))))))))))))))))))
.

2010-05-20 15:37 . 2010-05-20 15:37 -------- d-----w- c:\program files\Sony Setup
2010-05-20 14:59 . 2010-05-20 14:58 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-20 09:41 . 2010-05-20 09:42 -------- d-----w- c:\program files\XP Codec Pack
2010-05-19 19:29 . 2010-05-19 19:29 -------- d-----w- c:\windows\system32\wbem\Repository
2010-05-19 14:44 . 2010-05-19 14:46 -------- d-----w- c:\program files\QuickTime
2010-05-19 14:44 . 2010-05-19 14:44 -------- d-----w- c:\program files\Common Files\Apple
2010-05-19 13:37 . 2010-05-19 13:45 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2010-05-18 21:05 . 2010-05-18 21:05 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-18 18:30 . 2010-05-18 18:30 -------- d-----w- c:\program files\AnalogX
2010-05-18 17:27 . 2010-05-18 17:50 -------- d-----w- c:\program files\jv16 PowerTools 2009
2010-05-18 09:49 . 2010-05-18 09:49 -------- d-----w- c:\program files\Common Files\Creative Labs Shared
2010-05-17 23:17 . 2010-02-04 08:01 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll
2010-05-17 23:17 . 2010-02-04 08:01 528216 ----a-w- c:\windows\system32\XAudio2_6.dll
2010-05-17 23:17 . 2010-02-04 08:01 238936 ----a-w- c:\windows\system32\xactengine3_6.dll
2010-05-17 23:16 . 2010-02-04 08:01 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll
2010-05-17 23:16 . 2009-09-04 15:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2010-05-17 23:16 . 2009-09-04 15:44 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2010-05-17 23:16 . 2009-09-04 15:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll
2010-05-17 23:16 . 2009-09-04 15:29 5501792 ----a-w- c:\windows\system32\d3dcsx_42.dll
2010-05-17 23:16 . 2009-09-04 15:29 235344 ----a-w- c:\windows\system32\d3dx11_42.dll
2010-05-17 23:15 . 2009-09-04 15:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll
2010-05-17 23:15 . 2009-09-04 15:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-05-17 23:15 . 2009-03-09 13:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2010-05-17 23:15 . 2009-03-09 13:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2010-05-17 23:15 . 2009-03-09 13:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-05-17 23:15 . 2009-09-04 15:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2010-05-17 23:15 . 2009-03-16 12:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2010-05-17 23:15 . 2009-03-16 12:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2010-05-17 23:15 . 2009-03-16 12:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2010-05-17 23:15 . 2008-10-15 04:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2010-05-17 23:15 . 2008-10-15 04:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2010-05-17 23:14 . 2008-10-15 04:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2010-05-17 23:14 . 2008-10-27 08:04 514384 ----a-w- c:\windows\system32\XAudio2_3.dll
2010-05-17 23:14 . 2008-10-27 08:04 70992 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2010-05-17 23:14 . 2008-10-27 08:04 235856 ----a-w- c:\windows\system32\xactengine3_3.dll
2010-05-17 23:14 . 2008-10-27 08:04 23376 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2010-05-17 23:14 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-05-17 23:14 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-05-17 23:14 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-05-17 23:13 . 2008-07-10 09:00 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-05-17 23:13 . 2008-07-10 09:01 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-05-17 23:13 . 2008-07-10 09:00 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-05-17 23:13 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-05-17 23:13 . 2008-05-30 12:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-05-17 23:13 . 2008-05-30 12:18 238088 ----a-w- c:\windows\system32\xactengine3_1.dll
2010-05-17 23:13 . 2008-05-30 12:17 25608 ----a-w- c:\windows\system32\X3DAudio1_4.dll
2010-05-17 23:12 . 2008-05-30 12:11 467984 ----a-w- c:\windows\system32\d3dx10_38.dll
2010-05-17 23:12 . 2008-05-30 12:11 1491992 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2010-05-17 23:12 . 2008-05-30 12:11 3850760 ----a-w- c:\windows\system32\D3DX9_38.dll
2010-05-17 23:12 . 2008-03-05 14:03 479752 ----a-w- c:\windows\system32\XAudio2_0.dll
2010-05-17 23:12 . 2008-03-05 14:03 238088 ----a-w- c:\windows\system32\xactengine3_0.dll
2010-05-17 23:12 . 2008-03-05 14:00 25608 ----a-w- c:\windows\system32\X3DAudio1_3.dll
2010-05-17 23:12 . 2008-03-05 13:56 1420824 ----a-w- c:\windows\system32\D3DCompiler_37.dll
2010-05-17 23:12 . 2008-02-05 21:07 462864 ----a-w- c:\windows\system32\d3dx10_37.dll
2010-05-17 23:12 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll
2010-05-17 23:11 . 2007-10-22 01:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
2010-05-17 23:11 . 2007-10-12 13:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2010-05-17 23:11 . 2007-10-02 07:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2010-05-17 23:11 . 2007-10-12 13:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2010-05-17 23:09 . 2010-05-17 23:09 -------- d-----w- c:\windows\Logs
2010-05-17 21:28 . 2010-05-17 21:28 -------- d-----w- C:\MoTemp
2010-05-13 21:11 . 2010-05-13 21:11 -------- d-----w- c:\program files\Alcohol Soft
2010-05-13 21:04 . 2010-05-13 21:04 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-05-05 17:38 . 2010-05-05 17:39 -------- d-----w- c:\program files\ProShow MediaSource - Wedding Essentials
2010-04-28 13:03 . 2010-04-28 13:03 -------- d-----w- c:\program files\proDAD
2010-04-28 13:03 . 2010-04-28 13:03 -------- d-----w- c:\program files\LooksBuilderSE
2010-04-28 13:02 . 2003-01-20 07:08 49152 ----a-w- c:\windows\system32\CvoAPI.dll
2010-04-28 12:42 . 2010-04-28 13:00 -------- d-----w- c:\program files\Pinnacle
2010-04-28 12:11 . 2008-04-13 22:16 51200 -c--a-w- c:\windows\system32\dllcache\msdv.sys
2010-04-28 12:11 . 2008-04-13 22:16 51200 ----a-w- c:\windows\system32\drivers\msdv.sys
2010-04-28 12:11 . 2008-04-13 22:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys
2010-04-28 12:11 . 2008-04-13 22:16 38912 ----a-w- c:\windows\system32\drivers\avc.sys
2010-04-28 12:11 . 2008-04-13 22:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys
2010-04-28 12:11 . 2008-04-13 22:16 48128 ----a-w- c:\windows\system32\drivers\61883.sys
2010-04-23 16:31 . 2010-04-23 16:31 106432 -c--a-w- c:\windows\system32\drivers\AnyDVD.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-23 14:43 . 2003-04-16 12:00 540584 ----a-w- c:\windows\system32\perfh005.dat
2010-05-23 14:43 . 2003-04-16 12:00 131128 ----a-w- c:\windows\system32\perfc005.dat
2010-05-20 15:41 . 2006-04-24 08:42 -------- d-----r- c:\program files\Sony
2010-05-20 14:58 . 2008-11-22 13:11 -------- d-----w- c:\program files\Java
2010-05-19 19:23 . 2006-04-20 10:16 -------- d-----w- c:\program files\Common Files\Adobe
2010-05-19 18:13 . 2009-10-30 18:01 -------- d-----w- c:\program files\NewBlue
2010-05-19 13:38 . 2006-04-19 23:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-18 10:29 . 2007-02-04 12:24 -------- d-----w- c:\program files\Ashampoo
2010-05-18 09:49 . 2009-12-08 15:15 -------- d-----w- c:\program files\Creative
2010-05-18 09:48 . 2005-12-08 10:12 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-05-18 09:48 . 2003-06-20 03:36 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-05-17 21:30 . 2008-09-22 15:40 -------- d-----w- c:\program files\particleIllusion_3
2010-05-13 22:11 . 2009-07-14 18:11 -------- d-----w- c:\program files\PowerISO
2010-05-13 17:04 . 2008-09-26 22:10 -------- d-----w- c:\program files\FLAC
2010-05-06 17:47 . 2006-09-27 20:22 -------- d-----w- c:\program files\Canon
2010-05-05 17:53 . 2007-04-22 10:14 -------- d-----w- c:\program files\Photodex
2010-05-03 15:23 . 2007-07-28 16:28 -------- d-----w- c:\program files\Boris FX, Inc
2010-04-30 12:31 . 2009-10-15 19:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-29 13:39 . 2009-10-15 19:18 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-10-15 19:18 20952 -c--a-w- c:\windows\system32\drivers\mbam.sys
2010-04-27 21:56 . 2007-11-28 23:49 -------- d-----w- c:\program files\CCleaner
2010-04-24 12:38 . 2010-01-25 22:50 -------- d-----w- c:\program files\IObit
2010-04-14 12:05 . 2009-10-30 19:54 -------- d-----w- c:\program files\uTorrent
2010-04-12 08:44 . 2010-04-12 08:44 59388 -c--a-w- c:\windows\system32\drivers\scdemu.sys
2010-03-19 13:31 . 2010-03-19 13:31 89256 -c--a-w- c:\windows\system32\ElbyCDIO.dll
2010-03-18 18:50 . 2010-03-18 18:50 15960 ----a-w- c:\windows\system32\drivers\pfmodnt.sys
2010-03-18 18:50 . 2010-03-18 18:50 189528 ----a-w- c:\windows\system32\drivers\haP17v2k.sys
2010-03-18 18:50 . 2010-03-18 18:50 162904 ----a-w- c:\windows\system32\drivers\haP16v2k.sys
2010-03-18 18:49 . 2010-03-18 18:49 798808 ----a-w- c:\windows\system32\drivers\ha10kx2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 92760 ----a-w- c:\windows\system32\drivers\emupia2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 157272 ----a-w- c:\windows\system32\drivers\ctsfm2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 14424 ----a-w- c:\windows\system32\drivers\ctprxy2k.sys
2010-03-18 18:45 . 2010-03-18 18:45 127576 ----a-w- c:\windows\system32\drivers\ctoss2k.sys
2010-03-18 18:41 . 2010-03-18 18:41 1372888 ----a-w- c:\windows\system32\drivers\CTMMFILT.SYS
2010-03-18 18:40 . 2010-03-18 18:40 18904 ----a-w- c:\windows\system32\drivers\CTGAME.SYS
2010-03-18 18:40 . 2010-03-18 18:40 347144 ----a-w- c:\windows\system32\drivers\ctdvda2k.sys
2010-03-18 18:40 . 2010-03-18 18:40 528472 ----a-w- c:\windows\system32\drivers\ctaud2k.sys
2010-03-18 18:40 . 2010-03-18 18:40 511064 ----a-w- c:\windows\system32\drivers\ctac32k.sys
2010-03-18 18:40 . 2010-03-18 18:40 1366488 ----a-w- c:\windows\system32\drivers\CT0531FL.SYS
2010-03-18 18:39 . 2010-03-18 18:39 100952 ----a-w- c:\windows\system32\drivers\CTERFXFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 566360 ----a-w- c:\windows\system32\drivers\CTSBLFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 555096 ----a-w- c:\windows\system32\drivers\CTAUDFX.sys
2010-03-18 18:39 . 2010-03-18 18:39 99416 ----a-w- c:\windows\system32\drivers\COMMONFX.sys
2010-03-18 17:19 . 2010-03-18 17:19 43520 ----a-w- c:\windows\system32\CTBurst.dll
2010-03-18 17:19 . 2010-03-18 17:19 11776 ----a-w- c:\windows\system32\inres.dll
2010-03-18 17:19 . 2010-03-18 17:19 11776 ----a-w- c:\windows\INRES.DLL
2010-03-18 17:19 . 2009-09-23 17:19 182272 ----a-w- c:\windows\system32\ctdvinst.dll
2010-03-18 17:19 . 2009-09-23 17:19 86528 ----a-w- c:\windows\system32\ctcoinst.dll
2010-03-18 17:18 . 2010-03-18 17:18 10752 ----a-w- c:\windows\system32\a3d.dll
2010-03-18 17:18 . 2010-03-18 17:18 11776 ----a-w- c:\windows\system32\ac3api.dll
2010-03-18 17:07 . 2010-03-18 17:07 51787 ----a-w- c:\windows\system32\ctdlang.dat
2010-03-18 17:07 . 2010-03-18 17:07 386852 ----a-w- c:\windows\system32\ctdnlstr.dat
2010-03-18 17:07 . 2010-03-18 17:07 196096 ----a-w- c:\windows\system32\ctemupia.dll
2010-03-18 17:04 . 2010-03-18 17:04 176128 ----a-w- c:\windows\system32\ct_oal.dll
2010-03-18 17:04 . 2010-03-18 17:04 46592 ----a-w- c:\windows\system32\ctasio.dll
2010-03-18 17:04 . 2010-03-18 17:04 49152 ----a-w- c:\windows\system32\ctdproxy.dll
2010-03-18 17:03 . 2010-03-18 17:03 69632 ----a-w- c:\windows\system32\ctosuser.dll
2010-03-18 17:03 . 2010-03-18 17:03 6144 ----a-w- c:\windows\system32\sfman32.dll
2010-03-18 17:03 . 2010-03-18 17:03 125952 ----a-w- c:\windows\system32\sfms32.dll
2010-03-18 17:03 . 2010-03-18 17:03 13312 ----a-w- c:\windows\system32\regplib.exe
2010-03-18 17:03 . 2010-03-18 17:03 64512 ----a-w- c:\windows\system32\piaproxy.dll
2010-03-18 17:02 . 2010-03-18 17:02 149838 ----a-w- c:\windows\system32\ctbas2w.dat
2010-03-18 17:00 . 2010-03-18 17:00 274587 ----a-w- c:\windows\system32\ctsbas2w.dat
2010-03-18 17:00 . 2010-03-18 17:00 241084 ----a-w- c:\windows\system32\CTSBASW.DAT
2010-03-18 17:00 . 2010-03-18 17:00 115166 ----a-w- c:\windows\system32\CTBASICW.DAT
2010-03-18 16:59 . 2010-03-18 16:59 53932 ----a-w- c:\windows\system32\ctdaught.dat
2010-03-18 16:59 . 2010-03-18 16:59 313207 ----a-w- c:\windows\system32\ctstatic.dat
2010-03-18 16:59 . 2010-03-18 16:59 5120 ----a-w- c:\windows\system32\enlocstr.exe
2010-03-18 16:59 . 2010-03-18 16:59 10240 ----a-w- c:\windows\system32\killapps.exe
2010-03-18 16:59 . 2010-03-18 16:59 28672 ----a-w- c:\windows\system32\MIDIDEF.EXE
2010-03-18 16:59 . 2010-03-18 16:59 33792 ----a-w- c:\windows\system32\devreg.dll
2010-03-12 12:55 . 2010-03-12 12:55 17772264 ----a-w- c:\windows\system32\AppSetup.exe
2010-03-10 06:17 . 2008-04-14 12:00 420352 ------w- c:\windows\system32\vbscript.dll
2010-02-25 06:18 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-04-14 12:00 455680 ------w- c:\windows\system32\drivers\mrxsmb.sys
2009-06-05 06:36 . 2009-11-29 20:34 2003456 ----a-w- c:\program files\Common Files\Boris RED.msi
2009-01-09 00:50 . 2009-01-09 00:50 604 -c-ha-w- c:\program files\STLL Notifier
2004-06-21 12:23 . 2003-12-27 12:05 1319424 -c--a-w- c:\program files\MysticalTTC.exe
2003-12-04 16:01 . 2003-12-27 12:05 1419264 -c--a-w- c:\program files\Mystical_PlugIn_TTC.8bf
2001-07-17 15:15 . 2002-09-19 11:20 66680 -c--a-w- c:\program files\ARDS1.ttf
.

((((((((((((((((((((((((((((( SnapShot@2010-05-23_13.40.25 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-05-23 14:39 . 2010-05-23 14:39 16384 c:\windows\temp\Perflib_Perfdata_224.dat
+ 2003-04-16 12:00 . 2010-05-23 14:43 545352 c:\windows\system32\perfh009.dat
- 2003-04-16 12:00 . 2010-05-23 13:33 545352 c:\windows\system32\perfh009.dat
+ 2003-04-16 12:00 . 2010-05-23 14:43 116888 c:\windows\system32\perfc009.dat
- 2003-04-16 12:00 . 2010-05-23 13:33 116888 c:\windows\system32\perfc009.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 85160]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-09-11 2054360]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 57344]
"Module Loader"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"AudioDrvEmulator"="c:\program files\Creative\Shared Files\Module Loader\DLLML.exe" [2007-07-23 57344]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth.lnk - c:\program files\ASUS\Bluetooth Software\BTTray.exe [2007-11-1 576104]
Monitor.lnk - c:\program files\SanDisk\SanDisk TransferMate\SD Monitor.exe [2009-6-16 114688]
TabUserW.exe.lnk - c:\windows\system32\Wtablet\TabUserW.exe [2003-12-4 106496]

c:\documents and settings\Alan\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2000-8-24 110592]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\Microsoft Expression\\Media Reader 1.0\\MediaReader.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\My Mobile\\MyMobiler\\MyMobiler.exe"=
"c:\\Program Files\\IncrediMail\\Bin\\IncMail.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\WINDOWS\\system32\\ftp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:*:Disabled:Adobe CSI CS4
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 SI3112r;Silicon Image SiI 3512 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [29.8.2007 3:04 116264]
R1 cdrblock;cdrblock;c:\windows\system32\drivers\cdrblock.sys [30.11.2008 23:15 20864]
R1 cdrport;cdrport;c:\windows\system32\drivers\cdrport.sys [30.11.2008 23:15 4608]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 8:23 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 8:26 96408]
R1 VD_FileDisk;VD_FileDisk;c:\windows\system32\drivers\vd_filedisk.sys [13.1.2006 15:00 15872]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 8:24 735960]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [15.10.2009 21:18 304464]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [15.10.2009 21:18 20952]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [13.5.2010 23:04 691696]
S3 ASUSHWIO;ASUSHWIO;\??\c:\windows\system32\drivers\ASUSHWIO.sys --> c:\windows\system32\drivers\ASUSHWIO.sys [?]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [18.3.2010 20:39 99416]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [18.5.2010 11:49 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [18.3.2010 20:39 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [18.3.2010 20:39 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [18.3.2010 20:39 566360]
S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [16.6.2009 12:30 6016]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [18.2.2010 16:14 27064]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [21.6.2009 0:06 23600]
S3 viafilter;VIA USB Filter;c:\windows\system32\drivers\viausb1.sys [14.6.2009 18:59 9728]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-10-16 11:49 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'

2010-05-23 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2010-01-25 12:11]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://mystart.incredimail.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Send to &Bluetooth Device... - c:\program files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\ASUS\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Alan\Data aplikací\Mozilla\Firefox\Profiles\edmvs930.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - www.google.cz
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_ ... ne&search=
FF - prefs.js: network.proxy.type - 1
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Photodex Presenter\npPxPlay.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************
skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory:

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(936)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Celkový čas: 2010-05-23 16:52:19
ComboFix-quarantined-files.txt 2010-05-23 14:52
ComboFix2.txt 2010-05-23 13:42

Před spuštěním: 6 238 855 168
Po spuštění: 6 186 541 056

- - End Of File - - 058F6B9566FFF375E6E05709308F97F4

Příspěvekod **jaro3** » 23 kvě 2010 18:26

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

Ještě nový log z HJT.

Jak se chová PC (problémy) ?

prosím o kontrolu Logu Vyřešeno

prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Re: prosím o kontrolu Logu

Kdo je online